Configure the server.policy file

The server.policy file is a default policy file for the server. If the default permissions for the server are adequate, no action is required. If a specific change is required to some of the server programs on a node, update the server.policy file. If you want to add permissions to an application, use the app.policy and was.policy files.

If some server programs on a node require permissions that are not defined as defaults in the java.policy file and the server.policy file, use the policy tool to update the server.policy file. To decide whether to add a permission, see AccessControlException.

The server.policy file is located in the /QIBM/UserData/WebASE/ASE5/instanceName/properties directory where instanceName is the name of your instance. It contains these default permissions:

  grant codeBase "file:${was.install.root}/java/extlib/-" {
    permission java.security.AllPermission;
  };

  grant codeBase "file:${was.install.root}/java/tools/ibmtools.jar" {
    permission java.security.AllPermission;
  };

  grant codeBase "file:/QIBM/ProdData/Java400/jdk13/lib/tools.jar" {
    permission java.security.AllPermission;
  };

  grant codeBase "file:${was.install.root}/lib/-" {
    permission java.security.AllPermission;
  };

  grant codeBase "file:${was.install.root}/classes/-" {
    permission java.security.AllPermission;
  };

  grant codeBase "file:${was.install.root}/deploytool/-" {
    permission java.security.AllPermission;
  };

Use the policy tool to modify the server.policy file. For more information, see Create and edit policy files with the policy tool.

After you have updated the server.policy file, restart all of the Java processes for the updated server.policy file to take effect.