Enabling and Disabling the Java Security Manager
A Java security manager is available for a node, but is disabled by default. You can enable and disable the security manager by editing the node's .tra file.
A Java security manager prevents code from calling System.exit. When a security manager is enabled, the node process by accidentally or by calling System.exit. However, a security manager may lead to a performance degradation if code is written to perform most system API calls in a privileged block according to Java best practices for security. Therefore, although a security manager is available for a node, by default the security manager is disabled. You can set a node configuration property to enable the security manager in scenarios where the safety measure is more important than the performance or for diagnostic purposes.
Enabling
- Add the property
amx.securitymanager.enabled=true
to the.tra
file of the node. - Restart the node.
Disabling
- Reset the value of the
amx.securitymanager.enabled
property tofalse
in the.tra
file of the node. - Restart the node.
The
.tra
file of the node is located in the folder CONFIG_HOME/tibcohost/Admin-enterpriseName-adminServerName/data_3.2.x/nodes/nodeName/bin.