Enabling and Disabling the Java Security Manager

A Java security manager is available for a node, but is disabled by default. You can enable and disable the security manager by editing the node's .tra file.

A Java security manager prevents code from calling System.exit. When a security manager is enabled, the node process by accidentally or by calling System.exit. However, a security manager may lead to a performance degradation if code is written to perform most system API calls in a privileged block according to Java best practices for security. Therefore, although a security manager is available for a node, by default the security manager is disabled. You can set a node configuration property to enable the security manager in scenarios where the safety measure is more important than the performance or for diagnostic purposes.

Procedure

Enabling

  • Add the property amx.securitymanager.enabled=true to the .tra file of the node.
  • Restart the node.

Disabling

  • Reset the value of the amx.securitymanager.enabled property to false in the .tra file of the node.
  • Restart the node.
    The .tra file of the node is located in the folder CONFIG_HOME/tibcohost/Admin-enterpriseName-adminServerName/data_3.2.x/nodes/nodeName/bin.