Application Server Solutions for Microsoft IIS and ASP.NET
       solutions   products   partners   company   support   downloads         store
JTurbo Self-Help: FAQ
Back to Search >  Back to Search Results

Faq ID 111
Product ServletExec
Category Security
Question I enabled the ServletExec Security Manager from the SE Admin UI, and then reinitialized ServletExec. Now I am getting Security Exceptions every time ServletExec receives a request. What is wrong?
Answer The permission settings that you can set on the Servlet Security page of the SE Admin UI are really only valid for JDK 1.1.x.
JDK 1.2 and newer adds many other security settings that cannot be set from the SE Admin UI. This means that when you enable a Security Manager while running JVM 1.2 or newer, that you must also edit the java.policy file that is currently being used by that JVM so that code running within that JVM will have the necessary permissions to do what is required. First do a test by adding:

grant {
permission java.security.AllPermission;
};

to your java.policy file.
If this fixes the problem then you will know it is an issue involving java.policy. If you then decide to use a more fine-grained approach to granting permissions...
Information about java.policy syntax may be found at: http://java.sun.com/j2se/1.3/docs/guide/security/index.html

Note:
If you enabled this feature by accident and don't want it enabled anymore then do this:
  1. Stop ServletExec
  2. delete VMSettings.pref
  3. Restart ServletExec

An alternative to step #2 given above is to open VMSettings.pref in a plain text editor and edit the securityManager line so that it reads:
securityManager=null



   
company media information terms of use privacy policy contact us