-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #13334 from newrelic/Java-2-security---re-add-back…
…-to-site fix(java 2 security): re-add doc
- Loading branch information
Showing
2 changed files
with
59 additions
and
0 deletions.
There are no files selected for viewing
57 changes: 57 additions & 0 deletions
57
...gents/java-agent/additional-installation/install-java-agent-java-2-security.mdx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
--- | ||
title: Java 2 security installation for WebLogic and WebSphere | ||
tags: | ||
- Agents | ||
- Java agent | ||
- Additional installation | ||
metaDescription: 'For WebLogic and WebSphere users with Java 2 Security or Administrative Security: Additional install steps for the New Relic Java agent.' | ||
redirects: | ||
- /docs/agents/java-agent/installation/install-java-agent-java-2-security | ||
- /docs/apm/agents/java-agent/installation/install-java-agent-java-2-security | ||
--- | ||
|
||
If you're a WebLogic or WebSphere user and use the Java 2 security model, our Java agent requires configuration in addition to the [Java agent installation](/install/java). | ||
|
||
## WebLogic: Java 2 Security [#weblogic-java-2] | ||
|
||
If you're using Java 2 security, add the following entry to `weblogic.policy` to complete installation: | ||
|
||
``` | ||
grant codeBase "file:YOUR_FULL_PATH_TO_FILE/newrelic/-" { | ||
permission java.security.AllPermission; | ||
}; | ||
``` | ||
|
||
Specify the directory containing `newrelic.jar` in `/full/path/to/newrelic`. The default policy file location is `weblogic_root/server/lib/weblogic.policy`. | ||
|
||
## WebSphere: Java 2 Security or Administrative Security [#websphere-java-2] | ||
|
||
If you are using Java 2 Security or WebSphere Admin Security, you must grant all jars inside the New Relic install folder the proper permissions. | ||
|
||
To enable New Relic for all app servers, edit the `java.policy` file: | ||
|
||
1. Open your `java.policy` file, located inside your WebSphere install directory at: | ||
|
||
``` | ||
YOUR_WEBSPHERE_INSTALL_DIRECTORY/java/jre/lib/security/java.policy | ||
``` | ||
2. Append the following text to your policy file, customizing the `file:` path to point to the folder containing `newrelic.jar`. Ensure you preserve the dash `-` at the end of the path, which grants all jars in the target folder the necessary permissions. | ||
|
||
``` | ||
grant codeBase "file:/YOUR_FULL_PATH_TO_NEW_RELIC_FOLDER/-" { | ||
permission java.security.AllPermission; | ||
permission java.net.NetPermission "specifyStreamHandler"; | ||
permission java.net.SocketPermission "*.newrelic.com", "connect,accept,resolve"; | ||
}; | ||
``` | ||
|
||
<Callout variant="important"> | ||
The `codeBase` value must use slashes, not backslashes, as the directory separator, even on Windows systems. | ||
</Callout> | ||
3. Restart your application server. | ||
|
||
<Callout variant="tip"> | ||
For each app, Java security permissions are determined by the union of `java.policy` and `server.policy`. Do not put the same permission settings in multiple files. | ||
</Callout> | ||
|
||
For more on policy file syntax, see [Default policy implementation and policy file syntax](http://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters