The OPSS Policy Model 20-9 resource nameMyResourcename display-nameMyResource display namedisplay-name descriptionMyResource descriptiondescription type-name-refMyResourceTypetype-name-ref resource resources permission-sets permission-set nameMyEntitlementname display-nameMyEntitlement display namedisplay-name descriptionMyEntitlement descriptiondescription member-resources member-resource type-name-refMyResourceTypetype-name-ref resource-nameMyResourceresource-name actionswriteactions member-resource member-resources permission-set permission-sets jazn-policy grant grantee principals principal class oracle.security.jps.service.policystore.ApplicationRoleclass nameAppRolename guidF5494E409CFB11DEBFEBC11296284F58guid principal principals grantee -- entitlement-based permissions -- permission-set-refs permission-set-ref nameMyEntitlementname permission-set-ref permission-set-refs grant jazn-policy application applications policy-store jazn-policyjazn-policy jazn-data web.xml The filter JpsFilter is configured as follows: web-app display-namePolicyTest: PolicyServletdisplay-name filter filter-nameJpsFilterfilter-name filter-classoracle.security.jps.ee.http.JpsFilterfilter-class init-param param-nameapplication.nameparam-name 20-10 Oracle Fusion Middleware Application Security Guide param-valuePolicyServletparam-value init-param filter filter-mapping filter-nameJpsFilterfilter-name servlet-namePolicyServletservlet-name dispatcherREQUESTdispatcher filter-mapping... Code Example In the following example, Subject.doAsPrivileged may be replaced by JpsSubject.doAsPrivileged: import javax.security.auth.Subject; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; import java.io.StringWriter; import java.security.; import java.util.Date; import java.util.PropertyPermission; import java.io.FilePermission; public class PolicyServlet extends HttpServlet { public PolicyServlet { super; } public void initServletConfig config throws ServletException { super.initconfig; } public void doGetHttpServletRequest request, HttpServletResponse response throws ServletException, IOException { final ServletOutputStream out = response.getOutputStream; response.setContentTypetexthtml; out.printlnHTMLBODY bgcolor=\FFFFFF\; out.printlnTime stamp: + new Date.toString; out.println brrequest.getRemoteUser = + request.getRemoteUser + br; out.printlnrequest.isUserInRolesr_developer = + request.isUserInRolesr_developer + br; out.printlnrequest.getUserPrincipal = + request.getUserPrincipal + br; Subject s = null; s = Subject.getSubjectAccessController.getContext; out.printlnSubject in servlet + s; out.printlnbr; final RuntimePermission rtPerm = new RuntimePermissiongetClassLoader; try {