If you are a WebLogic or WebSphere user and use the Java 2 security model, the New Relic Java agent requires additional configuration. Complete these steps after following the usual procedures to download and install the Java agent.
WebLogic: Java 2 Security
If you are using Java 2 security, add the following entry to weblogic.policy
to complete installation:
grant codeBase "file:/full/path/to/newrelic/-" { permission java.security.AllPermission; };
Specify the directory containing newrelic.jar
in /full/path/to/newrelic
. The default policy file location is weblogic_root/server/lib/weblogic.policy
.
WebSphere: Java 2 Security or Administrative Security
If you are using Java 2 Security or WebSphere Admin Security, you must grant all jars inside the New Relic install folder the proper permissions. You can enable New Relic for all app servers by editing your java.policy
file. Or, you can enable New Relic for each app server individually by editing that server's server.policy
file:
- Enable New Relic for all app servers
-
To enable New Relic for all app servers, edit
java.policy
:-
Open your
java.policy
file, located inside your WebSphere install directory at:YOUR_WEBSPHERE_INSTALL_DIRECTORY/java/jre/lib/security/java.policy
-
Append the following text to your policy file, customizing the
file:
path to point to the folder containingnewrelic.jar
. Ensure you preserve the dash-
at the end of the path, which grants all jars in the target folder the necessary permissions.grant codeBase "file:/PATH/TO/NEWRELIC/FOLDER/-" { permission java.security.AllPermission; permission java.net.NetPermission "specifyStreamHandler"; permission java.net.SocketPermission "*.newrelic.com", "connect,accept,resolve"; };
The
codeBase
value must use slashes, not backslashes, as the directory separator, even on Windows systems. - Restart your application server.
-
- Enable New Relic for individual app servers
-
To enable New Relic for a single app server, edit that server's
server.policy
:-
Open your
server.policy
file, located inside your WebSphere install directory at:YOUR_WEBSPHERE_INSTALL_DIRECTORY/profiles/YOUR_APP_SERVER_NAME/properties/server.policy
-
Append the following text to your policy file, customizing the
file:
path to point to the folder containingnewrelic.jar
. Ensure you preserve the dash-
at the end of the path, which grants all jars in the target folder the necessary permissions.grant codeBase "file:/PATH/TO/NEWRELIC/FOLDER/-" { permission java.security.AllPermission; permission java.net.NetPermission "specifyStreamHandler"; permission java.net.SocketPermission "*.newrelic.com", "connect,accept,resolve"; };
The
codeBase
value must use slashes, not backslashes, as the directory separator, even on Windows systems. - Restart your application server.
-
For each app, Java security permissions are determined by the union of java.policy
and server.policy
. Do not put the same permission settings in multiple files.
For more on policy file syntax, see Default Policy Implementation and Policy File Syntax.