JAAS and WebLogic 10.3: Granting specific codebase permissions to a JAR bundled within an EAR
Posted
by Jason
on Stack Overflow
See other posts from Stack Overflow
or by Jason
Published on 2010-04-02T14:18:12Z
Indexed on
2010/04/02
14:23 UTC
Read the original article
Hit count: 397
Here's my scenario:
I have a JAR within the APP-INF/lib of my EAR, to be deployed within WebLogic 10g Release 3 against which I wish to grant specific permissions.
e.g.,
grant codebase "file:/c:/somedir/my.jar" {
permission java.net.SocketPermission "*:-","accept,connect,listen, resolve";
permission java.net.SocketPermission "localhost:-","accept,connect,listen,resolve";
permission java.net.SocketPermission "127.0.0.1:-","accept,connect,listen,resolve";
permission java.net.SocketPermission "230.0.0.1:-","accept,connect,listen,resolve";
permission java.util.PropertyPermission "*", "read,write";
permission java.lang.RuntimePermission "*";
permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
permission javax.security.auth.AuthPermission "*";
permission java.security.SecurityPermission "*";
};
Questions:
Where is the best place to define this grant - in the java.policy of the JRE, WL server's weblogic.policy, or within a XML packaged within the EAR
How do I define the codebase URL to the JAR? The examples I have seen have an explicit reference to the JAR on the file system, however I am deploying the JAR packaged up within an EAR.
Thanks!
© Stack Overflow or respective owner