I found a way to read my policy file from within the JAR (class.getResource)and managed to get a simple example going. But when I JAR my real application I get access denied, and my policy seems not to be picked up and used?
C:\John\server>runserver
C:\John\server>set JAVA_HOME=C:\APPL\jbuilder5\jdk1.3
C:\John\server>set PROJECT_HOME=c:\john\server
C:\John\server>set CLASSPATH=c:\john\server\RMISSL.jar;c:\john\server\classes12.
zip;
C:\John\server>set PATH=C:\APPL\jbuilder5\jdk1.3\bin;C:\APPL\jbuilder5\jdk1.3\jr
e
C:\John\server>
java -classpath c:\john\server\RMISSL.jar;c:\john\server\classes1
2.zip; -Djava.rmi.server.codebase=file:c:/john/server/RMISSL.jar com.abnamro.wcs
.orchard.gui.security.server.RMISecureServer -policy=policy -keystore=RMISSks
/* RMI Secure Server permissions
Created by J S Coleman - Sopra Group
13/05/2002
Grant access to the file, properties and network resources required.
*/
grant {
// allow access to the servers key store
permission java.io.FilePermission "${javax.net.ssl.trustStore}", "read";
// allow properties read only
permission java.util.PropertyPermission "*", "read";
// allow any hosts on the network to access the RMI registry port
permission java.net.SocketPermission "127.0.0.1:1099", "connect, resolve";
permission java.net.SocketPermission "*:1024-", "accept, connect, listen, reso
lve";
// allow access to the DB server at port 1521 to access Oracle
permission java.net.SocketPermission "10.8.224.63:1521", "accept, connect, res
olve";
};
user.dir=C:\John\server
policy file=file:/C:/John/server/RMISSL.jar!/com/abnamro/wcs/orchard/gui/securit
y/server/policy
keystore file=file:/C:/John/server/RMISSL.jar!/com/abnamro/wcs/orchard/gui/secur
ity/server/RMISSks
call logging=true
lease period=600000
timeout period=43200000
RMISecureServer error: access denied (java.net.SocketPermission 127.0.0.1:1099 c
onnect,resolve)
java.security.AccessControlException: access denied (java.net.SocketPermission 1
27.0.0.1:1099 connect,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:272)
at java.security.AccessController.checkPermission(AccessController.java:
399)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1044)
at java.net.Socket.<init>(Socket.java:262)
at java.net.Socket.<init>(Socket.java:100)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirect
SocketFactory.java:25)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMaster
SocketFactory.java:120)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:499)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:190
)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:174)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:318)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at java.rmi.Naming.rebind(Naming.java:160)
at com.abnamro.wcs.orchard.gui.security.server.RMISecureServer.main(RMIS
ecureServer.java:233)
C:\John\server>rem java -classpath c:\john\server\RMISSL.jar;c:\john\server\clas
ses12.zip; -Djava.rmi.server.codebase=file:c:/john/server/RMISSL.jar -Djava.secu
rity.debug=access com.abnamro.wcs.orchard.gui.security.server.RMISecureServer -p
olicy=policy -keystore=RMISSks
any ideas please/