I have got the following in the java.policy file on the server:

 

grant codeBase "file:${java.home}/lib/ext/*" {
permission java.security.AllPermission;
};

 

Should this not be sufficient? If not, can you suggest something more restrictive than your original solution, which appears to work. Thank you

 

 

The way you described it was enough. I no longer got the exception. However, I was somewhat uneasy about security implication.

 

After carefully reading the error:

          04/12/2011 12:58:26 AM HTTP JVM: java.security.AccessControlException: Access denied (java.util.PropertyPermission hsqldb.reconfig_logging write)

I then figured out another solution which I hope, being no java security expert, is more secure. 

 

I added the following line to the java policy file:

 

grant { 

  permission java.util.PropertyPermission "hsqldb.reconfig_logging", "write";

}; 

 

This seems to work OK. 

 

The conclusion is as follows: Running an agent with unrestricted access does not require this line. Running a JAR file from WEB-INF/lib folder  requires the line. Is there a way to mark a JAR file in the WEB-INF/lib folder as having unrestricted access in a similar way as notes agent?