Hitachi

uCosminexus Application Server Security Management Guide

5.20 Java VM property setup

When the integrated user management is used, it is necessary to set the Java VM properties when Java VM starts. The Easy Setup definition file or the management portal should be used for this purpose. This section describes how to set the properties in the Easy Setup definition file when the SmartComposer function is used to establish the Web system.

Enter the Java VM properties within the <configuration> tag of the logical J2EE server (j2ee-server) in the Easy Setup definition file.

The following table lists the Java VM properties.

Table 5‒16: Java VM properties in the easy setup definition file

Parameter

Setting

jaas.ua.enabled

Enables the Java VM JAAS.

java.security.auth.login.config

Specifies the jaas.conf file path.

com.cosminexus.admin.auth.config

Specifies the ua.conf file path.

com.cosminexus.admin.auth.passwordScramble.enable

Enables or disables the function to encrypt passwords scrambled by the uachpw command; for details, see 5.19.2(3) Changing and scrambling passwords.

jaas.config.load_exclusively

Specifies whether to ignore login configurations other than jaas.conf specified by the java.security.auth.login.config parameter.

For details about the Easy Setup definition file, see 4.3 Easy Setup definition file in the uCosminexus Application Server Definition Reference Guide.

The following is an example of Java VM properties.

In the example, password scrambling is enabled and login configurations other than jaas.conf are ignored.

Example of the Easy Setup definition file
:
<configuration>
  <logical-server-type>j2ee-server</logical-server-type>
    <param>
      <param-name>jaas.ua.enabled</param-name>
      <param-value>true</param-value>
    </param>
    <param>
      <param-name>java.security.auth.login.config</param-name>
      <param-value><Cosminexus installation directory>/manager/config/jaas.conf</param-value>
    </param>
    <param>
      <param-name>com.cosminexus.admin.auth.config</param-name>
      <param-value><Cosminexus installation directory>/manager/config/ua.conf</param-value>
    </param>
    <param>
      <param-name>com.cosminexus.admin.auth.passwordScramble.enable</param-name>
      <param-value>true</param-value>
    </param>
    <param>
      <param-name>jaas.config.load_exclusively</param-name>
      <param-value>true</param-value>
    </param>
:
</configuration>
Reference note

To change the access permission so that the Web application can carry out operations on the LoginContext class, change the server.policy settings.

For details about server.policy, see 2.2.4 server.policy (Security policy file for J2EE servers) in the uCosminexus Application Server Definition Reference Guide.

To Page Top

Trademarks

All Rights Reserved. Copyright (C) 2022, Hitachi, Ltd.