Using a Java 2 Security Manager

Java™ 2 provides a Security Manager system that controls access to Java resources.

The Security Manager restricts access to Java resources using a security policy. Some examples of protected resources are: reading a file, and opening a network socket. When a program tries to access a protected resource, the Java Security Manager verifies that both the code trying to access the resource, and, possibly, the caller of that code, have appropriate permissions. Without these permissions, the program cannot run.

If you are using any of the CICS® Transaction Gateway Java APIs under a Java 2 security environment (such as a JEE server), your application needs Java permissions to run correctly. The only exception to this is if you are using the JEE APIs in a managed environment.

Figure 1 shows the minimum permissions that your application needs to use Gateway Java APIs. It might need additional permissions to run correctly.

Figure 1. Required Java 2 Security Manager permissions

java.net.SocketPermission "*", "resolve";
java.util.PropertyPermission "*", "read";
java.io.FilePermission "${user.home}${file.separator}ibm${file.separator}
		ctg${file.separator}-","read,write,delete";
java.lang.RuntimePermission "loadLibrary.*", "";
java.lang.RuntimePermission "shutdownHooks", "";
java.lang.RuntimePermission "modifyThread", "";
java.lang.RuntimePermission "modifyThreadGroup", "";
java.lang.RuntimePermission "readFileDescriptor", "";
java.lang.RuntimePermission "writeFileDescriptor", "";
java.security.SecurityPermission "putProviderProperty.IBMJSSE", "";
java.security.SecurityPermission "insertProvider.IBMJSSE", "";
java.security.SecurityPermission "putProviderProperty.IBMJCE", "";
java.security.SecurityPermission "insertProvider.IBMJCE", "";
javax.security.auth.PrivateCredentialPermission "* * \"*\"","read";
java.lang.RuntimePermission "accessClassInPackage.sun.io", "";