You are here :: Home :: Documentation :: JZOS :: Java Security Manager Setup
JZOS/Tomcat Security Manager Setup
Once JZOS and Tomcat have been properly installed, they can be run under a Java
SecurityManager if desired. These instructions provide general guidelines on how to configure
a java security manager policy for JZOS and Tomcat. The configuration of individual
WebApplication security setup is an installation responsibility.
- Important! Verify that Tomcat and JZOS are properly installed and operational before enabling for java security.
- Read and follow the instructions for configuring Tomcat to run under a security manager here: Tomcat 4.1, or Tomcat 5.5 Note that sections on starting Tomcat using catalina.sh will not be used, as this is done via the Tomcat JCL.
- Now that JZOS is part of the IBM SDK, no special grants need to be made on behalf of the
JZOS code itself. The following changes are all that is required to activate the security manager:
In the JCL that starts Tomcat under JZOS, include the following additions to the IBM_JAVA_OPTIONS configuration:
...
IJO="$IJO -Djava.security.policy=${CATALINA_BASE}/conf/catalina.policy"
IJO="$IJO -Djava.security.manager"
...
export IBM_JAVA_OPTIONS="$IJO "