• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

createLoginContext.Userpass : access denied

 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I am working on authentication using JAAS.

I have created small application and calling it in one of the jsp file. When I try to access the jsp I am getting the following error:
createLoginContext.Userpass : access denied
(javax.security.auth.AuthPermission createLoginContext.Userpass)
When i run the java application it is authenticating the user but when I try to run it by calling it from JSP it is giving the above error.
I have java.policy file and I have modified that too and it is able to give permissions to all the jar file accept the one which I have created.
Can any body suggest how to give permission to (javax.security.auth.AuthPermission createLoginContext.Userpass).
 
Bartender
Posts: 1638
IntelliJ IDE MySQL Database Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Do you mind showing the policy file to us
 
Vaibhav Tomorrow
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Nitesh Kant:
Do you mind showing the policy file to us



Hi ,
I have created the policy file with the name jaasacn.policy.

grant codeBase "file:/C:/MyWorkspace3/WSADWorkspace/JAAS/one/MySecurity/WebContent/WEB-INF/classes/test/test.jar"{
permission avax.security.auth.AuthPermission "createLoginContext.Userpass";
};

I have tried with the defaule java.policy file also, and put the test.tar file in ext folder which has already the permisioon to access all the jar files in it.
grant codeBase "file:${java.home}/lib/ext/*" {
//permission java.security.AllPermission;
permission avax.security.auth.AuthPermission "createLoginContext.Userpass";
};

apart from that I have a question :
1) I have a jar file which can perform authentication to a user (PerformAuth.java).
can we call this Object inside a JSP and see the result of authentication? The main idea is to have an authenticated user and then map the user to any role and based on that role provide authorization to access web resources.
 
Nitesh Kant
Bartender
Posts: 1638
IntelliJ IDE MySQL Database Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Vaibhav:
avax.security.auth.AuthPermission "createLoginContext.Userpass";



Is this a typo? It should be javax and not avax.
If you are using a different policy file than the default you have to specify it as a JVM parameter "java.security.policy", as:

java -Djava.security.manager -Djava.security.policy=someURL SomeApp



Additionally, as specified above, you also would have to specify the parameter "java.security.manager".
The "-Djava.security.manager" argument ensures that the default security manager is installed, and thus the application is subject to policy checks. It is not required if the application SomeApp installs a security manager.

Vaibhav:
apart from that I have a question :
1) I have a jar file which can perform authentication to a user (PerformAuth.java).
can we call this Object inside a JSP and see the result of authentication? The main idea is to have an authenticated user and then map the user to any role and based on that role provide authorization to access web resources.[/QB]



If the jar file is in the classpath of the webapp that the jsp belongs to, then yes you can do that.
 
Vaibhav Tomorrow
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
grant codeBase "file:/C:/MyWorkspace3/WSADWorkspace/JAAS/one/MySecurity/WebContent/WEB-INF/classes/test/test.jar"{
permission javax.security.auth.AuthPermission "createLoginContext.Userpass";
};

I have tried with the defaule java.policy file also, and put the test.tar file in ext folder which has already the permisioon to access all the jar files in it.
grant codeBase "file:${java.home}/lib/ext/*" {
//permission java.security.AllPermission;
permission javax.security.auth.AuthPermission "createLoginContext.Userpass";
};
I am not able to perform the authentication using the jsp .
can any one tell what is wrong with this policy file ?
How can I give premisiion to createLoginContext.Userpass?
 
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
where is this jsp deployed? a container-implementation can choose its own policy file location and might require you to define these custom policy entries there.

for instance - if you're using tomcat. try putting these policy entries in the catalina.policy. see http://tomcat.apache.org/tomcat-4.1-doc/security-manager-howto.html
 
Did you ever grow anything in the garden of your mind? - Fred Rogers. Tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic