Configure the java.security file for your server

Configure the java.security file for your server

The java.security file is located in the ${java.home}/lib/security/ directory.

Search the 'policy.provider' string, comment the current line (with a '#' at the start of the line) and add this line below:

policy.provider=net.sf.jguard.security.JGuardPolicy

Search the 'login.config.url' string, comment the current line(s) (with a '#' at the start of the line) and add this line below :

login.config.url.1=file:${java.home}/lib/security/jGuard.loginScheme

Note that you can leave your initial 'login.config.url.x' lines uncommented if they should not concern jGuard protected applications. TIPS:

• To preserve others applications, jGuard acts as a 'wrapper' for Policy operations which do not concern webapp security. So you can let jGuard configure the system java Policy automatically at webapp startup.

In this case, jGuard will not control at the application server startup the security, but only when the first webapp with AccessFilter starts.

• the 'login.config.url' can be configured too, via a command-line argument when application server starts (not experimented yet):

-Djava.security.auth.login.config.url.1=file:${java.home}/lib/security/jGuard.loginScheme