Files to Administer by Hand
There are two security-related files in the Java platform that must be modified by hand (rather than by a tool). We’ve talked about these files throughout the book, but for reference, we’ll discuss the files and the information they hold.
The java.security File
The java.security
file must be in the
$JAVAHOME/lib/security directory. This file is
consulted for the following information:
- A list of security providers
You may have any number of entries in this file that specify a security provider that should be installed into the virtual machine. By default, there is one security provider specified by this entry:
security.provider.1=sun.security.provider.SunYou may specify additional security providers by listing their full class name in this file. Make sure that all security providers are numbered consecutively starting with 1; additional providers can be added before the Sun provider as long as the number assigned to the Sun provider is adjusted accordingly (or the Sun provider could be removed altogether). Remember that this list of providers is consulted when the virtual machine first starts, but that programs with sufficient permissions may add and delete providers from this list.
- A KeyStore type
You must have and entry in this file that lists the default type of keystore that an application should use. By default, that type is listed as:
keystore.type=jksIf you change the type listed in this entry, the new type will be used whenever anyone requests the ...
Get Java Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
