The Java Security Manager

You have the option of using the Java Security Manager to provide extra security for resources running in a JVM. You won't normally need to use the Java Security Manager, but it is useful when you're running untrusted classes or when untrusted third parties are using the server. The Java Security Manager uses a Java security policy file that lets you restrict the run-time behavior of the JVM by allowing or disallowing key run-time operations by setting permissions on classes. The Java security file lets you set default security polices for servlets, EJBs, and Java EE Connector resource adapters based on the type of application. You can also set security polices for specific servlets, EJBs, and resource adapters by adding ...