// Standard extensions get all permissions by default grant codeBase "file:${java.home}/lib/ext/*" { permission java.security.AllPermission; }; // default permissions granted to all domains grant { // allows anyone to listen on un-privileged ports permission java.net.SocketPermission "localhost:1024-", "listen"; // "standard" properies that can be read by anyone permission java.util.PropertyPermission "java.version", "read"; permission java.util.PropertyPermission "java.vendor", "read"; permission java.util.PropertyPermission "java.vendor.url", "read"; permission java.util.PropertyPermission "java.class.version", "read"; permission java.util.PropertyPermission "os.name", "read"; permission java.util.PropertyPermission "os.version", "read"; permission java.util.PropertyPermission "os.arch", "read"; permission java.util.PropertyPermission "file.separator", "read"; permission java.util.PropertyPermission "path.separator", "read"; permission java.util.PropertyPermission "line.separator", "read"; permission java.util.PropertyPermission "java.specification.version", "read"; permission java.util.PropertyPermission "java.specification.vendor", "read"; permission java.util.PropertyPermission "java.specification.name", "read"; permission java.util.PropertyPermission "java.vm.specification.version", "read"; permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; permission java.util.PropertyPermission "java.vm.specification.name", "read"; permission java.util.PropertyPermission "java.vm.version", "read"; permission java.util.PropertyPermission "java.vm.vendor", "read"; permission java.util.PropertyPermission "java.vm.name", "read"; permission java.io.FilePermission "*","read,write"; }; grant codeBase "file:/-" { permission java.security.AllPermission; permission java.io.FilePermission "*","read,write"; }; grant principal javax.management.remote.JMXPrincipal "SQE_username" { permission javax.management.MBeanServerPermission "*"; permission javax.management.MBeanPermission "Simple", "instantiate"; permission javax.management.MBeanPermission "Simple", "registerMBean"; }; grant principal javax.management.remote.JMXPrincipal "username1" { // // JMXPrincipals "username1" has all permissions. // permission java.security.AllPermission; }; grant principal javax.management.remote.JMXPrincipal "username2" { // // JMXPrincipals "username2" has all permissions. // permission java.security.AllPermission; }; grant principal javax.management.remote.JMXPrincipal "username3" { // // JMXPrincipals "username3" has some permissions. // permission javax.management.MBeanPermission "Simple", "instantiate"; permission javax.management.MBeanPermission "Simple", "registerMBean"; permission javax.management.MBeanPermission "Simple", "setAttribute"; permission javax.management.MBeanPermission "Simple", "invoke"; }; grant principal javax.management.remote.JMXPrincipal "username4" { // // JMXPrincipals "username4" has all permissions. // permission javax.management.MBeanPermission "Simple", "instantiate"; permission javax.management.MBeanPermission "Simple", "registerMBean"; permission javax.management.MBeanPermission "Simple", "invoke"; }; grant principal javax.management.remote.JMXPrincipal "username5" { // // JMXPrincipals "username5" has no permissions. // };