69 lines
4.5 KiB
HTML
69 lines
4.5 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
|
|
|
|
<title>Create and edit policy files with the policy tool</title>
|
|
</head>
|
|
|
|
<BODY>
|
|
<!-- Java sync-link -->
|
|
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
|
|
|
|
<h3><a name="seccupol"></a>Create and edit policy files with the policy tool</h3>
|
|
|
|
<p>Java 2 Security uses several policy files to determine the granted permission for each Java program. The Java development kit and the Java runtime environment provides the policytool graphical application to edit these policy files. While the policy tool is available as part of the iSeries IBM Developer Kit for Java, it is recommended that you run the policy tool on a workstation. The policy tool is located in the <tt>bin</tt> subdirectory of the Java development kit installation root or the Java runtime environment installation root.</p>
|
|
|
|
<p>It is recommended that you always use this tool to edit any policy file to guarantee the syntax of its contents. Syntax errors in the policy file causes an AccessControlException during server startup and application run time. Identifying the cause of an AccessControlException is not an easy task. Extreme care should be taken when editing these policy files.</p>
|
|
|
|
<ol>
|
|
<li><p>Start the policy tool from a command prompt. For example, on a Windows 32-bit system which has the JRE installed in a directory named java, enter this command on the command line:</p>
|
|
|
|
<pre>C:\java\jre\bin\policytool</pre></li>
|
|
|
|
<li><p>The PolicyTool window opens. The policy tool looks for the java.policy file in your home directory. If it does not exist, an error message displays. Click <strong>OK</strong>.</p></li>
|
|
|
|
<li><p>If you want to edit an existing policy file, click <strong>File --> Open</strong> Navigate to the policy file. Select it, and click <strong>Open</strong>. The code base entries are listed in the window.</p>
|
|
|
|
<p>If you want to create a new policy file, click <strong>File --> New</strong>.</p></li>
|
|
|
|
<li><p>Create or modify a code base entry:</p>
|
|
|
|
<ul>
|
|
<li><p>To modify the existing code base entry, select the entry, and click <strong>Edit Policy Entry</strong>. The Policy Entry window opens with the permission list that is defined for the selected code base.</p></li>
|
|
<li><p>To create a new code base entry, click <strong>Add Policy Entry</strong>. The Policy Entry window opens. In the <strong>CodeBase</strong> field, enter the code base information in URL format, for example: <tt>/QIBM/UserData/WebASE/ASE5/<em>instance</em>/InstalledApps/testcase.ear</tt>.</p></li>
|
|
</ul></li>
|
|
|
|
<li><p>Modify or add the permission specification:</p>
|
|
|
|
<ul>
|
|
<li><p>To modify an existing permission specification, click the entry you want to modify, and click <strong>Edit Permission</strong>. The Permissions window opens with the selecting permission information displayed.</p></li>
|
|
<li><p>To add a new permission, click <strong>Add Permission</strong>. The Permissions window opens.</p></li>
|
|
</ul>
|
|
|
|
<p>Perform these steps in the Permissions window:</p>
|
|
|
|
<ol type="a">
|
|
<li>Select the permission from the <strong>Permission</strong> list. The selected permission displays. After a permission is selected, the <strong>Target Name</strong>, <strong>Actions</strong>, <strong>and Signed By</strong> fields automatically show the valid choices, or they enable text input in the right text input area.</li>
|
|
<li>Select <strong>Target Name</strong> from the list, or enter the target name in the text field.</li>
|
|
<li>Select <strong>Actions</strong> from the list.</li>
|
|
<li>Enter a value in the <strong>Signed By</strong>, if necessary.</li>
|
|
<li>Click <strong>OK</strong> to close the Permissions window.</li>
|
|
</ol>
|
|
|
|
<p>The modified permission entries of the specified code base are displayed.</p></li>
|
|
|
|
<li><p>Click <strong>Done</strong> to close the window. The modified code base entries are listed.</p></li>
|
|
|
|
<li><p>Repeat steps 4 through 6 until you complete editing.</p></li>
|
|
|
|
<li><p>Click <strong>File --> Save</strong> after you finish editing the file.</p></li>
|
|
</ol>
|
|
|
|
<p>For more information about the policy tool, see <a href="http://java.sun.com/j2se/1.3/docs/tooldocs/win32/policytool.html" target="_">Policy Tool</a> <img src="www.gif" width="19" height="15" alt="Link outside Information Center"> (http://java.sun.com/j2se/1.3/docs/tooldocs/win32/policytool.html).</p>
|
|
|
|
</body>
|
|
</html>
|
|
|