Integration

Hi All,
I am banging my head on this issue since 3 days and have search the entire net but couldn't come up with a solution. ultimately it seems to be a security setting issue with OAS. here is my problem.

I use the HttpURLConnection class in java and read the contents of a URL and write it back as a file. the URL from where I am reading needs authorization (prompts for username/password). in java there is a very simple way to authorize a user, http://www.javaworld.com/javaworld/javatips/jw-javatip46.html

ok, so far so good, I am able to run this successfully from the embedded oc4j in my JDeveloper.
but when i deploy my application to the standalone OAS, i get an unauthorized 401 http response when i try to read the input stream(IOException).
i believe the application server has tight security and doesnt allow this kind of net permissions. (don't know why embedded oc4j allows though!).

i see only questions without solutions on the forums :(. i hope to get an answer from the experts here. one guy has the same problem and was able to fix it by modifying the server.policy file this way,

Replace the following line:
permission java.util.PropertyPermission "", "read"; with*
*permission java.util.PropertyPermission "*", "read,write";*

*And then within the same grant clause as the above add the following line:*

*permission java.net.NetPermission "setDefaultAuthenticator"*

i dont know what Application server he was using as i don't see any server.policy file for OAS. also i am a bit reluctant to modify these without a solid proof that this IS the solution.

pleeeese help!
Thanks,