I enabled the ServletExec Security Manager from the SE Admin UI, and then reinitialized ServletExec. Now I am getting Security Exceptions every time ServletExec receives a request. What is wrong?
The permission settings that you can set on the Servlet Security page of the SE Admin UI are really only valid for JDK 1.1.x.
JDK 1.2 and newer adds many other security settings that cannot be set from the SE Admin UI. This means that when you enable a Security Manager while running JVM 1.2 or newer, that you must also edit the java.policy file that is currently being used by that JVM so that code running within that JVM will have the necessary permissions to do what is required. First do a test by adding:
to your java.policy file.
If this fixes the problem then you will know it is an issue involving java.policy. If you then decide to use a more fine-grained approach to granting permissions...
Information about java.policy syntax may be found at:
If you enabled this feature by accident and don't want it enabled anymore then do this:
An alternative to step #2 given above is to open VMSettings.pref in a plain text editor and edit the securityManager line so that it reads: