THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
This example grant statement is quite a broad bludgeon. Namely it says that all Tuscany code has been granted all permissions. This seems like this is not very secure as it provides all permissions to Tuscany, however, it is still a step up from running with no security policy. In this case Tuscany is provided with privileged access, while user application are not. In practice, a user policy might want much finer-grained permissions towards the Tuscany code and allow only specific pieces of the code to have privileged access. An example tuscany.policy is attachmed attached to this article.
Notice that the URL in this example supports the substitution of system properties. You can also provide other property names such as tuscany.home or whatever property you provide to the command line. Additionally you may end the URL with '*' which includes all JARs and class files in the current location or '-' which includes all JAR and class file recursively below this location. Additional information on Java application security architecture and features is given at Java Security.
...
| Code Block |
|---|
<profile>
<id>security</id>
<modules>
<!-- <module>demos</module> -->
<module>itest</module>
<module>vtest</module>
</modules>
<activation>
<property>
<name>tuscany.policy.file</name>
</property>
</activation>
<properties>
<tuscany.policy.file><Your tuscany.policy file location></tuscany.policy.file>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.3.1</version>
<configuration>
<includes>
<include>**/*TestCase.java</include>
</includes>
<reportFormat>brief</reportFormat>
<useFile>false</useFile>
<forkMode>once</forkMode>
<!-- Place tuscany.policy in your Java home security directory. Alternatively, hardcode the file location here. -->
<argLine>-Djava.security.manager -Djava.security.policy=${tuscany.policy.file} -Dpolicy.allowSystemProperty=true -Djava.security.debug=policy</argLine>
</configuration>
</plugin>
</plugins>
</build>
</profile>
|
One gotcha in this environment is that the security profile adds a bit more memory requirements for the test run. You may need to increase the Java heap max size -Xmx1024m or increase the Maven MAVEN_OPTS=-XX:MaxPermSize=512m if you see memory related errors when you run in this environment.
Enabling Java 2 Security in Eclipse
...
When Tuscany is run by an application server (whether it be WebSphere, Geronimo, or other), the policy of the application server will form the starting point for Tuscany's security policy. This section gives an overview to the Java 2 security policies of several popular application servers.
WebSphere Application Server
There are several different ways to run Tuscany applications on IBM WebSphere Application Server. In either case you may run your Tuscany application as a Java application or a Java Extended Edition applicaiton, depending on which container features you need. Obviously if you use web application features you should run in a web server container. If you are using servlet or persistence features you should run in an applicaiton server container. You may run your Tuscany application and include any Tuscany runtime prerequisite JARs in the package. Another way is to run your Tuscany application without internal runtime prereqs and use IBM's Service Oriented Architecture Feature Pack (SOA FeP) to provide an SCA runtime. In any case running your application with security enabled will be the same.
WAS provides security policy information in a number of places. First there are three locations that provide static security plicy info that may be changed by a system administrator when installing or configuring a server:
- app_server_root/java/jre/lib/security/java.policy
- app_server_root/properties/server.policy
- profile_root/config/cells/cell_name/nodes/node_name/app.policy
The first of these files will permanently change security policy by all users of the system JVM. The second of these files will change the security policy for all servers in this installation. The third file app.policy includes policy that applies to all enterprise applications on the node to which the app.policy file belongs. All of these policy files are static and used for general system-wide infrastructure. It is suggested that you use these files with care.
For instance, let's say wish to allow all enterprise applications to read system properties. This would be the entry to add to app.policy.
| Code Block |
|---|
grant codeBase "file:${application}" {
permission java.utilPropertyPermission "${was.install.root}${/}profiles${/}AppSrv01${/}installedAssets${/}vtestService.jar${/}1.0${/}vtestService.jar", "read";
};
|
A final location is to provide Java 2 Security in the was.policy file of the JAR, WAR, or EAR file that you are deploying. This location provides the fine-grained application-level security control, but the permission needs to be granted in each was.policy file for each application deployed on WAS. Additional details on WebSphere security are provided at the
WAS Info Center.
Apache Geronimo
Running on Apache Geronimo has similar considerations to running on other application servers. A user may choose to run the SCA application as a standalone SCA application with no container requirements, a web application with dependencies on a web server container, or a full blown JEE application with a need for servlets, JSPs, and other application server requirements.
There is a Geronimo plugin that will help with deploying and running a Tuscany application. Additional details are provided in a
Tuscany Geronimo Integration article.
Conclusion
This article provides a number of tips when running Java 2 Security with Tuscany in different environments. Feel free to contact the author or add your own environment tips to this articles. Comments and corrections are appreciated.