Skip to content

Commit e204865

Browse files
eyalkoreneyalkoren
authored
[docs] Update docs with support for SecurityManager (#2908)
1 parent 150aac8 commit e204865

File tree

2 files changed

+22
-3
lines changed

2 files changed

+22
-3
lines changed

docs/setup.asciidoc

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,28 @@ If {apm-guide-ref}/agent-tls.html[SSL/TLS communication] is enabled on the APM S
3636

3737
Learn how to set up AWS Lambda functions tracing in our <<aws-lambda, Lambda setup guide>>.
3838

39+
[float]
40+
[[security-manager]]
41+
=== Using with Security Manager enabled
42+
43+
The agent should work as expected on JVMs with an enabled `SecurityManager`, provided that it is granted with `java.security.AllPermission`.
44+
Make sure that the following snippet is added to an effective* policy (replace with the real path** to the agent jar):
45+
```
46+
grant codeBase "file:</path/to/elastic-apm-agent.jar>" {
47+
permission java.security.AllPermission;
48+
};
49+
```
50+
If you see a `java.lang.SecurityException` exception (for example a - `java.security.AccessControlException`) after verifying the above
51+
`grant` snippet is effectively applied, open an issue in our https://github.com/elastic/apm-agent-java[GitHub repo] with a description
52+
and the full stack trace.
53+
54+
{empty}* it is possible to have multiple policy files taking effect at the same time on a single JVM. The policy entry above can be added
55+
to an existing policy or can be appended through the `java.security.policy` system property. See
56+
https://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html[documentation] for more details.
57+
58+
{empty}** you can make use of the https://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html#PropertyExp[property
59+
expansion] capability for specifying the agent jar path.
60+
3961
[float]
4062
[[supported-technologies]]
4163
=== Supported technologies

docs/supported-technologies.asciidoc

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -736,6 +736,3 @@ If you are seeing gaps in the span timeline and want to include additional metho
736736
[[supported-technologies-caveats]]
737737
=== Caveats
738738
* Other JVM languages, like Scala, Kotlin and Groovy have not been tested yet.
739-
* The agent does currently not support running on JVMs with an enabled `SecurityManager`.
740-
You may see exceptions like this: `java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getProtectionDomain")`.
741-
Try to grant `java.security.AllPermission` to the agent.

0 commit comments

Comments
 (0)