This topic provides details on compatibility, advanced configurations, and add-ons for the Oracle Cloud Infrastructure Java SDK.
Security Manager Permissions
If your application needs to run inside the Java Security Manager, you must grant additional permissions by updating a policy file, or by specifying an additional or a different policy file at runtime.
The SDK requires the following permissions:
Required by Jersey:
permission java.lang.RuntimePermission "getClassLoader"; permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; permission java.lang.RuntimePermission "accessDeclaredMembers"; permission java.util.PropertyPermission "*", "read,write"; permission java.lang.RuntimePermission "setFactory";
Required by the SDK to overwrite reserved headers:
permission java.util.PropertyPermission "sun.net.http.allowRestrictedHeaders", "write";
Required by the SDK to open socket connections:
permission java.net.SocketPermission "*", "connect";
To include another policy file, in addition to Java Runtime Environment's default policy file, launch the Java Virtual Machine with:
java -Djava.security.manager -Djava.security.policy=</path/to/other_policy>
To replace the default policy file, launch the Java Virtual Machine with:
java -Djava.security.manager -Djava.security.policy==</path/to/other_policy>
Use a single equals sign (=) when supplying an additional policy file. Use a double equals sign (==) only if you wish to replace the default policy file.
The Java Virtual Machine (JVM) caches DNS responses from lookups for a set amount of time, called time-to-live (TTL). This ensures faster response time in code that requires frequent name resolution.
The JVM uses the networkaddress.cache.ttl property to specify the caching policy for DNS name lookups. The value is an integer that represents the number of seconds to cache the successful lookup. The default value for many JVMs,
-1, indicates that the lookup should be cached forever.
Because resources in Oracle Cloud Infrastructure use DNS names that can change, we recommend that you change the the TTL value to 60 seconds. This ensures that the new IP address for the resource is returned on next DNS query. You can change this value globally or specifically for your application:
To set TTL globally for all applications using the JVM, add the following in the
To set TTL only for your application, set the following in your application's initialization code:
java.security.Security.setProperty("networkaddress.cache.ttl" , "60");
To use Java 7, you must have a version that supports TLS 1.2.
For more information, see:
Apache Connector Add-On
oci-java-sdk-addons-apache is an optional add-on to the Java SDK that allows for configuring a client connection pool and an HTTP proxy. The add-on leverages the Jersey
ApacheConnectorProvider instead of the SDK’s default
HttpUrlConnectorProvider when making service calls.
Instruction for installing and configuring the Apache Connector add-on are available on GitHub in the Apache Connector Readme.
Using SLF4J for Logging
The following is an example that enables basic logging to standard out. More advanced logging options can be configured by using the log4j binding.
- Download the SLF4J Simple binding jar: SLF4J Simple Binding
- Add the jar to your classpath (e.g., add it to the
/third-party/libdirectory of the SDK download)
- Add the following VM arg to enable debug level logging (by default, info level is used):