aspose file tools*
The moose likes Distributed Java and the fly likes why security manager doesn't work? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Java » Distributed Java
Bookmark "why security manager doesn Watch "why security manager doesn New topic
Author

why security manager doesn't work?

Jimmy Chen
Ranch Hand

Joined: Apr 11, 2005
Posts: 54
I'm practising the code of book <Java RMI>(O'reilly).
when I doesn't use the security manager, I can run my RMI application.
Here is the command:


But when I add the security manager, It throws exception.
Here is the command:


Here is the exception:

java.security.AccessControlException: access denied (java.net.SocketPermission 1
27.0.0.1:1099 connect,resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(Unknown S
ource)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(Unknown S
ource)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(Unknown Source)
at sun.rmi.transport.tcp.TCPChannel.createConnection(Unknown Source)
at sun.rmi.transport.tcp.TCPChannel.newConnection(Unknown Source)
at sun.rmi.server.UnicastRef.newCall(Unknown Source)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at java.rmi.Naming.rebind(Unknown Source)
at com.ora.rmibook.chapter9.applications.ImplLauncher.launchServer(ImplL
auncher.java:26)
at com.ora.rmibook.chapter9.applications.ImplLauncher.main(ImplLauncher.
java:18)

There should be no problem with the policy file. Book says this policy file works for all RMI codes of the book.Here is the policy file.

grant codeBase "file://E:/Programs/temp/JavaRMI/classes" {
permission java.awt.AWTPermission "accessClipboard";
permission java.awt.AWTPermission "accessEventQueue";
permission java.awt.AWTPermission "listenToAllAWTEvents";
permission java.awt.AWTPermission
"showWindowWithoutWarningBanner";
permission java.awt.AWTPermission "readDisplayPixels";
permission java.net.SocketPermission ":1024-",
"accept, connect, listen, resolve";
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.io.FilePermission "<<ALL FILES>>", "write";
permission java.io.FilePermission "<<ALL FILES>>", "delete";
permission java.util.PropertyPermission "*", "read, write";
};


So, I want to know what's wrong with the "rebind", why I can't use the security manager.

Any help or advice will be appreciated
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12682
    
    5
Are you sure about the format of that path? My policy files look like
grant codeBase "file:c:/Servers... /classes/-"
not file://c:.... ./classes


Why don't you try
permission java.security.AllPermission;
- if that works you can back off to more specific permissions, if it doesn't then you need to look at the way the codeBase is stated.
Bill


Java Resources at www.wbrogden.com
Jimmy Chen
Ranch Hand

Joined: Apr 11, 2005
Posts: 54
Thank you William, You are right! I don't know why the author writes in that way.


Besides, I find difficulty in understanding a sentence in this book, which says: "You don't have to use a security manager with your RMI application. The only basic feature of RMI that won't work is dynamic classloading. However, both the RMI registry and the activation daemon do use security policies".

Although RMI registry uses the security policies why "You don't have to use a security manager with your RMI application"? It seems inconsistent.

Actually, I can run rmiregistry and RMI application without the security manager.

So, who can help me to resolve this apparent conflict?

Many, many, many, many thanks!!!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: why security manager doesn't work?
 
Similar Threads
rmi policy file
Enforcing custom policies using policytool - reg.
AccessControlException
Security Exception After Moving RMI Server Jar
Ignorant RMI question??? Design choice