Enabling Java 2 security for Rational Focal Point on WebSphere Application Server

You can restrict the application access to local resources by enabling the Java 2 security option on WebSphere® Application Server, version 7.0.0.17. WebSphere Application Server, version 7.0.0.17 requires ojdbc6.jar to connect to the Oracle database.

Procedure

  1. Stop the server and clear the WebSphere Application Server cache.
  2. Enable Java 2 Security for Rational® Focal Point™:
    1. Click Security > Global Security.
    2. Select the Use Java 2 security to restrict application access to local resources check box.
  3. Update library.policy and was.policy files:
    1. In the computer where the deployment manager is configured, extract the FP_HOME/artifacts/JavaSecurityPolicyFiles/fp_j2security.zip file that contains the was.policy and python script.
    2. Make sure that the nodes are servers are stopped.
    3. Start the deployment manager.
    4. Open the command prompt/shell.
    5. Go to <WAS_HOME>/profiles/<Manager Name>/bin.
    6. Run the command:
      wsadmin.sh –user username -password password -lang jython –f python script location cellname nodename library.policy file location was.policy file location
      For example,
      wsadmin.sh -user admin -password focalpoint -lang jython -f C:/WASpolicyFiles/updatepolicy.py hraphaelCell01 hraphaelNode01 C:/WASpolicyFiles/library.policy C:/WASpolicyFiles/was.policy
      Notes:
      • If you have more than one node, provide the node names as values that are separated by comma. For example, hraphaelNode01,hraphaelNode05.
      • Single space is the delimiter for command line arguments.
      • If the folder name contains a space, make sure to replace the short name C:/Program Files with C:/PROGRA~1. Go to C:\ drive and run the command dir\x to get the short name. This is applicable for Windows operating system only. For other operating systems, do not create directory with spaces.
      • Make sure to use forward slashes as the file separator.
      • While running the script, type y to continue to modify the local library.policy file.
                   grant{	
                            permission java.security.AllPermission;
                   };
        Save the file. Type y in the console and press the Enter key to continue.
      • The location of library.policy file is the location to which to extract the contents. For example, if you specify the location as C:\library.policy, and if the library.policy file does not exist, a library.policy is created in the C drive and copies the contents from the nodes library.policy file to the newly created policy file. If the library.policy already exists, the policy file is overwritten by the contents of the nodes library.policy file.
      • If the error, [SOAPExceptionL faultCode=SOAP-ENV:Client; msg=Read timed out; targetException=java.net.SocketTimeoutException: Read timed out. is displayed, perform the following steps:
        1. Stop the manger.
        2. Open the soap.client.props file that is located in WAS_HOME\profiles\<ManagerName>\properties\soap.client.props.
        3. Set the value of com.ibm.SOAP.requestTimeout to a higher value and save the file. A value of 0 ensures that the SOAP request will not time out.
        4. Start the manager and run the commands again.
  4. Restart the node and server.

Feedback