+

Search Tips   |   Advanced Search

Run MobileFirst Server in WebSphere Application Server with Java 2 security enabled

We can run IBM MobileFirst Platform Server in WebSphere Application Server with Java 2 security enabled.

To enable Java 2 security in WebSphere Application Server, complete the following procedure to modify the app.policy file and then restart WebSphere Application Server for the modification to take effect.

  1. Install MobileFirst Server on a WebSphere Application Server instance. The installation contains all the necessary libraries to support WebSphere Application Server security.

  2. Enable Java 2 security in WebSphere Application Server.

    1. In the WebSphere Application Server console, click Security > Global security

    2. Select Use Java 2 security to restrict application access to local resources.

  3. Modify the app.policy file, <ws.install.root>/profiles/<server_name>/config/cells/<cell_name>/node/<node_name>/app.policy.

    The app.policy file is a default policy file shared by all of the WebSphere Application Server enterprise applications. See app.policy file permissions in the WebSphere Application Server documentation.

    Add the following content into the app.policy file. 

    grant codeBase "file:${was.install.root}/worklight-jee-library-xxx.jar" {
  permission java.security.AllPermission;
};
// The war file is the WL server war.
grant codeBase "file:worklight.war" {
  //permission java.security.AllPermission; 
  //We can use all permission for simplicity, however, it might   // cause security problems.
  permission java.lang.RuntimePermission "*";
  permission java.io.FilePermission "${was.install.root}${/}-", "read,write,delete";
  // In Linux need to set TEMP folder of Linux.
  permission java.io.FilePermission "C:/Windows/TEMP/${/}-", "read,write,delete";
  permission java.util.PropertyPermission "*", "read, write";
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
  permission com.ibm.tools.attach.AttachPermission "createAttachProvider";
  permission com.ibm.tools.attach.AttachPermission "attachVirtualMachine";
  permission com.sun.tools.attach.AttachPermission "createAttachProvider";
  permission com.sun.tools.attach.AttachPermission "attachVirtualMachine";
  permission java.net.SocketPermission "*", "accept,resolve";
};

  4. Restart WebSphere Application Server for the modification of the app.policy file to take effect.


Parent topic: Security configuration