IBM Java: How to customize "java.policy" and avoid changes being overwritten
What is the recommended method to implement changes to the defaults configured in ...\domino\jvm\lib\security\java.policy and avoid changes being overwritten?
Normal security for the JVM is controlled from the java.policy file for Notes and Domino. It can be necessary to customize the default rules in order to allow and run Java code in Domino applications.
The problem is that the java.policy will be replaced by any JVM update. Moreover, the new Notes and Domino JVM installer will abort if it detects a modified version of this file.
The IBM JVM provides the following option, which is configured in ...\domino\jvm\lib\security\java.security:
# The default is to have a single system-wide policy file,
# and a policy file in the user's home directory.
The second policy.url line is an IBM extension, which allows you to add a file ...\domino\jvm\lib\security\java.pol. It has the same syntax as java.policy, but will not be removed or overwritten when JVM updates are installed.
The same is true for the third policy.url, which comes from Oracle by default. This points to the home directory for the account used to launch Domino. For example: ..\Windows\System32\config\systemprofile\.java.policy, when Domino is starting as a service, configured with system credentials.
More support for:
Software version: 8.5.3, 9.0
Operating system(s): Linux, Windows
Software edition: All Editions
Reference #: 1679242
Modified date: 17 August 2016