10 February 2014

Start Java DB: access denied ("java.net.SocketPermission" "localhost:1527" "listen,resolve")

Since Java 7u51 default network permissions have been restricted, hence Java can not connect to local network sockets by default.
To solve add to $JAVA_HOME/jre/lib/security/java.policy

grant codeBase "file:${java.home}}/../db/lib/*" {
   permission java
.net.SocketPermission "localhost:1527", "listen,resolve";
};
If Java DB (Apache Derby) is installed at another localtion, change the file:/... path accordingly.

Adding the permission line to the global permission section would allow access for all java applications
grant {
 // EXISTING line        // allows anyone to listen on un-privileged ports
 permission java.net.SocketPermission "localhost:0", "listen";
        // new line added
        permission java.net.SocketPermission "localhost:1527", "listen,resolve";
};
 You can specify port ranges, to allow access to all anonymous ports use
grant {
    permission java.net.SocketPermission "localhost:1024-", "listen,resolve";
};
java.net.SocketPermission JavaDoc