Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Security Policy with WAS

 
Sudeep das
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I have 2 applications, one of them is running on WAS 5.02 Network Deploy, and other one is a standalone application. Both apps are running in the same box.
Lets take for example application "A" and application "B", "A" is running in standalone mode and "B" is running on WAS.
"B" is a J2EE app, containing few EJBs, servlets and JSPs.
"A" is a standlone application which acts as a server, which listens to certain port(s) to serve certain specific functionality.
Methods from application "B" calls methods in application "A". The method calls are RMI calls and gives a (no security manager: RMI Classloader disabled) error.
To get this problem solved I have used java.rmi.RMISecurityManager and System.setSecurityManager() in my code in "A".
After incorporating the (no security manager: RMI Classloader disabled) problem was solved, but I started getting "access denied java.security.AccessControlException(java.net.SocketException)" on one of the ports which "B" is listening to.
To check whether application "B" and its ports are working correctly or not I have used another standalone application to connect to "B", with standalone applications its working fine. Thus it is sure that "B" is working and listening to ports perfectly.
I have tried to change the 'was.policy' file for "A" giving following permissions:
grant codeBase "file:my-web.war" {
permission java.security.AllPermission;
permission java.net.SocketPermission "*", "connect,resolve";
permission java.net.SocketPermission "*:1024-", "connect,resolve";
};
But it did not work and it gives the same exception time and again.
I have also tried giving the below mentioned code as 'was.policy' file.
grant{
permission java.security.AllPermission;
permission java.net.SocketPermission "*", "connect,resolve";
permission java.net.SocketPermission "*:1024-", "connect,resolve";
};
which means for all possible code base.
I think this problem is more of WAS centric then Java centric, as this is working fine with other standalone application.
Please help me with this, its urgent.
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to the JavaRanch.
We have a couple of rules here: "be nice" and the naming policy. Your display name, "j@me das", violates the latter one so I'll have to ask you to change it into something compliant.
Thanks.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic