We have an application that has been developed using Oracle ADF and, over the last 10 years, was deployed successfully for several hundreds of clients on JBoss 4, JBoss 6 and JBoss 7 using Java security manager and policy files. The actual version of JBoss 7 is 7.1.1 Final and uses JDK 1.6.0_38.
We have migrated the ADF libraries to a more recent version and we were obliged to switch to Java7 (we took the last public release, namely 1.7.0_80). When I try to “migrate” the policy file I am confronted to the following problem:
in the policy file with whatever characters at the end (/, /* or /-) does not help since it seems that they are not considered when checking the access rights
But this is unacceptable since actually the policy file is very fine grained.
In the article “JBoss AS7: Security : Running under a Java Security Manager” (https://developer.jboss.org/wiki/JBossAS7SecurityRunningUnderAJavaSecurityManager) I found the beginning of a discussion on the same problem (but no solution).
Does someone know if the problem is specific to Java7 and what can be done in this case?
Thank you for your help