> does this answer your question?
no :)
because I was looking for a chance to have a policy specific for a
project... like: if 1 web-application needs Reflection permission,
today I need to edit the server.policy (ot other file configured as
you suggested)..
but if I upgrade the Glassfish, goodbye configuration..
so, much better if I can deploy the policy together with the application........
* I know, it may opens a security breach.. but perhaps there is a way
to do that..............