MyITGuy/ruleset_example.xml

## ruleset_example.xml
<!-- Example Deployment Rule Set that allow a desktop administrator to control end-user's execution of browser applets.
See http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/deployment_rules.html -->
<ruleset version="1.0+">
	<rule>
		<id location="http://payroll.example.org" />
		<action permission="run" />
	</rule>
	<rule>
		<id location="http://knownvendor.example.com/program" />
		<!-- For example if an application is known not to work on Java 1.7 -->
		<action permission="run" version="SECURE-1.6" />
	</rule>
	<rule>
		<id location="http://localhost" />
		<action permission="run" />
	</rule>
	<rule>
		<id>
			<!-- Oracle's public certificate hash. Having this will allow things like the Java.com secure version check applet. -->
			<certificate algorithm="SHA-256" hash="794F53C746E2AA77D84B843BE942CAB4309F258FD946D62A6C4CCEAB8E1DB2C6" />
		</id>
		<action permission="run" />
	</rule>
	<rule>
		<id location="http://*.example.com">
			<certificate algorithm="SHA-256" hash="..." />
		</id>
		<action permission="default" version="SECURE" />
	</rule>
	<rule>
		<!-- Because this id is both blank and shown last, it will be the default policy. -->
		<id />
		<action permission="block">
			<message>Blocked by corporate. Contact myemail@mycompany.com if you need to run this app.</message>
			<message locale="fr">Bloqué par l'entreprise. Contacter myemail@mycompany.com si vous avez besoin d'exécuter cette application.</message>
		</action>
	</rule>
</ruleset>
	<!-- Example Deployment Rule Set that allow a desktop administrator to control end-user's execution of browser applets.
	See http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/deployment_rules.html -->
	<ruleset version="1.0+">
	<rule>
	<id location="http://payroll.example.org" />
	<action permission="run" />
	</rule>
	<rule>
	<id location="http://knownvendor.example.com/program" />
	<!-- For example if an application is known not to work on Java 1.7 -->
	<action permission="run" version="SECURE-1.6" />
	</rule>
	<rule>
	<id location="http://localhost" />
	<action permission="run" />
	</rule>
	<rule>
	<id>
	<!-- Oracle's public certificate hash. Having this will allow things like the Java.com secure version check applet. -->
	<certificate algorithm="SHA-256" hash="794F53C746E2AA77D84B843BE942CAB4309F258FD946D62A6C4CCEAB8E1DB2C6" />
	</id>
	<action permission="run" />
	</rule>
	<rule>
	<id location="http://*.example.com">
	<certificate algorithm="SHA-256" hash="..." />
	</id>
	<action permission="default" version="SECURE" />
	</rule>
	<rule>
	<!-- Because this id is both blank and shown last, it will be the default policy. -->
	<id />
	<action permission="block">
	<message>Blocked by corporate. Contact myemail@mycompany.com if you need to run this app.</message>
	<message locale="fr">Bloqué par l'entreprise. Contacter myemail@mycompany.com si vous avez besoin d'exécuter cette application.</message>
	</action>
	</rule>
	</ruleset>