This week's book giveaways are in the Java EE and JavaScript forums.
We're giving away four copies each of The Java EE 7 Tutorial Volume 1 or Volume 2(winners choice) and jQuery UI in Action and have the authors on-line!
See this thread and this one for details.
The moose likes Security and the fly likes was.policy file location in WSAD/WebSphere Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "was.policy file location in WSAD/WebSphere" Watch "was.policy file location in WSAD/WebSphere" New topic
Author

was.policy file location in WSAD/WebSphere

Fidel Ruiz
Greenhorn

Joined: Oct 02, 2003
Posts: 4
I have a security problem with the WebSphere test invironment of WSAD. We are trying to get our permissions from an external source through JAAS. We have extended javax.security.auth.Policy, where we connect to our Authentication and Authorization Service to retrieve the permissions for a Subject. This works quite well.
However the Websphere testserver in WSAD is set default to get java.security.AllPermissions. This is done in the file server.policy. So it doesn't matter if the subject has any permissions at all, the default setting in server.policy gives it AllPermissions.
We removed the grant for AllPermission from the server.policy and created a was.policy with the necessary permissions and put it in cells/<cellname>/applications/<earfilename>/deployments/<applicationname>/META-INF/ (like is was explained in the help). But it doesn't matter where I put the was.policy file, it seems that the server can't find it or doesn't read it.
Is anybody familiar with the was.policy files in the WSAD testenvironment and where to put them?
Krishna Nagadev
Ranch Hand

Joined: Jan 04, 2005
Posts: 32
It should be under .ear/META-INF/was.policy
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: was.policy file location in WSAD/WebSphere