File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Distributed Java and the fly likes File-permission problem on a multi-user system Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » Distributed Java
Bookmark "File-permission problem on a multi-user system" Watch "File-permission problem on a multi-user system" New topic
Author

File-permission problem on a multi-user system

Oliver Bourdeux
Greenhorn

Joined: Aug 02, 2009
Posts: 3
Dear JavaRanch members,
I’m working on a new Java EE application, which will operate as a common user-interface for our native unix-applications. These unix-applications are installed on single server instance with several file-servers attached to it and the unix-profiles of our customers are also on that server instance – and that’s the problem.

Any application-call and file-access made by the Java application server (Glassfish) will be performed as www user, which is in fact not that what we want. And becoming another user on a CentOS server is not that easy, because the setuid system-call requires a root privileged process (and running Glassfish as root is also not that what we want).

The work-around I developed out looks like this:
  • Create a native application which calls setuid and creates another process with the user privileges. This application will take a path to a JAR file.
  • This JAR file is an executable JAR and will create a helper-daemon.
  • The EJB inside Glassfish will establish a RMI connection to the daemon and performs some operations.
  • Every function in the helper-daemon will require some credentials (generated hash or username-hash combo) to avoid connections from 3nd processes.
  • The helper-process will be killed at the same time where the user-session ends.
  • Alternatively: Create and kill the helper-process any time when the EJB requires it.

  • Because this sounds a bit tricky and dirty, I would be grateful if you could tell me if this is the good solution and/or if this is the only solution.

    Regards,
    Temes the Warrior
    Oliver Bourdeux
    Greenhorn

    Joined: Aug 02, 2009
    Posts: 3
    Hi

    Is my question too noby or is there another reason why i dont get any reply?

    Regards
    War
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: File-permission problem on a multi-user system
     
    Similar Threads
    To Nikhil Pendharkar for IBM 287
    Test 488 questions
    unable to find remote interface,shows exception of NoClassDefFoundError
    setuid
    please answer this 128 questions for WLS. Urgently!