You are here: Platform Specific Issues > Security Requirements On Java Platform

Security Requirements

Java Security Manager can be used to specify Java application security permissions. It is usually provided by web-browsers and web-servers for applet and servlet execution, however any Java application can make use of a security manager. For example, to use the default security manager you will only need to pass -Djava.security.manager option to JVM command line. Custom security managers can be created and utilized as well (please refer to Java documentation for more information).

If you are going to use db4o in a Tomcat servlet container you will need to grant some additional permissions in {CATALINA_HOME}/conf/catalina.policy file:

// The permissions granted to the context 
WEB-INF/classes directory 
grant codeBase "file:${catalina.home}/webapps/{your_db4o_application}/WEB-INF/classes/-" 
{ 
	permission java.util.PropertyPermission "user.home", "read"; 
	permission java.util.PropertyPermission "java.fullversion", "read";    
	permission java.io.FilePermission "path_to_db4o_database_folder", "read";    
	permission java.io.FilePermission "path_to_db4o_database_file", "read, write"; 
}; 
// The permissions granted to the context WEB-INF/lib directory, containing db4o jar 
grant codeBase "file:${catalina.home}/webapps/{your_db4o_application}/WEB-INF/lib/-" 
{    
	permission java.io.FilePermission "path_to_db4o_database_file", "read, write"; 
};
			

An example catalina.policy file can be downloaded here.

In order to avoid db4o DatabaseFileLocked exception you will also need to add some configuration before opening the object container:

Configuration config = Db4o.newConfiguration();

config.lockDatabaseFile(false);

ObjectContainer container = Db4o.openFile(config, dbfile.getPath());

Having done that, you can package and deploy your application. To enable the security configuration start Tomcat with the following command:

{CATALINA_HOME}/bin/catalina start -security