".java.policy" file where is this located

Hi,
Where is the .java.policy file located. Do I have to create it? Do I have to use any editor for this? Please help me.
Thank you,
Regards
Uma

It'll probably be in the lib/security directory of your JRE.
If you've got a JDK then it'll be something like jdk1.3/jre/lib/security/java.policy

Similar Messages

  • How to handle the java.policy file ?

    Can somebody tell me how to handle the java.policy file?
    I always get java.net.SocketExceptions and java.security.AccessControlExceptions while connecting to an appserver from an applet.
    What do I have to write in the java.policy file, where do I have to place it and do I have to call it in some way form my applet?
    Thanks in advance.
    don call

    The java.policy file goes in your jre installation directory in .../jre/lib/security (there should be one there already).
    I used it to allow otherwise restricted permissions for an applet using javax.comm. Add something like the following to the file:
    grant codeBase "URL:http://yourDomainName/rootDirectoryOfYourApp/*" {
         permission java.security.AllPermission;
    This will give the applet downloaded from your site all permissions. You might want to give only certain permissions, I don't know.
    Teri

  • Where to put java.policy file?

    Under which directory the "java.policy" file must be kept in?

    Hi!
    The policy file must be indicated in the command line or by system property, when you starts the service, like the following: -Djava.security.policy = yourfile.policy. If you want to indicate another directory, you can do like this: -Djava.security.policy = C:\temp\yourfile.policy.
    I hope it helps you,
    Sandra.

  • File Access with unsigned Applet through editing the java.policy file

    I'am starting to lose my hair on this...
    I am trying to get an applet to run so that it can access the file system to move files on my local maschin. Because this applet is only running on my VM i can change the java.policy to avoid the signing of the applet.
    first of all, if i wrote in the java.policy file
    grant {
      permission java.security.AllPermission; 
    };everything is working perfekt.
    But I have not the intention to open the gates for any applet out there, so i want to limit the access to my applet. With every of the following versions I get at best an
    java.security.AccessControlException: access denied (java.io.FilePermission...
    My Setup
    My Java Version: jre1.6.0_02
    My applet is located unter the url
    http://admin.mydomain.com/applet.jar
    In Html i tryed the following different versions of loading the applet - none worked
    <applet codebase="http://admin.mydomain.com/" name="shortcut" code="start.class" archive="applet.jar" width="0" height="0"></applet>
    <applet codebase="http://admin.mydomain.com" name="shortcut" code="start.class" archive="applet.jar" width="0" height="0"></applet>
    <applet name="shortcut" code="start.class" archive="http://admin.mydomain.com/applet.jar" width="0" height="0"></applet>in java.policy i tryed following versions with every html applet load version
    grant codeBase "http://admin.x-press.de/-" {
      permission java.security.AllPermission; 
    grant codeBase "http://admin.x-press.de/+" {
      permission java.security.AllPermission; 
    grant codeBase "http://admin.x-press.de/applet.jar" {
      permission java.security.AllPermission; 
    };why is it with
    grant {
      permission java.security.AllPermission; 
    };working, and not with the other versions?
    i am almost bold now, please try to save my last hair from falling down.
    any suggestion would be nice
    thanks, feyyaz
    Message was edited by:
    feyyazdogu

    I read the mentioned documentation and your right, some of my versions were wrong, but after reading the doumentation again i came to following result which should had worked but didn't.
    java.policy
    grant codeBase "http://admin.mydomain.com/*" {
      permission java.security.AllPermission;
    HTML File
    <applet codebase="http://admin.mydomain.com/" name="shortcut" code="start.class" archive="applet.jar" height="0" width="0"></applet>if I am entering http://admin.mydomain.com/applet.jar i can download the jar, so the archive lays in the correct directory.
    what i am doing wrong? do i have to change an additional file somewhere else?

  • Can distribution of a .java.policy file be eliminated

    Sorry for the stupid question, but I'm fairly new to the realm of dealing with Java security...
    I have an applet that I want to deploy worldwide as part of an upgrade to an existing website, but I've run into the following error:
    "Error getting connection to: jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.0.101)(PORT=1521)))(CONNECT_DATA=(SID=EKB)(SERVER=DEDICATED))) using oracle.jdbc.driver.OracleDriver
    access denied (java.util.PropertyPermission oracle.jserver.version read)"
    I have managed to figure out that I can eliminate this problem by placing a .java.policy file on all client machines that contain the following:
    "grant {
         permission java.util.PropertyPermission "oracle.jserver.version", "read";
    However, is there any way to eliminate the need to distribute the policy file to those wanting to use the web site's applet? Can it be done somehow within the SSL certificate that I seemingly also have to distribute?
    Any help for this newbee would be appreciated!

    In contrast to what many people say in this forum, it is possible to have an unsigned applet access a database. You don't even have to manipulate the client's policy-file. The requirement is that the database is located on the same machine as the applet is downloaded from.There are however other things that can break this possibility. One is the database-driver itself.
    In the case of Oracle we have tried using different versions of the driver. When using version 8.1.7 or 9.0.1 things work nicely, but when switching to version 9.2 it stops working. There is a question on OTN [1]. Let's see what Oracle has to say about it.
    [1] Problem connecting using Oracle JDBC drivers

  • Essential question concerning java.policy file

    I have been searching this forum for an answer to this question:
    Is there a way to run a signed applet on an intranet (via the Plugin) with out having to go around to each user's workstation and change their java.policy file?
    So far, I have seen this question asked several times but with no concrete answer.
    Thanks for any help!

    You can create your own Policy implementation as shown in the following link :
    http://www.javageeks.com/Papers/JavaPolicy/index.html
    This has some drawbacks.
    I overcame your problem by writing my own Security Manager.

  • Java.policy file  - Must I change it?

    I just got a certificate from Verisign with which I signed my applet. It works fine and now I want to distribute it to a group of users.
    Back when I was developing the applet with a self-signed cert, I changed the java.policy file to allow the applet to do things 'outside the sandbox'.
    I thought, perhaps mistakenly, that when I got the Verisign ceritifcate I would not need to concern myself with java.policy in any way. But now, even with the Verisign cert, my applet won't run correctly w/o the updated policy file.
    This is only important to me as I do not want to go around to 'x' number of user workstations and modify each java.policy file.
    Am I missing something??
    thanks

    You mention
    "you should be able to remove the policy file and users can just accept the certificate "
    I experience the same, remove all policy files, signed applets can then access resopurces on the local machine. However, practically all the documentation I read regarding JAVA 2 (I'm using 1.4.1_02) says you must have a policy file when using a signed applet. At least they say sign your applet and then indicate what the policy file should look like to grant specific permissions for that applet. I find no policy file will still allow a signed applet to access local files... Is this a bug in JAVA 2 1.4.1_02, or the correct behavior. thanks in advance.

  • .java.policy file problem

    Is there someone who knows how to reinitialise the java policy file at runtime?
    My signed applet writes a policy file to the users home directory, but that file is only used after closing the browser and surfing back to our page. It should immediatly use that new file.
    Someone who got some experience with that...?
    Regards

    And is it true that if you use a Thawte or verisign certificate, you will not have to change the .java.policy file?

  • TS3274 Cannot find utilities folder to fix java preference. Where is it located?

    Cannot find utilities folder to fix java preference.  Where is it located?

    Have you tried the pogo games app : https://discussions.apple.com/message/18647219#18647219 ?

  • Hi, i changed policy file.. still this exception but file wrote plz...plz..

    hi,
    i have done one applet to write file in local system. i allowed thorugh policy file...
    i was done well.
    i DIDNOT MENSION ANY CODEBASE IN POLICY FILE JUST TARGET FULL C:
    but , one applet write mov file this exception i got i posted both code as well as code
    plz ... plz........
    SOURCE CODE
    import javax.media.*;
    import javax.media.protocol.*;
    import javax.media.format.*;
    import java.security.*;
    import java.io.*;
    import java.util.*;
    import java.awt.*;
    import java.net.*;
    public class VideoWriteApplet extends java.applet.Applet {
    Panel window = null;
    VideoStore videoStore = null;
    public void start() {
    window = new Panel();
    videoStore = new VideoStore(this);
    public void stop(){
    videoStore.stop();
    class VideoStore implements ControllerListener,Runnable {
    Processor processor =null;
    DataSource source = null;
    DataSink ds = null;
    Thread t = null;
    VideoWriteApplet applet = null;
    public VideoStore(VideoWriteApplet applet){
    this.applet = applet;
    t= new Thread(this,"child");
    t.start();
    public void run() {
    done();
    public void done(){
    MediaLocator ml = new MediaLocator("vfw://0");
    try{
    processor = Manager.createProcessor(ml);
    }catch(Exception e){
    System.out.println(" "+e);
    processor.addControllerListener(this);
    boolean result = waitForState(processor, Processor.Configured);
         if (result == false) System.out.println("Couldn't configure processor");
    FileTypeDescriptor avOutputType = new FileTypeDescriptor( FileTypeDescriptor.QUICKTIME );
         processor.setContentDescriptor(avOutputType);
    result = waitForState(processor, Controller.Realized);
         if (result == false) System.out.println("Couldn't realize processor");
    try{
    source = processor.getDataOutput();
    }catch(Exception e) {
    System.out.println("|||||||| Exception getouptut "+e);
    System.out.println("out data source got "+source);
    URL url = null;
    try{
    url = new URL("file://c:/gg.mov");
    }catch(Exception e){
    System.out.println(" Exception "+e);
    MediaLocator outfile = null;
    try{ 
    outfile = new MediaLocator(url);
    }catch(Exception e){
    System.out.println("|||||||| output locator "+e);
    System.out.println("protcocol "+ outfile.getProtocol());
    try{
    ds = Manager.createDataSink(source,outfile);
    }catch(Exception e){
    System.out.println(" |||||||| Exception create datasink "+e);
    System.out.println("data sink created "+ds);
    try{
    ds.open();
    }catch(Exception e){
    System.out.println("|||||||| Exception data sink open "+e);
    System.out.println("data sink opened ");
    try{
    ds.start();
    }catch(Exception e){
    System.out.println("Exception data sink starat "+e);
    System.out.println("data sink started ");
    try{
    processor.start();
    }catch(Exception e){
    System.out.println("|||||||| Exception processor starat "+e);
    System.out.println("processor starated ");
    public void stop(){
    try{
    t.stop();
    processor.stop();
    processor.deallocate();
    processor.close();
    }catch(Exception e){
    System.out.println("Exception "+e);
    System.out.println("processor disposed ");
    try{
    ds.close();
    }catch(Exception e){
    System.out.println("Exception "+e);
    System.gc();
    System.out.println("data sink disposed ");
    private Integer stateLock = new Integer(0);
    private boolean failed = false;
    Integer getStateLock() {
         return stateLock;
    void setFailed() {
         failed = true;
    private synchronized boolean waitForState(Processor p, int state) {
         //p.addControllerListener(new StateListener());
         failed = false;
         // Call the required method on the processor
         if (state == Processor.Configured) {           
    p.configure();
    } else if (state == Processor.Realized) {           
    p.realize();
         while (p.getState() < state && !failed) {
         synchronized (getStateLock()) {
              try {
              getStateLock().wait();
              } catch (InterruptedException ie) {
              return false;
         if (failed)
         return false;
         else
         return true;
    public void controllerUpdate(javax.media.ControllerEvent controllerEvent) {
    if (controllerEvent instanceof ControllerEvent) {
              synchronized (getStateLock()) {
              getStateLock().notifyAll();
    //System.out.println(" incomming event "+controllerEvent);
    if(controllerEvent instanceof ConfigureCompleteEvent)
    processor.realize();
    if(controllerEvent instanceof RealizeCompleteEvent)
    System.out.println( "processor Realized " );
    OUTPUT OF APPLET COSOLE
    out data source got com.sun.media.multiplexer.BasicMux$BasicMuxDataSource@3caa4b
    protcocol file
    processor Realized
    data sink created com.sun.media.datasink.file.Handler@969c29
    |||||||| Exception data sink open java.lang.RuntimeException: No permission to write files from applets
    data sink opened
    data sink started
    processor starated

    Double post, answered here:
    http://forum.java.sun.com/thread.jspa?threadID=577937&tstart=0

  • Received message that my start up disk is almost full. Where is this located and how do I know what I can delete?

    Received a message that my start up disk is almost full. Where do I locate my start up disk / files and how do I know what i can delete from this folder to make more space?

    Start up disk is the main, and only, internal disk of your computer.
    I hope you know what you saved on it, so you also know what can be removed

  • When i send a file over iChat to another mac it compresses the file, where is this compressed file stored?

    Today i was transfering a few folders with pictures and videos over to another mac and I noticed that before i sent the file iChat would compress it.  Now this is understandable because they were fairly large files, over 2GB, and this would make them transfer faster.  The problem is that I was transfering the files because my mac is low on hard drive space and I was trying to free some up.  By compressing the files first it was using up more space on my hard drive and I quickly cancelled the compression.  I soon realized though that my hard drive space was still disappearing into thin air. I only had 6GB left and was running out fast.  As it reached 2GB I began to quickly delete large files I no longer needed hoping that I wouldn't run out of space. It dropped all the way down to 12.4MB before it finally stopped, even with me deleting files.  I'm not quite sure what was happening to all of my hard drive space, but was wondering if maybe iChat continued to compress the files even after I cancelled the compression.  Anyways if anyone knows why this happened or where iChat stores the files it compresses that would be greatly appreciated.

    Hi,
    I have heard of this before.
    One report suggested it was only PDF files their case.
    I cannot replicate it with any pic files (Over 2Gb) PDF or otherwise or files and folders combos.
    My tests were from Lion/iChat 6.0.3 to Snow Leopard (iChat 5.0.3)
    I would have thought iChat would have created the Zippped/Stuffed files in the same folder as the original items
    (i.e pic in the pictures folder (or relevant subfolder) and other files and documents in the Documents folder.
    With any application that does Stuffing/Zipping it will create temporary space for doing so.
    Much like the way a graphics app creates a Scratch file to keep the 20 or so Undos it works with.  (with graphic Apps you can make the Scratch file on another Drive if you have one which can help)
    Do this:-
    with iChat Open go to the Window Menu.
    Select the File transfers item
    In this Window (that pops up) select the File that was going to be Transferred.
    When it is highlighted then do a Right-Click or Control Click and select the option to Show in Finder
    Does it list the zipped file ?
    10:21 PM      Friday; February 10, 2012
    Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
      iMac 2.5Ghz 5i 2011 (Lion 10.7.3)
     G4/1GhzDual MDD (Leopard 10.5.8)
     MacBookPro 2Gb (Snow Leopard 10.6.8)
     Mac OS X (10.6.8),
    "Limit the Logs to the Bits above Binary Images."  No, Seriously

  • Where is this located

    Hi,
    I'm using an Actiontec MI424WR rev 1 and I'm trying to find a page where I can set the number of users/connections on my network. Do you know where this is located?
    Thank you!
    Solved!
    Go to Solution.

    i do not  KNOW for sure, but is it possible that the number of users or devices allowed would be set by changing the range of local addresses assigned ? for example, by only allowing addresses numbered from 192.168.1.1 through 192.168.1.10, you would effectively be limiting total devices to 10, including the actiontec itself... maybe? i remember verizon's westell dsl modem had a setting like this for same reason.....good luck! anyone else with more specialized knowledge care to chime in??
    ÔƹÔ

  • Signed applets called from javascript - how/where to load policy file?

    I'm running into some apparently well-known problems with signed applets accessing a client machine's hard drive.
    So, I can get things to work if I place the following two lines in my 'local' JDK installation:
    permission java.io.FilePermission "${user.home}/x.properties", "read,write";
    permission java.util.PropertyPermission "user.home", "read";These let me a) read the user's home directory and b) read/write a file that's located there.
    What I don't want to do is edit the java.policy file, but I'm having problems loading a separate policy file. The app server we run with our product is jetty, and I'm assuming I would be passing in the '-Djava.security.policy=='filename' with the other jetty start-up parameters- is this a correct assumption? And, what path do I give for the file, will I need to put it somewhere in the .war file we distribute, or in the JDK installation on the server? If it's on the server, will client machine's know about these extra rights?
    I'd REALLY appreciate any help I could get on this...
    thanks in advance,
    +0^^

    Maybe you didn't realize but my previous post was sarcastically ment:
    "hello SUN security stop bugging me in writhing this malicious program"
    and
    "hello SUN security, I'm a good boy now trust what I'm doing"
    Are in a practical sense exactly the same.
    SUN should either remove the stack check or the doprivileged. The stack check takes up
    valuable resources for nothing since a malicious program can easily circumvent that.
    Your post about a malicious user abusing your (CA) signed applet to ruine someone's
    system is correct, it would not be difficult. A CA signed applet will not even ask a user to
    trust or not. This is one of the reasons we have the usepolicy in affect, but this cannot be
    used on "grandma's old PC" since it's too complicated for users to do such things.
    YOU seem to be the one to blame, not the hacker! (The user accepted YOUR
    certificate!).Actually you are to blame, because you made software that exposes a vonurability
    other people can take advantage of.
    what you can do before calling the doprivileged private method is check the call stack.
    So your signed applet has a public method checking the callstack, if this lookes OK
    that method will call the private doprivileged method.
    Here is the example
    package t;
    import java.util.Properties;
    import java.applet.Applet;
    public class test extends Applet {
             public test(){
                   startingPrivileged();
             public void startingPrivileged(){
                   System.out.println("this is the stack");
                   try{
                        throw new Exception("get the call stack");
                   }catch(Exception e){
                        StackTraceElement stack[] = e.getStackTrace();
                        for (int i=0; i<stack.length; i++) {
                             System.out.println("file: " + stack.getFileName() + " method: " + stack[i].getMethodName() + " class: " + stack[i].getClassName() + " at " + new Integer(i).toString());
                        // this is a really simple check to see if this method was started from the t. package
                        // a good hacker can just create it's own package named t and take advantage of this method
                        // if this method was started from the same package there is no reason to make this method
                        // public, protected would work.
                        // there must be a better way to check if this method was called by "your" or "trusted" code
                        if(stack[1].getClassName().startsWith("t.")){
                             dosomePrivileged();
              private void dosomePrivileged(){
                   System.out.println("this is the method that does privileged stuff");
         public static void main(String args[]) {
              new test();

  • Java Networking and policy file

    Two part question,
    First I writing a applet that is working with sockets, I've compared this and a delphi program and it seems that the delphi program is writing to and recieving from the socket at a faster rate (four second delay for the applet) then the applet. There is no extra code besides opening the client socket and writing and receiving data.
    Second question is is there a way to allow an applet to write to a socket below 1024 without having a java.policy file. If I do need the policy file is there a way to change it from the applet, or to set an work around permission. I'm writing an applet to work with a protocal that generally lives on a socket below 1024.
    Thanks in advance

    There is a way to let an applet access the lower sockets, but you need to sign it. And in order to sign it you need a key from verisign or Thawte. In fact, there are 2 different keys you need, one for Netscape and one for MS. But the netscape one might be the only one that you need.
    Other then signing it, you have to edit your browser preferences to let applets have full access to your system. sorry :(

Maybe you are looking for

  • Export to PDF and Excel. Image

    Hi gurus! How do you do!, well, I have a question and issue... the user wants to export the report to PDF, for this, I have created a WAD report with Broadcasting command for export to PDF, all works fine, however the company logo is not added to PDF

  • Pre populate an item with source type="Database Column"

    Hello gurus, How can I pre populate an item with source used "Always, replacing any..." and source type="Database Column"? I have a form that creates/updates rows in a table and when creating a new row I want to populate some of the fields based on s

  • Providing  the message types  to included for change pointers

    Hi Everyone,    How can we Provide the message types to be included for change pointers.? How can we turn-on Change pointer update generally? Iam converting the idoc to XML format in XI , So. i need the queries to solve( understand) Thanks Manju P.S.

  • Problem connecting from WL 8.1 Thin client to WL 8.1 App Server in AIX OS

    Hi, I'm trying to use WL 8.1 thin client to connect to BEA Weblogic server 8.1 in AIX OS. However, when I execute my thin client, I get the following error: Exception in thread "main" java.lang.NoClassDefFoundError: com/sun/corba/se/connection/ORBSoc

  • Is the Mac the new Atari????

    Since all this talk about the Intel Mac and the implications it will have on us loyal Mac (the real thing) users, I have had a lot of questions and thoughts. One of them is: I bagan my music work in my teens (not even that long ago) on one of the lat