File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Websphere and the fly likes Java2 Security Permissions Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Products » Websphere
Reply Bookmark "Java2 Security Permissions" Watch "Java2 Security Permissions" New topic
Author

Java2 Security Permissions

Pat Flickner
Ranch Hand

Joined: Nov 17, 2003
Posts: 173
posted private message
0
Quote
Help. I'm lost in the muck of Java2 Security. I'm fine until I get to connecting to the database, the BOOM! it blows up. I have a was.policy set up in the META-INF of both the EAR and the WAR. Here's the error:

110.110.110.110:4100 : access denied (java.net.SocketPermission 110.110.110.110:4100 connect,resolve)

Here's my was.policy:

grant codeBase "file:${application}" {
permission java.security.AllPermission;
};

grant codeBase "file:${jars}" {
permission java.security.AllPermission;
};

grant codeBase "file:${connectorComponent}" {
permission java.security.AllPermission;
};

grant codeBase "file:${webComponent}" {
permission java.security.AllPermission;
};

grant codeBase "file:${ejbComponent}" {
permission java.security.AllPermission;
};

grant {
permission java.security.AllPermission;
};

// The following permissions apply to all the components under the application.
grant codeBase "file:${application}" {
// The following are required by JavaMail
permission java.io.FilePermission "${was.install.root}${/}lib${/}mail-impl.jar","read";
permission java.io.FilePermission "${was.install.root}${/}lib${/}activation-impl.jar","read";
permission java.net.SocketPermission "*", "connect,resolve";
permission java.util.PropertyPermission "*", "read";
};

// The following permissions apply to all utility .jar files (other
// than enterprise beans JAR files) in the application.
grant codeBase "file:${jars}" {
permission java.net.SocketPermission "*", "connect,resolve";
permission java.util.PropertyPermission "*", "read";
};

// The following permissions apply to connector resources within the application
grant codeBase "file:${connectorComponent}" {
permission java.net.SocketPermission "*", "connect,resolve";
permission java.util.PropertyPermission "*", "read";
};

// The following permissions apply to all the Web modules (.war files)
// within the application.
grant codeBase "file:${webComponent}" {
permission java.io.FilePermission "${was.module.path}${/}-", "read, write";
// where "was.module.path" is the path where the Web module is
// installed. Refer to Dynamic policy concepts for other symbols.
permission java.lang.RuntimePermission "*";
permission java.net.SocketPermission "*", "connect,resolve";
permission java.util.PropertyPermission "*", "read";
};

// The following permissions apply to all the EJB modules within the application.
grant codeBase "file:${ejbComponent}" {
permission java.lang.RuntimePermission "*";
permission java.net.SocketPermission "*", "connect,resolve";
permission java.util.PropertyPermission "*", "read";
};

Obviously, I've copied things throughout since I have very little clue as to what I'm doing. Can anyone clue me in? Thanks.

Pat
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Java2 Security Permissions
 
Similar Threads
acces denied java.io.FilePermission
Java 2 Security Problems
RAD - WAS6 Admin Console -Error page exception
java.security.AccessControlException: Access denied issue
acces denied