Configure the java.policy file

The java.policy file is a global default policy file that is shared by all of the Java programs that run on the iSeries system. It is never recommended to modify this file. If some Java programs on a node require permissions that are not defined as defaults in the java.policy file then add the permissions by configuring the server.policy file. For more information, see Configure the server.policy file.

The java.policy file is included as part of the Java development kit, and it is not managed by the WebSphere configuration and file replication services.

The java.policy file that is used by WebSphere Application Server is located in the /QIBM/ProdData/Java400/jdk13/lib/security directory. It contains these default permissions:

  grant codeBase "file:${java.home}/lib/ext/*" {
    permission java.security.AllPermission;
  };

  grant codeBase "file:/QIBM/ProdData/OS400/Java400/*" {
    permission java.security.AllPermission;
  };

  grant codeBase "file:/QIBM/ProdData/OS400/Java400/ext/*" {
    permission java.security.AllPermission;
  };

  grant codeBase "file:/QIBM/ProdData/Java400/*" {
    permission java.security.AllPermission;
  };

  grant { 
    permission java.lang.RuntimePermission "stopThread";
    permission java.net.SocketPermission "localhost:1024-", "listen";
    permission java.util.PropertyPermission "java.version", "read";
    permission java.util.PropertyPermission "java.vendor", "read";
    permission java.util.PropertyPermission "java.vendor.url", "read";
    permission java.util.PropertyPermission "java.class.version", "read";
    permission java.util.PropertyPermission "os.name", "read";
    permission java.util.PropertyPermission "os.version", "read";
    permission java.util.PropertyPermission "os.arch", "read";
    permission java.util.PropertyPermission "file.separator", "read";
    permission java.util.PropertyPermission "path.separator", "read";
    permission java.util.PropertyPermission "line.separator", "read";
    permission java.util.PropertyPermission "java.specification.version", "read";
    permission java.util.PropertyPermission "java.specification.vendor", "read";
    permission java.util.PropertyPermission "java.specification.name", "read";
    permission java.util.PropertyPermission "java.vm.specification.version", "read";
    permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
    permission java.util.PropertyPermission "java.vm.specification.name", "read";
    permission java.util.PropertyPermission "java.vm.version", "read";
    permission java.util.PropertyPermission "java.vm.vendor", "read";
    permission java.util.PropertyPermission "java.vm.name", "read";
  };