Run your thin or pluggable application client with security enabled
To run a thin or a pluggable application client with security, specify the %CLIENTSAS% (Windows 32-bit) or $CLIENTSAS (iSeries, AIX, or Solaris) environment variables in the command line arguments. The security policies can be modified by editing the sas.client.props file in the properties subdirectory of the WAS installation on the client machine. On an iSeries server with just the application client runtime installed, this is /QIBM/UserData/WebAS5/Base/remote/properties. If the application server runtime is installed as well (5733WS5, option 2), this is /QIBM/UserData/WebAS5/Base/default/properties.
Here is an example of using the CLIENTSAS variable:
java $JAVA_FLAGS_EXT $CLIENTSAS -classpath $CP -Dserver.root=$SERVER_ROOT com.mycompany.MyClientYour Java thin application client no longer needs additional code to set security providers if you have enabled security for your WAS instance. This code found in iSeries Java thin or pluggable application clients should be removed to prevent migration and compatibility problems. The java.security file from your WebSphere instance in the properties directory is now used to configure the security providers.
The security providers were set programmatically in the main() method and occurred prior to any code that accessed enterprise beans:
import java.security.*; ... if (System.getProperty("os.name").equals("OS/400")) { // Set the default provider list first. Provider jceProv = null; Provider jsseProv = null; Provider sunProv = null; // Allow for when the Provider is not needed, when // it is not in the client application's classpath. try { jceProv = new com.ibm.crypto.provider.IBMJCE(); } catch (Exception ex) { ex.printStackTrace(); throw new Exception("Unable to acquire provider."); } try { jsseProv = new com.ibm.jsse.JSSEProvider(); } catch (Exception ex) { ex.printStackTrace(); throw new Exception("Unable to acquire provider."); } try { sunProv = new sun.security.provider.Sun(); } catch (Exception ex) { ex.printStackTrace(); throw new Exception("Unable to acquire provider."); } // Enable providers early and ahead of other providers // for consistent performance and function. if ( (null != sunProv) && (1 != Security.insertProviderAt(sunProv, 1)) ) { Security.removeProvider(sunProv.getName()); Security.insertProviderAt(sunProv, 1); } if ( (null != jceProv) && (2 != Security.insertProviderAt(jceProv, 2)) ) { Security.removeProvider(jceProv.getName()); Security.insertProviderAt(jceProv, 2); } if ( (null != jsseProv) && (3 != Security.insertProviderAt(jsseProv, 3)) ) { Security.removeProvider(jsseProv.getName()); Security.insertProviderAt(jsseProv, 3); } // Adjust default ordering based on admin/startstd properties file. // Maximum allowed in property file is 20. String provName; Class provClass; Object provObj = null; for (int i = 0; i < 21; i++) { provName = System.getProperty("os400.security.provider."+ i); if (null != provName) { try { provClass = Class.forName(provName); provObj = provClass.newInstance(); } catch (Exception ex) { // provider not found continue; } if (i != Security.insertProviderAt((Provider) provObj, i)) { // index 0 adds to end of existing list if (i != 0) { Security.removeProvider(((Provider) provObj).getName()); Security.insertProviderAt((Provider) provObj, i); } } } // end if (null != provName) } // end for (int i = 0; i < 21; i++) } // end if ("os.name").equals("OS/400")