Configuring the Java Security Manager

The Java Security Manager provides a general way to enhance the security of Java applications and Apache Tomcat or other J2EE Web servers. It can protect your server from Trojan servlets, JSPs, JSP beans, and tag libraries, or even inadvertent mistakes.

For more information, refer to the Oracle Java Tutorials: The Security Manager.

Uniface installs Tomcat with the Security Manager disabled. If you want to enable it:

1. Edit the catalina.policy file, which is used to configure the Security Manager. In Uniface, this is in the UnifaceInstallDir/common/tomcat/conf/ directory.
2. Enable the Security Manager via your Tomcat service or a related batch file.

For details, refer to the Apache Tomcat documentation: Security Manager HOW-TO.