jGuard install on j2ee

  1. required librairies
  2. AccessFilter and web.xml
  3. integrate jGuard in your jsp
  4. integrate jGuard in your servlets

Login Modules

Authorization Managers

Advanced jGuard

jGuard install on jvm

  1. java.home
  2. libraries and bootclasspath
  3. java.security
  4. jGuard.loginScheme
  5. jGuard.policy







Libraries and bootclasspath

  1. required librairies

    You should place the required libraries (dom4j-1.5.1.jar,jGuard_jvm_x.xx.jar,your_jdbc_driver.jar), under the ${java.home}/lib directory.

  2. append your bootclasspath

    jGuard requires to run, that you append at the end of the java bootclasspath, the required libraries. It can be done with these arguments: 
    -Xbootclasspath/a:path_to_the_first_jar;path_to_the_second_jar....

    Note this option is non standard (and theorically can disappear in future java versions); but it is implemented in all the notorious JVM implementations.
    Therefore, the risk seems limited this option disappeared, for backward compatibility vendor reasons.
    To append the bootclasspath, there is some specific way for each application server. You should consult the related documentation of your application server.
    On the TOMCAT application server, according to the tomcat FAQ, you should do this:
    Set JAVA_OPTS BEFORE calling startup.bat or before calling catalina.bat. (or you can edit those files, but it isn't advised) Example (windows): 
    SET JAVA_OPTS='-Xbootclasspath/a:C:/java/j2sdk1.4.2_04/jre/lib/jGuard_jvm_0.64.jar;
C:/java/j2sdk1.4.2_04/jre/lib/pg73jdbc3.jar;C:/java/j2sdk1.4.2_04/jre/lib/dom4j-1.5.jar;'
    Example (UNIX): 
    export JAVA_OPTS='-Xbootclasspath/a:/java.home.location/lib/jGuard_jvm_x.xx.jar;
/java.home.location/lib/dom4j-1.5.jar;/java.home.location/lib/your_jdbc_driver.jar'
    => jdbc driver is only required if you use a database related loginModule or a database related PermissionManager.
    TIPS: under windows xp (or others NT platforms), i've set JAVA_OPTS with system settings/variables: on your explorer, right-click on the workstation icon > properties > advanced >environment settings : add a system variable called 'JAVA_OPTS' with the required value: 
    "-Xbootclasspath/a:C:/java/j2sdk1.4.2_04/jre/lib/jGuard_jvm_0.64.jar;
C:/java/j2sdk1.4.2_04/jre/lib/pg73jdbc3.jar;C:/java/j2sdk1.4.2_04/jre/lib/dom4j-1.5.1.jar;"
    Note this setting only run with the tomcat application server (tested on tomcat 4.1.24), with a Postgresql database (the postgresql driver is present in the JAVA_OPTS variable). Each application server has got its specific configuration to append the bootclasspath.

    On the JRUN 4 application server, the default JVM configuration file jvm.config is located under the jrun_root/bin/ directory. So, in this file, edit the java.args property and add the following code: 
    java.args=-Xbootclasspath/a:C:/java/j2sdk1.4.2_04/jre/lib/jGuard_jvm_0.64.jar;
C:/java/j2sdk1.4.2_04/jre/lib/pg73jdbc3.jar;C:/java/j2sdk1.4.2_04/jre/lib/dom4j-1.5.1/jar;

    On the Websphere 5 application server, you can append the bootclasspath with the websphere admin console. You can reach the relating screen by clicking on Servers > application servers > server_name > process definition > JVM > configuration tab.