This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes JNLP and Web Start and the fly likes JAAS and Policy files problems Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » JNLP and Web Start
Bookmark "JAAS and Policy files problems" Watch "JAAS and Policy files problems" New topic

JAAS and Policy files problems

Luke Mero

Joined: Jun 27, 2009
Posts: 3
Hello everybody,

I have a problem with a Java WS application that use Jaas authentication through Jboss AS.
If I start the application from the command line (java -jar myApp.jar) it works just fine.
But if I load the application with the JNLP file I get an error like:

The application needs to access a java.policy and a jaas.config files that are located into the jar file.

I was browsing and I was trying many different solutions like:

-adding a property tag under resources in the JNLP file doesn't seem to have any effect

-adding a security tag. Doesn't do anything. (but I have read somewhere that in that case the jar file needs to be signed...)

-here is how I load up the files into my java code

I was trying also to deploy my application jar into the server without the jaas.config and the java.policy and it gives me the same error about etc....
So for this reason I think it should not be anything wrong in those 2 files, but the wrong thing seems to be how to load those files through Java Web Start.
Anyway here it is the context of the 2 files:



Does anybody has an idea about how to make those 2 files recognized by the java web start?

Thanks in advance to anybody who will help me
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 41063
WebStart applications (like applets) are governed by the use of a security manager that forbids a number of action, apparently including access to the system property.

What are you trying to achieve by including a policy file in the jar file? A WebStart application doesn't get to specify its own security. If you need it to do something that's normally forbidden, then it needs to be signed.

Ping & DNS - my free Android networking tools app
Luke Mero

Joined: Jun 27, 2009
Posts: 3
The main problem was to load the jaas.config for the authentication so for this reason I was thinking about to load the policy file to give the permissions to the application to read the jaas.config file.
Now I was doing one more test: I was trying to remove the java.policy and deploy the application with the jaas.config file only. In that way it works from the command line as before but not from WebStart, so that means that the java policy maybe not needed at all.

Do you think that if I'll sign the jar file then I'll be able to read the jaas.config?
Is there any practice that I'm missing to load that Jaas file?

Thanks in advance
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 41063
An unsigned application/applet can not elevate its own privileges, and a signed app/applet does not need to do that, since it has all privileges already.

So the only way to achieve what you're trying to do is to sign the app, and once you do that, there's no longer a need to elevate its privileges...

Please fix your display name before your next post, like I asked you to do, or the account will be closed.
Luke Mero

Joined: Jun 27, 2009
Posts: 3
I'm having some troubles in signing the jar.
Most of the guides that I have found out told me to do that:

Then I have re-uploaded the my-application.jar on the server. and once I launch the JNLP, it recognize the file change, so ti downloads the file again... but nothing changes. it doesn't ask for any authorizations and it ends with the same error.
I was also trying changing the algorithm

but I obtained the same results... nothing change

What is wrong with that procedure? Am I not allowed to use "home-made" certificate?
I agree. Here's the link:
subject: JAAS and Policy files problems
Similar Threads
Java2 Security Permissions
Java 2 Security Problems
Running JForum with Security Policy
Testing my past assignment game
Help me to run my first RMI app