WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled.


Java 2 security provides a policy-based fine grained access control mechanism that increases overall system integrity by checking for permissions before allowing access to certain protected system resources. Java 2 Security is independent on J2EE role-based authorization. Java 2 Security guards access to system resources such as file input and output, sockets, and properties, whereas J2EE security guards access to Web resources such as servlets and JSP files. Administrators should understand the possible consequences of enabling Java 2 Security if applications are not prepared for Java 2 Security. Java 2 Security places some new requirements on application developers and administrators. Admins need to make sure that all the applications are granted the required permissions; otherwise, applications may fail to run. By default, applications are granted the permissions recommended in the J2EE 1.3 Specification. For details of default permissions granted to applications in WebSphere, please refer to the following policy files:

where instance is the name of your instance, cell is the name of your cell, and node is the name of your node.


From the admin console, select Security >> Global Security >> Java 2 Security.

Select the 'Use Java 2 security to restrict application access to local resources' check box.

Ensure the application security policies are defined and access permissions are granted accordingly.

Policies are created and access is granted on an application by application basis. Application access to the underlying host is based upon application access requirements.

See Also


Item Details


References: 800-53|AC-3, CAT|I, CCI|CCI-000213, Rule-ID|SV-95937r1_rule, STIG-ID|WBSP-AS-000211, Vuln-ID|V-81223

Plugin: Unix

Control ID: d76db8123a650937941b140cce204b6a4387c915e7c431a203a1a4187fd97f3e