views:

260

answers:

0

Here's my scenario:

I have a JAR within the APP-INF/lib of my EAR, to be deployed within WebLogic 10g Release 3 against which I wish to grant specific permissions.

e.g.,

grant codebase "file:/c:/somedir/my.jar" {
  permission java.net.SocketPermission "*:-","accept,connect,listen, resolve";
  permission java.net.SocketPermission "localhost:-","accept,connect,listen,resolve";
  permission java.net.SocketPermission "127.0.0.1:-","accept,connect,listen,resolve";
  permission java.net.SocketPermission "230.0.0.1:-","accept,connect,listen,resolve";
  permission java.util.PropertyPermission "*", "read,write";
  permission java.lang.RuntimePermission "*";
  permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
  permission javax.security.auth.AuthPermission "*";
  permission java.security.SecurityPermission "*";
};

Questions:

  1. Where is the best place to define this grant - in the java.policy of the JRE, WL server's weblogic.policy, or within a XML packaged within the EAR

  2. How do I define the codebase URL to the JAR? The examples I have seen have an explicit reference to the JAR on the file system, however I am deploying the JAR packaged up within an EAR.

Thanks!