Disabling the GlassFish Server security manager may improve performance for some types of applications. The Java platform authorization and authentication features will still work even if the security manager has been disabled. You may disable the security manager in a development environment; however, do not disable it in a production environment.
In the navigation tree, select the Configuration node.
Under the Configuration node, select the JVM Settings node.
The JVM General Settings page opens.
On the JVM General Settings page, click the JVM Options tab.
The JVM Options page opens.
Select the checkbox to the left of the Value field containing the -Djava.security.policy
option.
Click Delete.
Click Save.
Restart the server.