[jboss-cvs] JBossAS SVN: r82222 - in projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US: extras and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Dec 11 01:14:50 EST 2008
Author: Darrin
Date: 2008-12-11 01:14:49 -0500 (Thu, 11 Dec 2008)
New Revision: 82222
Modified:
projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Requirements_for_the_Evaluated_Configuration.xml
projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Policy_File.xml
projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/extras/security_cc.policy
Log:
JBOSSCC-30
Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Requirements_for_the_Evaluated_Configuration.xml
===================================================================
--- projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Requirements_for_the_Evaluated_Configuration.xml 2008-12-11 06:07:17 UTC (rev 82221)
+++ projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Requirements_for_the_Evaluated_Configuration.xml 2008-12-11 06:14:49 UTC (rev 82222)
@@ -452,12 +452,110 @@
<title>Required changes to the included JSM policy</title>
<para>
- The supplied Java Security Manager policy file that is included with JBoss EAP must be
- replaced with the policy file specifed in <xref linkend="appe-security_policy" />. The
- policy file that must be replaced is
- <filename><replaceable>${JBOSS_HOME}</replaceable>/bin/security_cc.policy</filename>.
+ The supplied Java Security Manager policy file that is included with
+ JBoss EAP must must be modified as specified below. The policy file
+ that must be edited is <filename><replaceable>${JBOSS_HOME}</replaceable>/bin/security_cc.policy</filename>.
+ The copy of the complete modified policy file can be found in
+ <xref linkend="appe-security_policy" />.
</para>
+
+ <orderedlist>
+ <listitem>
+ <itemizedlist>
+ <listitem>
+ <para>codeBase <literal>"file:${jboss.server.home.dir}/tmp/-"</literal> in section 3:</para>
+ <itemizedlist>
+ <listitem><para>Added two more <classname>javax.security.auth.PrivateCredentialPermission</classname> as follows:</para>
+ <programlisting>permission javax.security.auth.PrivateCredentialPermission "javax.crypto.spec.SecretKeySpec * \"*\"", "read";
+permission javax.security.auth.PrivateCredentialPermission "org.jboss.security.srp.SRPParameters * \"*\"", "read";</programlisting>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>permission java.net.SocketPermission "*", "connect,accept,resolve";</literal>
+ moved from general grant in section 5 to this codeBase.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <literal>permission org.jboss.naming.JndiPermission "JAXR", "bind,rebind,unbind,lookup,list,listBindings,createSubcontext";</literal>
+ added to this codeBase.
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ For details refer to the grant for code base
+ <literal>"file:${jboss.server.home.dir}/tmp/-"</literal>
+ in Section 3 of the <filename>security_cc.policy</filename>
+ file detailed in <xref linkend="appe-security_policy" />.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+
+ <listitem>
+ <para>Section 4 changes</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Testsuite changes to make all tests pass under security manager.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Startup time related change
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ JNDI binding problem fixed with adding proper permission to test
+ deploy directory
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Minor changes in Oracle JDBC driver permissions need for IBM JDK 6
+ to pass the tests
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ For details see Section 4 of <filename>security_cc.policy</filename>
+ file in <xref linkend="appe-security_policy" />.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>Section 5 Changes</para>
+ <para>The following 2 items have been removed from the general grant section.</para>
+ <itemizedlist>
+ <listitem><para><literal>permission java.util.PropertyPermission "*", "read";</literal></para></listitem>
+ <listitem><para><literal>permission java.net.SocketPermission "*", "connect";</literal></para></listitem>
+ </itemizedlist>
+ <para>
+ For details see Section 5 of <filename>security_cc.policy</filename>
+ file in <xref linkend="appe-security_policy" />.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>More detailed comments added throughout the policy file.</para>
+ </listitem>
+ </orderedlist>
+
+
+<!--
+<listitem>
+3. Section 5 changes
+
+
+Note: For details see Section 5 of security_cc.policy file in appendix X.
+</listitem>
+<listitem>
+4. More detailed comments added throughout the policy file.
+</listitem> -->
+
+
</section>
<section id="Common_Criteria_Guide-Developer_Guidelines-java_security_permissions">
Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Policy_File.xml
===================================================================
--- projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Policy_File.xml 2008-12-11 06:07:17 UTC (rev 82221)
+++ projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Policy_File.xml 2008-12-11 06:14:49 UTC (rev 82222)
@@ -5,6 +5,6 @@
<appendix id="appe-security_policy">
<title>Required Java Security Manager Policy File</title>
-<programlisting><xi:include parse="text" href="extras/security_cc.policy" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
+<programlisting language="java"><xi:include parse="text" href="extras/security_cc.policy" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</appendix>
Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/extras/security_cc.policy
===================================================================
--- projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/extras/security_cc.policy 2008-12-11 06:07:17 UTC (rev 82221)
+++ projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/extras/security_cc.policy 2008-12-11 06:14:49 UTC (rev 82222)
@@ -96,7 +96,8 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/bindingservice-plugin.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/bindingservice-plugin.jar" {
permission java.security.AllPermission;
};
@@ -120,11 +121,13 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/commons-collections.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/commons-collections.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/commons-httpclient.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/commons-httpclient.jar" {
permission java.security.AllPermission;
};
@@ -148,19 +151,23 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/hibernate-annotations.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/hibernate-annotations.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/hibernate-commons-annotations.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/hibernate-commons-annotations.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/hibernate-entitymanager.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/hibernate-entitymanager.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/hibernate-validator.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/hibernate-validator.jar" {
permission java.security.AllPermission;
};
@@ -188,7 +195,8 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/jboss-common-jdbc-wrapper.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/jboss-common-jdbc-wrapper.jar" {
permission java.security.AllPermission;
};
@@ -236,7 +244,8 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/jbossjta-integration.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/jbossjta-integration.jar" {
permission java.security.AllPermission;
};
@@ -248,7 +257,8 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/jboss-messaging-client.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/jboss-messaging-client.jar" {
permission java.security.AllPermission;
};
@@ -272,7 +282,8 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/jboss-serialization.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/jboss-serialization.jar" {
permission java.security.AllPermission;
};
@@ -336,7 +347,8 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/log4j-snmp-appender.jar" {
+grant codeBase "file:${jboss.server.home.dir}/lib/log4j-snmp-appender.jar"
+{
permission java.security.AllPermission;
};
@@ -356,7 +368,8 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/lib/scheduler-plugin-example.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/lib/scheduler-plugin-example.jar" {
permission java.security.AllPermission;
};
@@ -374,15 +387,18 @@
// DEPLOY DIR
-grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-ha-local-jdbc.rar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jboss-ha-local-jdbc.rar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-ha-xa-jdbc.rar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jboss-ha-xa-jdbc.rar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jboss-local-jdbc.rar" {
permission java.security.AllPermission;
};
@@ -398,87 +414,109 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/httpha-invoker.sar/-" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/httpha-invoker.sar/-" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-web-cluster.sar/jboss-web-cluster.aop" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jboss-web-cluster.sar/jboss-web-cluster.aop" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/jaxb-api.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/jaxb-api.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/jaxb-impl.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/jaxb-impl.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/jboss-jaxb-intros.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/jboss-jaxb-intros.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/jboss-jaxrpc.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/jboss-jaxrpc.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/jboss-jaxws.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/jboss-jaxws.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/jboss-saaj.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/jboss-saaj.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/jbossws-core.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/jbossws-core.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/jbossws-native.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/jbossws-native.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/policy.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/policy.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/stax-api.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/stax-api.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/wsdl4j.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/wsdl4j.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/wstx.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/wstx.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jbossws.sar/xmlsec.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jbossws.sar/xmlsec.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/juddi-service.sar/juddi.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/juddi-service.sar/juddi.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/juddi-service.sar/juddi-saaj.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/juddi-service.sar/juddi-saaj.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/juddi-service.sar/juddi-service.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/juddi-service.sar/juddi-service.jar"
+{
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/juddi-service.sar/juddi.war" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/juddi-service.sar/juddi.war" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/juddi-service.sar/scout.jar" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/juddi-service.sar/scout.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/*" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/uuid-key-generator.sar/*" {
permission java.security.AllPermission;
};
@@ -486,19 +524,23 @@
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-aop-jdk50.deployer/-" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jboss-aop-jdk50.deployer/-" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-bean.deployer/-" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jboss-bean.deployer/-" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-web.deployer/*" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jboss-web.deployer/*" {
permission java.security.AllPermission;
};
-grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-web.deployer/jsf-libs/*" {
+grant codeBase
+"file:${jboss.server.home.dir}/deploy/jboss-web.deployer/jsf-libs/*" {
permission java.security.AllPermission;
};
@@ -513,8 +555,10 @@
grant codeBase "file:${jboss.server.home.dir}/tmp/-" {
- permission java.io.FilePermission "${jboss.server.home.dir}/-", "read,write,delete";
- permission java.io.FilePermission "${java.io.tmpdir}", "read,write,delete";
+ permission java.io.FilePermission
+ "${jboss.server.home.dir}/-", "read,write,delete";
+ permission java.io.FilePermission
+ "${java.io.tmpdir}", "read,write,delete";
permission java.io.FilePermission "<<ALL FILES>>", "read";
@@ -526,22 +570,31 @@
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.lang.RuntimePermission "createClassLoader";
- permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.setPrincipalInfo";
- permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.getPrincipalInfo";
- permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.setServer";
- permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.setRunAsRole";
+ permission java.lang.RuntimePermission
+ "org.jboss.security.SecurityAssociation.setPrincipalInfo";
+ permission java.lang.RuntimePermission
+ "org.jboss.security.SecurityAssociation.getPrincipalInfo";
+ permission java.lang.RuntimePermission
+ "org.jboss.security.SecurityAssociation.setServer";
+ permission java.lang.RuntimePermission
+ "org.jboss.security.SecurityAssociation.setRunAsRole";
permission java.lang.RuntimePermission "loadLibrary.tcnative-1";
permission java.lang.RuntimePermission "loadLibrary.libtcnative-1";
permission java.net.NetPermission "specifyStreamHandler";
permission java.util.PropertyPermission "*", "read,write";
- permission java.security.SecurityPermission "getProperty.package.definition";
- permission java.security.SecurityPermission "setProperty.package.definition";
- permission java.security.SecurityPermission "getProperty.package.access";
- permission java.security.SecurityPermission "setProperty.package.access";
+ permission java.security.SecurityPermission
+ "getProperty.package.definition";
+ permission java.security.SecurityPermission
+ "setProperty.package.definition";
+ permission java.security.SecurityPermission
+ "getProperty.package.access";
+ permission java.security.SecurityPermission
+ "setProperty.package.access";
permission java.security.SecurityPermission "setPolicy";
- permission java.security.SecurityPermission "putProviderProperty.JBossSX";
+ permission java.security.SecurityPermission
+ "putProviderProperty.JBossSX";
permission java.security.SecurityPermission "insertProvider.JBossSX";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
@@ -552,21 +605,26 @@
permission javax.security.auth.AuthPermission "doAsPrivileged";
permission javax.security.auth.AuthPermission "modifyPrincipals";
- permission javax.security.auth.PrivateCredentialPermission "javax.resource.spi.security.PasswordCredential * \"*\"", "read";
- permission javax.security.auth.PrivateCredentialPermission "javax.crypto.spec.SecretKeySpec * \"*\"", "read";
- permission javax.security.auth.PrivateCredentialPermission "org.jboss.security.srp.SRPParameters * \"*\"", "read";
+ permission javax.security.auth.PrivateCredentialPermission
+ "javax.resource.spi.security.PasswordCredential * \"*\"", "read";
+ permission javax.security.auth.PrivateCredentialPermission
+ "javax.crypto.spec.SecretKeySpec * \"*\"", "read";
+ permission javax.security.auth.PrivateCredentialPermission
+ "org.jboss.security.srp.SRPParameters * \"*\"", "read";
permission java.security.SecurityPermission "getPolicy";
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "getProtectionDomain";
- permission java.lang.RuntimePermission "org.jboss.security.SecurityAssociation.getSubject";
+ permission java.lang.RuntimePermission
+ "org.jboss.security.SecurityAssociation.getSubject";
permission javax.security.auth.AuthPermission "createLoginContext.*";
permission javax.security.auth.AuthPermission "getLoginConfiguration";
permission java.net.SocketPermission "*", "connect,accept,resolve";
- permission org.jboss.naming.JndiPermission "JAXR", "bind,rebind,unbind,lookup,list,listBindings,createSubcontext";
+ permission org.jboss.naming.JndiPermission "JAXR",
+ "bind,rebind,unbind,lookup,list,listBindings,createSubcontext";
};
//******************* End of Section 3 **********************
@@ -591,30 +649,43 @@
grant codeBase "file:${jboss.test.deploy.dir}/-" {
permission java.util.PropertyPermission "*", "read";
permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
- permission java.security.SecurityPermission "putProviderProperty.JBossSX";
- permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>", "bind,rebind,unbind,lookup,list,listBindings,createSubcontext";
+ permission java.security.SecurityPermission
+ "putProviderProperty.JBossSX";
+ permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>",
+ "bind,rebind,unbind,lookup,list,listBindings,createSubcontext";
};
// Following JDBC driver is included just for CC test purpose.
-// When you test with different JDBC driver than Oracle DB you have to create your own entries.
+// When you test with different JDBC driver than Oracle DB you have to
+// create your own entries.
grant codeBase "file:${jboss.server.home.dir}/lib/ojdbc14.jar" {
// change host name and port to one where your database resides.
- permission java.net.SocketPermission "dev68.qa.atl2.redhat.com:1521", "connect";
+ permission java.net.SocketPermission
+ "dev68.qa.atl2.redhat.com:1521", "connect";
- permission java.util.PropertyPermission "oracle.net.wallet_location", "read";
- permission java.util.PropertyPermission "oracle.jdbc.TcpNoDelay", "read";
- permission java.util.PropertyPermission "oracle.jdbc.defaultNChar", "read";
- permission java.util.PropertyPermission "oracle.jdbc.useFetchSizeWithLongColumn", "read";
- permission java.util.PropertyPermission "oracle.jdbc.convertNcharLiterals", "read";
- permission java.util.PropertyPermission "oracle.jdbc.V8Compatible", "read";
- permission java.util.PropertyPermission "oracle.jdbc.J2EE13Compliant", "read";
- permission java.util.PropertyPermission "oracle.jdbc.FastConnectionFailover", "read";
+ permission java.util.PropertyPermission
+ "oracle.net.wallet_location", "read";
+ permission java.util.PropertyPermission
+ "oracle.jdbc.TcpNoDelay", "read";
+ permission java.util.PropertyPermission
+ "oracle.jdbc.defaultNChar", "read";
+ permission java.util.PropertyPermission
+ "oracle.jdbc.useFetchSizeWithLongColumn", "read";
+ permission java.util.PropertyPermission
+ "oracle.jdbc.convertNcharLiterals", "read";
+ permission java.util.PropertyPermission
+ "oracle.jdbc.V8Compatible", "read";
+ permission java.util.PropertyPermission
+ "oracle.jdbc.J2EE13Compliant", "read";
+ permission java.util.PropertyPermission
+ "oracle.jdbc.FastConnectionFailover", "read";
permission java.util.PropertyPermission "oracle.net.tns_admin", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "user.name", "read";
permission java.util.PropertyPermission "java.version", "read";
- permission java.lang.RuntimePermission "accessClassInPackage.sun.jdbc.odbc";
+ permission java.lang.RuntimePermission
+ "accessClassInPackage.sun.jdbc.odbc";
permission java.net.SocketPermission "*", "resolve";
};
@@ -631,10 +702,11 @@
// entered permissions.
//**************************************************************
-// Following lines are here as template for creating JDBC driver permissions entry
-// specific for your database. If using Oracle, one can copy JDBC driver permissions
-// from Section 4.
-//grant codeBase "file:${jboss.server.home.dir}/lib/<your JDBC driver>.jar" {
+// Following lines are here as template for creating JDBC driver
+// permissions entry specific for your database. If using Oracle, one can
+// copy JDBC driver permissions from Section 4.
+//grant codeBase "file:${jboss.server.home.dir}/lib/<your JDBC driver>.jar"
+//{
// <grant necessary permissions>
//};
More information about the jboss-cvs-commits
mailing list