By default, vRealize Orchestrator restricts JavaScript access to a limited set of Java classes. If you require JavaScript access to a wider range of Java classes, you must set an vRealize Orchestrator system property.

Allowing the JavaScript engine full access to the Java virtual machine (JVM) presents potential security issues. Malformed or malicious scripts might have access to all the system components to which the user who runs the vRealize Orchestrator server has access. Therefore, by default the vRealize Orchestrator JavaScript engine can access only the classes in the java.util.* package.

If you require JavaScript access to classes outside of the java.util.* package, you can list in a configuration file the Java packages to which to allow JavaScript access. You then set the com.vmware.scripting.rhino-class-shutter-file system property to point to this file.

Procedure

  1. Create a text configuration file to store the list of Java packages to which to allow JavaScript access.
    For example, to allow JavaScript access to all the classes in the java.net package and to the java.lang.Object class, you add the following content to the file.
    java.net.*
    java.lang.Object
  2. Enter a name for the configuration file.
  3. Save the configuration file in a subdirectory of /data/vco/usr/lib/vco.
    Note: The configuration file cannot be saved under another directory.
  4. Log in to Control Center as root.
  5. Click System Properties.
  6. Click New.
  7. In the Key text box, enter com.vmware.scripting.rhino-class-shutter-file.
  8. In the Value text box, enter /usr/lib/vco/your_configuration_file_subdirectory.
  9. In the Description text box, enter a description for the system property.
  10. Click Add.
  11. Click Save changes from the pop-up menu.
    A message indicates that you have saved successfully.
  12. Wait for the vRealize Orchestrator server to restart.

Results

The JavaScript engine has access to the Java classes that you specified.