• Post Reply Bookmark Topic Watch Topic
  • New Topic

ugent: policy file problems in JAR!  RSS feed

John Coleman
Ranch Hand
Posts: 65
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I found a way to read my policy file from within the JAR (class.getResource)and managed to get a simple example going. But when I JAR my real application I get access denied, and my policy seems not to be picked up and used?
C:\John\server>set JAVA_HOME=C:\APPL\jbuilder5\jdk1.3
C:\John\server>set PROJECT_HOME=c:\john\server
C:\John\server>set CLASSPATH=c:\john\server\RMISSL.jar;c:\john\server\classes12.
C:\John\server>set PATH=C:\APPL\jbuilder5\jdk1.3\bin;C:\APPL\jbuilder5\jdk1.3\jr
C:\John\server>java -classpath c:\john\server\RMISSL.jar;c:\john\server\classes1
2.zip; -Djava.rmi.server.codebase=file:c:/john/server/RMISSL.jar com.abnamro.wcs
.orchard.gui.security.server.RMISecureServer -policy=policy -keystore=RMISSks
/* RMI Secure Server permissions
Created by J S Coleman - Sopra Group
Grant access to the file, properties and network resources required.
grant {
// allow access to the servers key store
permission java.io.FilePermission "${javax.net.ssl.trustStore}", "read";
// allow properties read only
permission java.util.PropertyPermission "*", "read";
// allow any hosts on the network to access the RMI registry port
permission java.net.SocketPermission "", "connect, resolve";
permission java.net.SocketPermission "*:1024-", "accept, connect, listen, reso
// allow access to the DB server at port 1521 to access Oracle
permission java.net.SocketPermission "", "accept, connect, res

policy file=file:/C:/John/server/RMISSL.jar!/com/abnamro/wcs/orchard/gui/securit
keystore file=file:/C:/John/server/RMISSL.jar!/com/abnamro/wcs/orchard/gui/secur
call logging=true
lease period=600000
timeout period=43200000
RMISecureServer error: access denied (java.net.SocketPermission c
java.security.AccessControlException: access denied (java.net.SocketPermission 1 connect,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlConte
at java.security.AccessController.checkPermission(AccessController.java:
at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1044)
at java.net.Socket.<init>(Socket.java:262)
at java.net.Socket.<init>(Socket.java:100)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirect
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMaster
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:499)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:190
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:174)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:318)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at java.rmi.Naming.rebind(Naming.java:160)
at com.abnamro.wcs.orchard.gui.security.server.RMISecureServer.main(RMIS
C:\John\server>rem java -classpath c:\john\server\RMISSL.jar;c:\john\server\clas
ses12.zip; -Djava.rmi.server.codebase=file:c:/john/server/RMISSL.jar -Djava.secu
rity.debug=access com.abnamro.wcs.orchard.gui.security.server.RMISecureServer -p
olicy=policy -keystore=RMISSks
any ideas please/
Michael Ernest
High Plains Drifter
Posts: 7292
Netbeans IDE VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's not clear from your description what's different from one invocation to the next. 'Simple' and 'real' app shouldn't provide any difference, but I don't know what you mean between these two.
If the command line invocation at the bottom of your post is the actual one, I don't understand how it could be found within the JAR. It looks like it's location will expand to a point on the file system, not a containing JAR.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!