Hi, On Wed, Apr 22, 2009 at 12:40 PM, Torgeir Veimo <torg...@pobox.com> wrote: > The servlet container usually have default security policies defined, which > can easily be changed. Eg for tomcat, look at conf/catalina.policy.
What would such a policy file look like, i.e. what codeBase should be used and what permissions granted? Also, I'm not sure how easy it would be to apply the Java security policies to things like ESP scripts. BR, Jukka Zitting