| // Standard extensions get all permissions by default |
| |
| grant codeBase "file:${java.home}/lib/ext/*" { |
| permission java.security.AllPermission; |
| }; |
| |
| // default permissions granted to all domains |
| grant { |
| // Allows any thread to stop itself using the java.lang.Thread.stop() |
| // method that takes no argument. |
| // Note that this permission is granted by default only to remain |
| // backwards compatible. |
| // It is strongly recommended that you either remove this permission |
| // from this policy file or further restrict it to code sources |
| // that you specify, because Thread.stop() is potentially unsafe. |
| // See "http://java.sun.com/notes" for more information. |
| permission java.lang.RuntimePermission "stopThread"; |
| |
| // allows anyone to listen on un-privileged ports |
| permission java.net.SocketPermission "localhost:1024-", "listen"; |
| |
| // "standard" properies that can be read by anyone |
| |
| permission java.util.PropertyPermission "java.version", "read"; |
| permission java.util.PropertyPermission "java.vendor", "read"; |
| permission java.util.PropertyPermission "java.vendor.url", "read"; |
| permission java.util.PropertyPermission "java.class.version", "read"; |
| permission java.util.PropertyPermission "os.name", "read"; |
| permission java.util.PropertyPermission "os.version", "read"; |
| permission java.util.PropertyPermission "os.arch", "read"; |
| permission java.util.PropertyPermission "file.separator", "read"; |
| permission java.util.PropertyPermission "path.separator", "read"; |
| permission java.util.PropertyPermission "line.separator", "read"; |
| |
| permission java.util.PropertyPermission "java.specification.version", "read"; |
| permission java.util.PropertyPermission "java.specification.vendor", "read"; |
| permission java.util.PropertyPermission "java.specification.name", "read"; |
| |
| permission java.util.PropertyPermission "java.vm.specification.version", "read"; |
| permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; |
| permission java.util.PropertyPermission "java.vm.specification.name", "read"; |
| permission java.util.PropertyPermission "java.vm.version", "read"; |
| permission java.util.PropertyPermission "java.vm.vendor", "read"; |
| permission java.util.PropertyPermission "java.vm.name", "read"; |
| |
| permission java.io.FilePermission "*","read,write"; |
| |
| }; |
| |
| grant codeBase "file:/-" { |
| permission java.security.AllPermission; |
| permission java.io.FilePermission "*","read,write"; |
| }; |
| |
| grant principal javax.management.remote.JMXPrincipal "SQE_username" { |
| permission javax.management.MBeanServerPermission "*"; |
| permission javax.management.MBeanPermission "Simple", "instantiate"; |
| permission javax.management.MBeanPermission "Simple", "registerMBean"; |
| }; |
| |
| grant principal javax.management.remote.JMXPrincipal "username1" { |
| // |
| // JMXPrincipals "username1" has all permissions. |
| // |
| permission java.security.AllPermission; |
| }; |
| |
| grant principal javax.management.remote.JMXPrincipal "username2" { |
| // |
| // JMXPrincipals "username2" has all permissions. |
| // |
| permission java.security.AllPermission; |
| }; |
| |
| grant principal javax.management.remote.JMXPrincipal "username3" { |
| // |
| // JMXPrincipals "username3" has some permissions. |
| // |
| permission javax.management.MBeanPermission "Simple", "instantiate"; |
| permission javax.management.MBeanPermission "Simple", "registerMBean"; |
| permission javax.management.MBeanPermission "Simple", "setAttribute"; |
| permission javax.management.MBeanPermission "Simple", "invoke"; |
| }; |
| |
| grant principal javax.management.remote.JMXPrincipal "username4" { |
| // |
| // JMXPrincipals "username4" has all permissions. |
| // |
| permission javax.management.MBeanPermission "Simple", "instantiate"; |
| permission javax.management.MBeanPermission "Simple", "registerMBean"; |
| permission javax.management.MBeanPermission "Simple", "invoke"; |
| }; |
| |
| grant principal javax.management.remote.JMXPrincipal "username5" { |
| // |
| // JMXPrincipals "username5" has no permissions. |
| // |
| }; |