How do I apply JCE Jurisdiction Policy Files in oracle jvm

Similar Messages

• JCE: jurisdiction policy files

  Hello, I am new to this forum and my English is not very well. I have the following problem. I wish to use unlimited cryptography within an applet. I know, if I want to use unlimited crypto I have to install the unlimited jurisdiction policy files. Because mostly the JRE is installed under c:\programm files, where a normal user would not have the right to write, it is not very convenient to ask an admin for every workstation to install the unlimited jurisdiction policy files. Is there anyway to use unlimited crypto without touching the clients JRE?!?!
  Is it possible to install the unlimited jurisdiction policy files in another location on client at runtime???
  Maybe I can use an alternate JCE (BC or GNU)? But how? I think I can not install a new javax.crypto* from an applet? Maybe it�s possible to user another packet name?
  Or is it possible to use the cipher functionality of a provider outside the JCE?
  Have somebody had the same problem before? Any answer is very welcome!
  Regards from Berlin!

  If it could be done, it would be a serious security bug. Normal users cannot remove or change that file at all under Windows, only power users or admins can do that. An applet can have access to a file, but only if it gets permission to do so (e.g. by being signed by a trusted source, or by being accepted by the user). But to do something with this particular file, an admin should be starting up the browser really.

• Replace the JCE Unlimited Strength Jurisdiction Policy files - SAP JVM 5

  Hi Experts,
  I had a NetWeaver 7.1 system with SAP JVM 5. I tried to run a cryptography software on the system, but the current JCE Unlimited Strength Jurisdiction Policy files of the JVM limited encryption algorithms and key lengths.
  I downloaded the jce_policy-1_5_0.zip file from the Sun website, unzipped it, replaced the old policy files (sapjvm_5/jre/lib/security/local_policy.jar and sapjvm_5/jre/lib/security/US_export_policy.jar) with the new ones, then restarted the server. But, after the server was restarted, the new policy files were deleted and the old ones were restored.
  Could you tell me what should I do to apply the new policy files?
  Thanks in advance.
  Victor

  Issue Resolved..with help of OSS note :739043
  EP 6.0 SP15.... I had same issue for Portal prodution:
  I had  copied new files (local_policy.jar and US_export_policy.jar) in directory /opt/java1.4/jre/lib/security
  Jun 16  2003 local_policy.jar
  -rw-rr   1 root       sys           4355 Jun 16  2003 US_export_policy.jar
  -rw-rr   1 root       sys           2910 Aug  2  2007 local_policy.1.jar
  -rw-rr   1 root       sys           2429 Aug  2  2007 US_export_policy.1.jar
  -rrr--   1 bin        bin           2910 Dec 12 10:14 local_policy.2.jar
  -rrr--   1 bin        bin           2429 Dec 12 10:14 US_export_policy.2.jar
  -rrr--   1 bin        bin           2223 Dec 12 10:25 java.policy
  -rrr--   1 bin        bin           6871 Dec 12 10:25 java.security
  -rrr--   1 bin        bin          41278 Dec 12 10:25 cacerts
  Thanks,
  Hari

• Override JCE default (limited strength) jurisdiction policy files

  Hi!
  I am writing an applet, which has to decrypt encrpyted file with some simetric algorithm, e.g. PBEWithMD5AndTripleDes. Due llimitations of key lengths in default (limited strength) jurisdiction policy files for JCE I cannot use for example TripleDES with 168 bit key or. Blowfish with 400 bit key.
  I know I can obtain Unlimited version of these files from java.sun.com and replace this files in JDK/JRE installation directory. That's ok for us at server side, but disaster at client (applet) side, because we must modify installation of JRE on every computer where user want to use applet and update it every time when JRE is being updated.
  So me question is: is there any way to distribute unlimited jurisdiction files with an applet (I know how to include *.jar files) and make it work? For example via endorsed mechanism, setting some security property, reloading JCE?
  Thanks for help!

  You can't override them. Since the restriction apply only to the JCE, your best bet is to use the lightweight API from Bouncy Castle which does not use the JCE.

• Location for JCE jurisdiction policy JAR files

  I have a simple question is the location for JCE jurisdiction policy JAR files (local_policy.jar and US_export_policy.jar) in
  <java-home>/lib/security or
  <java-home>/lib/security/jce
  I am using JDK 1.6.0_14, these jar files come in a seperate package jce_policy-6.zip
  Please let me know.
  Thanks
  _Pete                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

  Thanks for the replies.
  README says just place them under lib/security. But it doesn't say whether to use the path embedded in the zip file (ie:/jce). So that was causing the confusion.
  I think it should lib/security and NOT to use jce. If anyone else have more thoughts on it, please let me know.
  _Pete                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

• Java: Where are JCE Unlimited Strength Jurisdiction Policy Files for Java for Mac OS X 10.7?

  I need to install the JCE Unlimited Strength Jurisdiction Policy Files for Java 1.6 under Mac OS X 10.7.  I know where to get then from the Sun/Oracle Java download site, but want to make sure that these will work on the Mac.  Or, are there Mac specific versions somewhere?

  There's a  jce.jar file in /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/, so it appears that they're already in place, but that's just a WAG.

• Software distribution and Unlimited Strength Jurisdiction Policy Files

  I suppose, I'm NOT allowed to ship the Unlimited Strength Jurisdiction Policy Files (USJPF) with my application,
  even if living in Germany and not selling abroad, right?
  So I see 2 possibilities:
  - Use weaker encryption by default and encourage the users to download the USJPF by themself.
  - Implement a stronger encryption on the base of the weaker one by encrypting several times, let say in the way 3DES works.
  I'm quite sure, I'm not the only one facing such a problem, how do you solve it?

  The export of cryptography is usually contingent on the laws of the country that you live in. As a US citizen, I know that I cannot ship unlimited strength cryptography to specific countries without a permit. You should check what German law allows you to do (I was under the impression that Germany did not have such controls, but that impression could be dated) and read the license accompanying the USJPF in Germany, to see what restrictions are placed on it.
  Another option is to use a provider fhat is developed outside the US. I know that BouncyCastle is developed in Australia, so the US restrictions would not apply to them. Have you checked their licensing agreement to see what you're allowed to do with their provider files?

• Jurisdiction Policy Files

  I am implementing a simple cipherstream for commmunication between server and client for a building automation protocol called BACnet. My code compiles but when I attempt to run it I get the following error:
  Exception in thread "main" java.lang.ExceptionInInitializtoinError
  at javax.crypto.SecretKeyFactory.getInstance(DashoA6275)
  at sen.CommMod.main(CommMod.java:30)
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
  at javax.crypto.SunJCE_b.<<clinit>(DashoA6275)
  ...2 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
  at javax.crypto.SunJCE_b.a(DashoA6275)
  at javax.crypto.SunJCE_b.f(DashoA6275)
  at javax.crypto.SunJCE_b.e(DashoA6275)
  at javax.crypto.SunJCE_b.run(DashoA6275)
  at java.security.AccessController.doPriveleged(Native Metthod)
  ... 3 more
  sen is the name of the package and CommMod is the name of my class file. I have edited the java.security file to include SunJCE as a security provider and Sun is listed as the first provider as per the known bugs for the JCE.
  Is there anyway to get my policy files signed by a trusted signer or can I get policy files that will work that are already signed?

  Why is there no reply to this problem from Sun?
  I am also getting the same problem with JDK1.4.2_04 and JCE 1.2.2
  Are the jars that are provided with the JCE 1.2.2 not correctlly signed?

• Jurisdiction policy files are not signed by trusted signers!

  Hi All,
  I am getting the following Security exception while running a Java stand-alone program on Linux.
  The stand-alone program internally calls the JCE (Java Cryptography Extension) library for Encryption of data. The JCE Unlimited Strength Jurisdiction policy files are downloaded from Sun.
  Does anybody have the solution for this error?
  Is there Security policy modification to be made for the same?
  Exception in thread "main" java.lang.ExceptionInInitializerError
  at javax.crypto.Cipher.a(Unknown Source)
  at javax.crypto.Cipher.getInstance(Unknown Source)
  at lncrypt.LnCryptBase.encryptImpl(LnCryptBase.java:122)
  at lncrypt.LnAes.encrypt(LnAes.java:78)
  at CloakingUtils.encrypt(CloakingUtils.java:69)
  at AlertsMigrationSweepUtil.updateAlerts(AlertsMigrationSweepUtil.java:203)
  at AlertsMigrationSweepUtil.main(AlertsMigrationSweepUtil.java:65)
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
  at javax.crypto.e.<clinit>(Unknown Source)
  ... 7 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
  at javax.crypto.e.a(Unknown Source)
  at javax.crypto.e.a(Unknown Source)
  at javax.crypto.e.g(Unknown Source)
  at javax.crypto.f.run(Unknown Source)
  at java.security.AccessController.doPrivileged1(Native Method)
  at java.security.AccessController.doPrivileged(AccessController.java:351)
  ... 8 more
  Regards,
  Vilas Kulkarni

  Make sure that which javaindicates the Java executable you expect.

• Java.lang.SecurityException: Jurisdiction policy files are not signed by t

  Hi
  *I am installing ECC6 onAIX 6.1 with oarcle 10g.*
  *I am getting error in create secure store*
  *Policy and security files are ok,*
  aused by: java.lang.ExceptionInInitializerError
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
          at javax.crypto.Cipher.a(Unknown Source)
          at javax.crypto.Cipher.getInstance(Unknown Source)
          at iaik.security.provider.IAIK.a(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
          at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
          at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
          ... 6 more
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
          at javax.crypto.b.<clinit>(Unknown Source)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          ... 17 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.access$600(Unknown Source)
          at javax.crypto.b$0.run(Unknown Source)
          at java.security.AccessController.doPrivileged(AccessController.java:246)
          ... 20 more
  ERROR      2009-07-07 14:10:47.063
             CJSlibModule::writeError_impl()
  CJS-30050  Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
  SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
  java.lang.reflect.InvocationTargetException
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
          at java.lang.reflect.Method.invoke(Method.java:391)
          at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
  Caused by: java.lang.ExceptionInInitializerError
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
          at javax.crypto.Cipher.a(Unknown Source)
          at javax.crypto.Cipher.getInstance(Unknown Source)
          at iaik.security.provider.IAIK.a(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
          at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
          at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
          ... 6 more
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
          at javax.crypto.b.<clinit>(Unknown Source)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          ... 17 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.access$600(Unknown Source)
          at javax.crypto.b$0.run(Unknown Source)
          at java.security.AccessController.doPrivileged(AccessController.java:246)
          ... 20 more.
  ERROR      2009-07-07 14:10:47.547 [sixxcstepexecute.cpp:960]
  FCO-00011  The step createSecureStore with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|2|0|NW_CreateDBandLoad|ind|ind|ind|ind|10|0|NW_SecureStore|ind|ind|ind|ind|8|0|createSecureStore was executed with status ERROR ( Last error reported by the step :Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
  SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
  java.lang.reflect.InvocationTargetException
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
          at java.lang.reflect.Method.invoke(Method.java:391)
          at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
  Caused by: java.lang.ExceptionInInitializerError
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
          at javax.crypto.Cipher.a(Unknown Source)
          at javax.crypto.Cipher.getInstance(Unknown Source)
          at iaik.security.provider.IAIK.a(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
          at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
          at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
          at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
          ... 6 more
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
          at javax.crypto.b.<clinit>(Unknown Source)
          at java.lang.J9VMInternals.initializeImpl(Native Method)
          at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
          ... 17 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.a(Unknown Source)
          at javax.crypto.b.access$600(Unknown Source)
          at javax.crypto.b$0.run(Unknown Source)
          at java.security.AccessController.doPrivileged(AccessController.java:246)
          ... 20 more.).
  what could be the problem ?
  Please give me the soluation
  regards
  Vijay

  Dear Juan
  You are correct.
  I downloaded correct file from IBM site , and Create Secure store step completed but innext step IMPORT JAVA DUMP
  it gave error
  n error occurred while processing service SAP ERP 6.0 Support Release 3 > SAP Systems > Oracle > Central System > Central System( Last error reported by the step : Execution of JLoad tool '/usr/java14_64/bin/java -classpath /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/launcher.jar -showversion -Xmx512m -Xj9 com.sap.engine.offline.OfflineToolStart com.sap.inst.jload.Jload /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/lib/iaik_jce.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jload.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/antlr.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/exception.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jddi.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/logging.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/offlineconfiguration.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/opensqlsta.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/tc_sec_secstorefs.jar:/oracle/client/10x_64/instantclient/ojdbc14.jar -sec AGQ,jdbc/pool/AGQ,/usr/sap/AGQ/SYS/global/security/data/SecStore.properties,/usr/sap/AGQ/SYS/global/security/data/SecStore.key -dataDir /swdump/NW7.0_SR3_JAVA_COMP_51033513/DATA_UNITS/JAVA_EXPORT_JDMP -job /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/IMPORT.XML -log jload.log' aborts with return code 1. SOLUTION: Check 'jload.log' and '/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/jload.java.log' for more information.
  regards
  vijjay

• Jurisdiction policy files not in standard directory

  Hi!
  I'm using cryptix in a class that encrypts emails with PGP.
  Everything works fine on my machine, as I have patched the jurisdiction policy files in $JAVA_HOME\jre\lib\security.
  Unfortunately I haven't got write-access to $JAVA_HOME on the customers machine.
  The jurisdiction policy files are located in a directory where the application runs.
  Now I need a possibility to run my application and passing a parameter that causes JVM to load the jurisdiction policy files from my directory instead of loading the ones installed in the $JAVA_HOME\jre\lib\security directory.
  Any hint is welcome!
  thanks in advance!
  Oli

  Hi!
  I'm using cryptix in a class that encrypts emails with
  PGP.
  Everything works fine on my machine, as I have patched
  the jurisdiction policy files in
  $JAVA_HOME\jre\lib\security.
  Unfortunately I haven't got write-access to $JAVA_HOME
  on the customers machine.
  The jurisdiction policy files are located in a
  directory where the application runs.
  Now I need a possibility to run my application and
  passing a parameter that causes JVM to load the
  jurisdiction policy files from my directory instead of
  loading the ones installed in the
  $JAVA_HOME\jre\lib\security directory.
  Any hint is welcome!
  thanks in advance!
  OliHmm, nobody ever encountered that problem?
  A 'is not possible' or 'does not work' would be adequate statement.
  So, I could convince my boss that it is just not possible... ;)
  thanks.
  Oli

• How do I apply a custom folder/file icon in Yosemite?

  How do I apply a custom folder/file icon in Yosemite?

  Select the image you wish to use and press COMMAND-C to copy it. Select the folder/file icon. Press COMMAND-I to open the Get Info window. Click in the icon image in the top left corner, then press COMMAND-V to paste your image.

• How to load the data from .csv file to oracle table???

  Hi,
  I am using oracle 10g , plsql developer. Can anyone help me in how to load the data from .csv file to oracle table. The table is already created with the required columns. The .csv file is having about 10lakh records. Is it possible to load 10lakh records. can any one please tell me how to proceed.
  Thanks in advance

  981145 wrote:
  Can you tell more about sql * loader??? how to know that utility is available for me or not??? I am using oracle 10g database and plsql developer???SQL*Loader is part of the Oracle client. If you have a developer installation you should normally have it on your client.
  the command is
  sqlldrType it and see if you have it installed.
  Have a look also at the FAQ link posted by Marwin.
  There are plenty of examples also on the web.
  Regards.
  Al

• How do you import data base dmp file in oracle 10g

  How do you run data base dmp file in oracle 10g

  Examples..
  Table Exports/Imports
  The TABLES parameter is used to specify the tables that are to be exported. The following is an example of the table export and import syntax:
  expdp scott/tiger@db10g tables=EMP,DEPT directory=TEST_DIR dumpfile=EMP_DEPT.dmp logfile=expdpEMP_DEPT.log
  impdp scott/tiger@db10g tables=EMP,DEPT directory=TEST_DIR dumpfile=EMP_DEPT.dmp logfile=impdpEMP_DEPT.log
  For example output files see expdpEMP_DEPT.log and impdpEMP_DEPT.log.
  The TABLE_EXISTS_ACTION=APPEND parameter allows data to be imported into existing tables.
  Schema Exports/Imports
  The OWNER parameter of exp has been replaced by the SCHEMAS parameter which is used to specify the schemas to be exported. The following is an example of the schema export and import syntax:
  expdp scott/tiger@db10g schemas=SCOTT directory=TEST_DIR dumpfile=SCOTT.dmp logfile=expdpSCOTT.log
  impdp scott/tiger@db10g schemas=SCOTT directory=TEST_DIR dumpfile=SCOTT.dmp logfile=impdpSCOTT.log
  For example output files see expdpSCOTT.log and impdpSCOTT.log.
  Database Exports/Imports
  The FULL parameter indicates that a complete database export is required. The following is an example of the full database export and import syntax:
  expdp system/password@db10g full=Y directory=TEST_DIR dumpfile=DB10G.dmp logfile=expdpDB10G.log
  impdp system/password@db10g full=Y directory=TEST_DIR dumpfile=DB10G.dmp logfile=impdpDB10G.log

• How to create an application-specific policy file?

  Hi Everybody:
  I'm a .NET developer with C #. I have a few applications currently running on my computer using the ODP 10.1
  Two weeks ago I installed on my computer the ODP 10.2 Release & now my previous applications have stopped working: when I try to make the connection to the database gives me this exception:
  OraOLEDB (0x80004005)
  ORA-12154: TNS: could not resolve the connect identifier specified
  In FAQ section for ODP.NET I found the next:
  Q: I have two .NET applications on the same machine running two different versions of ODP.NET. How do I ensure both these applications use the correct ODP.NET version?
  A: Beginning with ODP.NET 10.1.0.3, the Oracle installer will register the following publisher policy DLLs in the Global Assembly Cache (GAC) that redirect 9.2, 10.1 and 10.2 ODP.NET applications to use the last installed version of ODP.NET: Policy.9.2.Oracle.DataAccess.dll and Policy.10.1.Oracle.DataAccess.dll.
  ODP.NET 9.2 includes just the first policy DLL above. These policy files ensure that all your ODP.NET applications use the most recently installed version of ODP.NET.
  You may undo the redirection manually. Policy DLLs can be de-installed through gacutil.exe using the /u option. Another approach is to navigate to the GAC directory (i.e. C:\WINNT\assembly) through the Windows Explorer and delete the policy folders. That will eliminate any policy enforcement for all your ODP.NET applications.
  If you have applications on the same machine using different ODP.NET versions, you should create an application-specific policy file.
  I'm trying to do that, but I don't know what is an application-specific policy file. Someone can give me an example of How can I create and application-specific policy file???
  Regards

  Hi,
  Binding redirection is a ".net thing" as opposed to a "odp.net thing", see if this helps:
  http://msdn.microsoft.com/en-us/library/7wd6ex19(VS.71).aspx
  Hope it helps,
  Greg