Hi all,
I am looking for a way to deploy applications and set their
app-specific security policy.
At the moment I have to do it like this:
asadmin deploy myapp.war
asadmin disable myapp
[here I overwrite generated/policy/appname/modulename/granted.policy]
asadmin enable myapp
While it works, it feels a bit hacky & dirty.
I tried deploying with --enabled=false (thus skipping the disable
step) but in that case enabling it will overwrite my policy file
again.
Is there a way to use the AdminGui 'restart application' functionality
from asadmin?
If I change a granted.policy file and click the restart link in the
admin gui afterwards, this will affectuate my policy.
Or a way to somehow set the policy on deployment? (like asadmin deploy
--policyfile=my.policy)
Or a way to include it in the .war file?
I know it's also possible to put policies into server.policy and use
'grant codeBase' to give policies to the app-specific code,
but I couldn't find a way to enable those without restarting the
domain (which would mean all apps on all virtual servers would suffer
a few seconds downtime which is unacceptable).
Does anyone know of a better way to do this?
Thanks,
Mathijs