File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

createLoginContext.Userpass : access denied

 
Vaibhav Tomorrow
Greenhorn
Posts: 6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am working on authentication using JAAS.

I have created small application and calling it in one of the jsp file. When I try to access the jsp I am getting the following error:
createLoginContext.Userpass : access denied
(javax.security.auth.AuthPermission createLoginContext.Userpass)
When i run the java application it is authenticating the user but when I try to run it by calling it from JSP it is giving the above error.
I have java.policy file and I have modified that too and it is able to give permissions to all the jar file accept the one which I have created.
Can any body suggest how to give permission to (javax.security.auth.AuthPermission createLoginContext.Userpass).
 
Nitesh Kant
Bartender
Posts: 1638
IntelliJ IDE Java MySQL Database
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Do you mind showing the policy file to us
 
Vaibhav Tomorrow
Greenhorn
Posts: 6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Nitesh Kant:
Do you mind showing the policy file to us


Hi ,
I have created the policy file with the name jaasacn.policy.

grant codeBase "file:/C:/MyWorkspace3/WSADWorkspace/JAAS/one/MySecurity/WebContent/WEB-INF/classes/test/test.jar"{
permission avax.security.auth.AuthPermission "createLoginContext.Userpass";
};

I have tried with the defaule java.policy file also, and put the test.tar file in ext folder which has already the permisioon to access all the jar files in it.
grant codeBase "file:${java.home}/lib/ext/*" {
//permission java.security.AllPermission;
permission avax.security.auth.AuthPermission "createLoginContext.Userpass";
};

apart from that I have a question :
1) I have a jar file which can perform authentication to a user (PerformAuth.java).
can we call this Object inside a JSP and see the result of authentication? The main idea is to have an authenticated user and then map the user to any role and based on that role provide authorization to access web resources.
 
Nitesh Kant
Bartender
Posts: 1638
IntelliJ IDE Java MySQL Database
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Vaibhav:
avax.security.auth.AuthPermission "createLoginContext.Userpass";


Is this a typo? It should be javax and not avax.
If you are using a different policy file than the default you have to specify it as a JVM parameter "java.security.policy", as:

java -Djava.security.manager -Djava.security.policy=someURL SomeApp


Additionally, as specified above, you also would have to specify the parameter "java.security.manager".
The "-Djava.security.manager" argument ensures that the default security manager is installed, and thus the application is subject to policy checks. It is not required if the application SomeApp installs a security manager.

Vaibhav:
apart from that I have a question :
1) I have a jar file which can perform authentication to a user (PerformAuth.java).
can we call this Object inside a JSP and see the result of authentication? The main idea is to have an authenticated user and then map the user to any role and based on that role provide authorization to access web resources.[/QB]


If the jar file is in the classpath of the webapp that the jsp belongs to, then yes you can do that.
 
Vaibhav Tomorrow
Greenhorn
Posts: 6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
grant codeBase "file:/C:/MyWorkspace3/WSADWorkspace/JAAS/one/MySecurity/WebContent/WEB-INF/classes/test/test.jar"{
permission javax.security.auth.AuthPermission "createLoginContext.Userpass";
};

I have tried with the defaule java.policy file also, and put the test.tar file in ext folder which has already the permisioon to access all the jar files in it.
grant codeBase "file:${java.home}/lib/ext/*" {
//permission java.security.AllPermission;
permission javax.security.auth.AuthPermission "createLoginContext.Userpass";
};
I am not able to perform the authentication using the jsp .
can any one tell what is wrong with this policy file ?
How can I give premisiion to createLoginContext.Userpass?
 
aldrin d'souza
Greenhorn
Posts: 4
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
where is this jsp deployed? a container-implementation can choose its own policy file location and might require you to define these custom policy entries there.

for instance - if you're using tomcat. try putting these policy entries in the catalina.policy. see http://tomcat.apache.org/tomcat-4.1-doc/security-manager-howto.html
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic