Recently I had to enable a Java custom security provider implemented by a customer. The implementation is based on a set of JAR files included into Java Collaborations, providing some special signing and hashing security features.
To have that libraries working I just had to add few lines to the server.policy file, which resides into:
logicalhost\is\domains\domain1\configbeing domain1 my target domain. The JAR files were put into
logicalhost\is\domains\domain1\lib\ext
Below the additional permissions fragment:
// Basic set of required permissions granted to all remaining code
grant {
...
// Java CAPS needs these permissions so that the Bouncy Castle provider can be used
permission java.security.SecurityPermission "insertProvider.BC";
permission java.security.SecurityPermission "removeProvider.BC";
permission java.security.SecurityPermission "putProviderProperty.BC";
//----------------------------------------------------------------------------
// "InnoSec" custom security provider
//----------------------------------------------------------------------------
permission java.security.SecurityPermission "insertProvider.InnoSec";
permission java.security.SecurityPermission "removeProvider.InnoSec";
permission java.security.SecurityPermission "putProviderProperty.InnoSec";
//----------------------------------------------------------------------------
...
Posts
0 commenti:
Post a Comment