wood burning stoves 2.0*
The moose likes Security and the fly likes createLoginContext.Userpass : access denied Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "createLoginContext.Userpass : access denied" Watch "createLoginContext.Userpass : access denied" New topic
Author

createLoginContext.Userpass : access denied

Vaibhav Tomorrow
Greenhorn

Joined: Jun 30, 2008
Posts: 6
Hi,
I am working on authentication using JAAS.

I have created small application and calling it in one of the jsp file. When I try to access the jsp I am getting the following error:
createLoginContext.Userpass : access denied
(javax.security.auth.AuthPermission createLoginContext.Userpass)
When i run the java application it is authenticating the user but when I try to run it by calling it from JSP it is giving the above error.
I have java.policy file and I have modified that too and it is able to give permissions to all the jar file accept the one which I have created.
Can any body suggest how to give permission to (javax.security.auth.AuthPermission createLoginContext.Userpass).
Nitesh Kant
Bartender

Joined: Feb 25, 2007
Posts: 1638

Do you mind showing the policy file to us


apigee, a better way to API!
Vaibhav Tomorrow
Greenhorn

Joined: Jun 30, 2008
Posts: 6
Originally posted by Nitesh Kant:
Do you mind showing the policy file to us


Hi ,
I have created the policy file with the name jaasacn.policy.

grant codeBase "file:/C:/MyWorkspace3/WSADWorkspace/JAAS/one/MySecurity/WebContent/WEB-INF/classes/test/test.jar"{
permission avax.security.auth.AuthPermission "createLoginContext.Userpass";
};

I have tried with the defaule java.policy file also, and put the test.tar file in ext folder which has already the permisioon to access all the jar files in it.
grant codeBase "file:${java.home}/lib/ext/*" {
//permission java.security.AllPermission;
permission avax.security.auth.AuthPermission "createLoginContext.Userpass";
};

apart from that I have a question :
1) I have a jar file which can perform authentication to a user (PerformAuth.java).
can we call this Object inside a JSP and see the result of authentication? The main idea is to have an authenticated user and then map the user to any role and based on that role provide authorization to access web resources.
Nitesh Kant
Bartender

Joined: Feb 25, 2007
Posts: 1638

Vaibhav:
avax.security.auth.AuthPermission "createLoginContext.Userpass";


Is this a typo? It should be javax and not avax.
If you are using a different policy file than the default you have to specify it as a JVM parameter "java.security.policy", as:

java -Djava.security.manager -Djava.security.policy=someURL SomeApp


Additionally, as specified above, you also would have to specify the parameter "java.security.manager".
The "-Djava.security.manager" argument ensures that the default security manager is installed, and thus the application is subject to policy checks. It is not required if the application SomeApp installs a security manager.

Vaibhav:
apart from that I have a question :
1) I have a jar file which can perform authentication to a user (PerformAuth.java).
can we call this Object inside a JSP and see the result of authentication? The main idea is to have an authenticated user and then map the user to any role and based on that role provide authorization to access web resources.[/QB]


If the jar file is in the classpath of the webapp that the jsp belongs to, then yes you can do that.
Vaibhav Tomorrow
Greenhorn

Joined: Jun 30, 2008
Posts: 6
grant codeBase "file:/C:/MyWorkspace3/WSADWorkspace/JAAS/one/MySecurity/WebContent/WEB-INF/classes/test/test.jar"{
permission javax.security.auth.AuthPermission "createLoginContext.Userpass";
};

I have tried with the defaule java.policy file also, and put the test.tar file in ext folder which has already the permisioon to access all the jar files in it.
grant codeBase "file:${java.home}/lib/ext/*" {
//permission java.security.AllPermission;
permission javax.security.auth.AuthPermission "createLoginContext.Userpass";
};
I am not able to perform the authentication using the jsp .
can any one tell what is wrong with this policy file ?
How can I give premisiion to createLoginContext.Userpass?
aldrin d'souza
Greenhorn

Joined: Jul 03, 2008
Posts: 4
where is this jsp deployed? a container-implementation can choose its own policy file location and might require you to define these custom policy entries there.

for instance - if you're using tomcat. try putting these policy entries in the catalina.policy. see http://tomcat.apache.org/tomcat-4.1-doc/security-manager-howto.html
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: createLoginContext.Userpass : access denied
 
Similar Threads
What's wrong with this policy file???
JAAS Error
JAAS Realm-Error
RemoteException
Problem JASS with JBOSS