File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Distributed Java and the fly likes ugent: policy file problems in JAR! Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Distributed Java
Bookmark "ugent: policy file problems in JAR!" Watch "ugent: policy file problems in JAR!" New topic
Author

ugent: policy file problems in JAR!

John Coleman
Ranch Hand

Joined: Jul 24, 2001
Posts: 65
I found a way to read my policy file from within the JAR (class.getResource)and managed to get a simple example going. But when I JAR my real application I get access denied, and my policy seems not to be picked up and used?
C:\John\server>runserver
C:\John\server>set JAVA_HOME=C:\APPL\jbuilder5\jdk1.3
C:\John\server>set PROJECT_HOME=c:\john\server
C:\John\server>set CLASSPATH=c:\john\server\RMISSL.jar;c:\john\server\classes12.
zip;
C:\John\server>set PATH=C:\APPL\jbuilder5\jdk1.3\bin;C:\APPL\jbuilder5\jdk1.3\jr
e
C:\John\server>java -classpath c:\john\server\RMISSL.jar;c:\john\server\classes1
2.zip; -Djava.rmi.server.codebase=file:c:/john/server/RMISSL.jar com.abnamro.wcs
.orchard.gui.security.server.RMISecureServer -policy=policy -keystore=RMISSks
/* RMI Secure Server permissions
Created by J S Coleman - Sopra Group
13/05/2002
Grant access to the file, properties and network resources required.
*/
grant {
// allow access to the servers key store
permission java.io.FilePermission "${javax.net.ssl.trustStore}", "read";
// allow properties read only
permission java.util.PropertyPermission "*", "read";
// allow any hosts on the network to access the RMI registry port
permission java.net.SocketPermission "127.0.0.1:1099", "connect, resolve";
permission java.net.SocketPermission "*:1024-", "accept, connect, listen, reso
lve";
// allow access to the DB server at port 1521 to access Oracle
permission java.net.SocketPermission "10.8.224.63:1521", "accept, connect, res
olve";
};

user.dir=C:\John\server
policy file=file:/C:/John/server/RMISSL.jar!/com/abnamro/wcs/orchard/gui/securit
y/server/policy
keystore file=file:/C:/John/server/RMISSL.jar!/com/abnamro/wcs/orchard/gui/secur
ity/server/RMISSks
call logging=true
lease period=600000
timeout period=43200000
RMISecureServer error: access denied (java.net.SocketPermission 127.0.0.1:1099 c
onnect,resolve)
java.security.AccessControlException: access denied (java.net.SocketPermission 1
27.0.0.1:1099 connect,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:272)
at java.security.AccessController.checkPermission(AccessController.java:
399)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1044)
at java.net.Socket.<init>(Socket.java:262)
at java.net.Socket.<init>(Socket.java:100)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirect
SocketFactory.java:25)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMaster
SocketFactory.java:120)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:499)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:190
)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:174)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:318)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at java.rmi.Naming.rebind(Naming.java:160)
at com.abnamro.wcs.orchard.gui.security.server.RMISecureServer.main(RMIS
ecureServer.java:233)
C:\John\server>rem java -classpath c:\john\server\RMISSL.jar;c:\john\server\clas
ses12.zip; -Djava.rmi.server.codebase=file:c:/john/server/RMISSL.jar -Djava.secu
rity.debug=access com.abnamro.wcs.orchard.gui.security.server.RMISecureServer -p
olicy=policy -keystore=RMISSks
any ideas please/


John Coleman, MSTA<br />Sun Certified Programmer for the Java� 2 Platform<br />john.coleman@eurobase-international.com<br />Eurobase banking solutions<br /><a href="http://www.eurobase-international.com/banking" target="_blank" rel="nofollow">http://www.eurobase-international.com/banking</a>
Michael Ernest
High Plains Drifter
Sheriff

Joined: Oct 25, 2000
Posts: 7292

It's not clear from your description what's different from one invocation to the next. 'Simple' and 'real' app shouldn't provide any difference, but I don't know what you mean between these two.
If the command line invocation at the bottom of your post is the actual one, I don't understand how it could be found within the JAR. It looks like it's location will expand to a point on the file system, not a containing JAR.


Make visible what, without you, might perhaps never have been seen.
- Robert Bresson
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: ugent: policy file problems in JAR!