User guide
Developing Java Applications
7-51
Change the role name in the sample file.
permission java.util.PropertyPermission "user.home","read";
};
JDK1.4
Edit the security policy file isssojaas14.policy. In the sample security policy file, read permission of
property java.home is set for the user ID “guest” and read permission of property user.home is set for
the role name “administrator.” Change the user ID and role name to the user ID and role name
registered in the SSO repository.
The example below shows how to grant read permission of property java.home and read permission of
property user.home for user ID “user001” and role name “Admin.”
Example
/* sample policy file */
grant codeBase "file:isssoaction.jar" ,
principal com.fujitsu.interstage.sso.auth.ISUserPrincipal "user001" { <-
Change the user ID in the sample file.
permission java.util.PropertyPermission "java.home","read";
};
grant codeBase "file:isssoaction.jar" ,
principal com.fujitsu.interstage.sso.auth.ISRolePrincipal "Admin" { <-
Change the role name in the sample file.
};
grant codeBase "file:isssojaas.jar" {
permission java.util.PropertyPermission "java.home","read";
permission java.util.PropertyPermission "user.home","read";
permission javax.security.auth.AuthPermission
"createLoginContext.com.fujitsu.interstage.sso";
permission javax.security.auth.AuthPermission "doAs";
permission javax.security.auth.PrivateCredentialPermission
"com.fujitsu.interstage.sso.auth.ISAuthenticationCredential
com.fujitsu.interstage.sso.auth.ISUserPrincipal \"*\"", "read";
permission javax.security.auth.PrivateCredentialPermission
"com.fujitsu.interstage.sso.auth.ISAuthorizationCredential
com.fujitsu.interstage.sso.auth.ISUserPrincipal \"*\"", "read";
};
grant codeBase "file:C:\\Interstage\\F3FMsso\\ssoatzag\\lib\\isssomod14.jar"
{
...
};
grant codeBase "file:/opt/FJSVssoaz/lib/isssomod14.jar" {
...
};