RMI secure arguments
Are arguments passed to remote methods hashed in some way? Or do I need to manually secure the arguments I am passing to my remote methods.
Well, I kind of agree with you. Anything is nonsense until you understand it. By the way, landing on the moon was a very stupid idea...
I have personally completed the development of RMI over JXTA and it is running on my machines everyday. That means RMI can run over any known network infrastructure that can transport bits and bytes reasonably fast, thanks to the network independent design goal of JXTA.
It is true the current implementation of Jini is built on RMI. It sounds silly that you would run RMI over Jini over RMI. But it does not do any harm to keep that technical option open. Suppose you want to run your existing RMI applications on somebody's existing secured Jini infrastructure without major modifications of your applications.
Use your imagination, dude, otherwise programming would be a very boring job.
Similar Messages
-
How to run the rmi security manager
how to run the rmi security manager
You need to make a special class, where you give all permissions or socket permissions, then in promt you just call this class with following:
java -Djava.security.all=all then package name, then Class name. All is the name og permission class.
Good luck! -
RMI security with client authentication
Hy,
I'm trying to set a secure RMI application using JSSE and SSL.
I have succeeded in writing an application with client and server authentication using both an RMISSLServerSocketFactory and RMISSLClientSocketFactory and passing those factories to the server while exporting the remote object.
The problem is I had to set both server public and private keys and client public and private keys in the custom Socket Factories. This implies that those keys are on the server disk which is problematic for the client private key.
Is there a way of giving the client private key only when the Client want to contact the server and not when exporting the remote object?
(I tried to do that using -Djava.net.ssl.keyStore and -Djava.net.ssl.trustStore properties but it doesn't seem to work).
Thank you for your helpEven when I haven't wrote RMI over SSL code, I've done that using standard SSL client authentication between a client and a server.
In that context, I got the SSLSocketFactory by using a SSLContext initialized with the proper TrustManager and KeyManager classes.
But I guess you can start by specifying from the command line the system properties related to keystores and truststores:
-Djavax.net.ssl.keyStore=<your keystore pathname>
-Djavax.net.ssl.keyStorePassword=<your keystore password>
-Djavax.net.ssl.trustStore=<your truststore pathname>
-Djavax.net.ssl.trustStorePassword=<your truststore password>
You can also see the RMISSLClientSocketFactory and RMISSLServerSocketFactory provided in the /samples/rmi folder of the JSSE 1.0.3_01 distribution.
The client factory version uses the default socket factory provided by JSSE, so it can be configured from the properties above.
Hope this helps. -
Hi I have followed the sun java RMI trail (tutorial).
However my server side application is giving me a security exception. I think it s because of the grant code sections:
grant {
permission java.net.SocketPermission "*:1024-65535",
"connect,accept";
permission java.net.SocketPermission "*:80", "connect";
};My problem is that I can't understand were to put this code segment, and I read the same page over and over again, and could not find were is says were to put it!!
As I said I think it is from this, but maybe it is from other parts! not sure! ... Maybe you need to run the server side from a web server??
The links of the tutorial I am following is the following (from sun java website itself):
http://java.sun.com/docs/books/tutorial/rmi/
and the following link is were there is the grant permission code:
http://java.sun.com/docs/books/tutorial/rmi/running.html
Thanks for any sugestions!I still have the exception:
ComputeEngine exception: access denied (java.net.SocketPermission host resolve)
java.security.AccessControlException: access denied (java.net.SocketPermission host resolve)I followed the tutorial step by step, reading and writing the provided code so far. So this is what I have now at the moment:
I create a permision file and I called it java.policy. In this file I have the following code:
grant {
permission java.net.SocketPermission "*:1024-65535",
"connect,accept";
permission java.net.SocketPermission "*:80", "connect";
};Then I have the following code sugested by WirajR in the engine class, which is the server side application:
static{
System.setProperty("security.policy", "java.policy");
}I compiled everything, and no errors are given. But when i run just the server side, I still recieve the above error. When I debuged the application it stops on the following line:
Naming.rebind(name, engine);Were name is a string containing the following text :
"//host/Compute"and engine is the class to be exposed over RMI.
I am betting my problem is with name!! ... maybe
or else my permission file has invalid data.
Also wanted to add that security seems to have been taken care of in that tutorial by the following lines of code:
if (System.getSecurityManager() == null) {
System.setSecurityManager(new RMISecurityManager());
}Aren't these to set the security policy? -
Hi, there!
This is cross-post from "NetWeaver AS, Java" forum.
I have a security issue when I try to run RMI client code in the web application on the Web AS 2004s. There is
lookup statement in JSP or servlet code:
Naming.lookup("//server/RemoteClass")
which throws
java.io.AccessControlException: access denied (java.io.FilePermission
D:\usr\sap\AS1\JC00\j2ee\cluster\server0\apps\sap.com\MyEntApp\servlet_jsp\MyWebApp\work\com\mycompany\packagename\RemoteClassImpl_Stub.class read)
I have investigated where "java.security.policy" parameter is setup, there has value "./java.policy". This file is
regenerated each time when web AS is started, thus I created another policy file, granted file permission for
above path and set it as -Djava.security.policy in server start parameter. It doesn't resolve problem, I have
investigated this parameter doesn't correlate with real application run-time permissions. Has anybody ideas?
Thanks
P.S. This code works fine as a standalone application.File Name : policy.txt
grant {
permission java.security.AllPermission;
};Run ur program as follows:
java -Djava.security.policy=policy.txt <Java Client > -
I am trying to connect to my RMI Server and am having a problem. My code looks like this:
if( System.getSecurityManager() == null ) {
SecurityManager security=new SecurityManager();
security.checkAccept(serverAddress, serverPort);
System.setSecurityManager( security );
registry=LocateRegistry.getRegistry(serverAddress, (new Integer(serverPort)).intValue());
// look up the remote object
rmiServer= (PRFromDatabaseInterface)(registry.lookup("prFromDBServer"));
// call the remote method
System.out.println("Connecting to rmiServr");
return rmiServer.attemptLogin(email, password);The error I am getting looks like this:
Exception in thread "AWT-EventQueue-0" java.security.AccessControlException: access denied (java.net.SocketPermission 192.168.2.201:3500 accept,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkAccept(SecurityManager.java:1157)
at us.mylan.pr.main.FromDatabase.<init>(FromDatabase.java:84)Does anyone have any ideas what is wrong?I Just realized the port wasn't specified. When I do specifity it, I get this error:
sending Sample Text to 192.168.4.204:4000
java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
java.io.EOFExceptionAnd then the server throws a different error:
Exception in thread "RMI TCP Connection(idle)" java.security.AccessControlException: access denied(java.net.SocketPermission 192.167.4.6:54458 accept, resolve)Which I do not understand why it is port 54458. The client code looks like:
public class RmiClient {
static public void main(String args[])
PRFromDatabaseInterface rmiServer;
Registry registry;
String serverAddress="192.168.4.204";
String serverPort="4000";
String text="Sample Text";
System.out.println("sending "+text+" to "+serverAddress+":"+serverPort);
try{
// get the registry
registry=LocateRegistry.getRegistry(serverAddress, (new Integer(serverPort)).intValue());
// look up the remote object
rmiServer= (PRFromDatabaseInterface)(registry.lookup("prFromDBServer"));
// call the remote method
rmiServer.attemptLogin("[email protected]", "password");
catch(RemoteException e){
e.printStackTrace();
catch(NotBoundException e){
e.printStackTrace();
}Edited by: BDJ2K on Jan 10, 2009 6:38 AM -
Hello,
I'm planning to create some client-server applications using the WebLogic
RMI implementation but I'm a little bit worried about the security issues
that can be raised.
Basically, I don't know whether or not WebLogic provides dynamic class
loading (RMIClassLoader). If so, how to prevent this to happen, since I want
to make it sure that no hostile client will be able to hack my application
in that it will download some classes that will mess with my data.
Anybody has any comments on that?
Thanks in advance for any help.
Andre Mendonca
[email protected]Just to make things clearer, this is the RMI specification from Javasoft
(very interesting, by the way):
"When parameters and return values for a remote method invocation are
unmarshalled to become live objects in the receiving JVM, class definitions
are required for all of the types of objects in the stream. The
unmarshalling process first attempts to resolve classes by name in its local
class loading context (the context class loader of the current thread). RMI
also provides a facility for dynamically loading the class definitions for
the actual types of objects passed as parameters and return values for
remote method invocations from network locations specified by the
transmitting endpoint. This includes the dynamic downloading of remote stub
classes corresponding to particular remote object implementation classes
(and used to contain remote references) as well as any other type that is
passed by value in RMI calls, such as the subclass of a declared parameter
type, that is not already available in the class loading context of the
unmarshalling side."
My question is: If a client invokes a method in the object residing in the
weblogic server, passing as a parameter an object that the server doesn't
know, will weblogic try to download the class from the client location?
Continuing: later in the specification, one can read:
"For every class descriptor read from an RMI marshal stream, the
resolveClass method reads a single object from the stream. If the object is
a String (and the value of the java.rmi.server.useCodebaseOnly property is
not true), then resolveClass returns the result of calling
RMIClassLoader.loadClass with the annotated String object as the first
parameter and the name of the desired class in the class descriptor as the
second parameter. Otherwise, resolveClass returns the result of calling
RMIClassLoader.loadClass with the name of the desired class as the only
parameter."
So, can I set this property to false in the StartWebLogic.cmd file and
expect weblogic not to download any unknown code? Will weblogic classloader
understand it? What's the default behavior of weblogic server?
By the way, I'm using WLS 4.5.1, in a windows NT environment.
Thanks in advance.
Andre Mendonca
[email protected]
"Andre Mendonca" <[email protected]> wrote in message
news:[email protected]...
Hello,
I'm planning to create some client-server applications using the WebLogic
RMI implementation but I'm a little bit worried about the security issues
that can be raised.
Basically, I don't know whether or not WebLogic provides dynamic class
loading (RMIClassLoader). If so, how to prevent this to happen, since Iwant
to make it sure that no hostile client will be able to hack my application
in that it will download some classes that will mess with my data.
Anybody has any comments on that?
Thanks in advance for any help.
Andre Mendonca
[email protected] -
Hi all,
I am fairly new to the whole RMI world, but my problem is this. I am currently developing an intranet site which has applets within it. To allow communication to the server I am currently developing an RMI server application. Th problem I have is with the Policy File. Does the client need to have the policy file? And how can I go about starting the RMIRegistry from within my application? as the server will be compiled down into a jar file for ease of use i.e. NO DOS PROMPT. A quick response would be greatfully appreciated,
Cheers,
OshAnother question I have, is now that I have managed to get the policy file to work within my JBuilder, but the problem I have is that when I create my jar file, it doesnt include the appropriate parameters for my VM. How do I go about adding this to my jar file, or am I just trying to do something that is completely stupid?
-
Question about argument marshalling with RMI.
Hello guys,
I recently started an RMI-related project and successfully implemented this technology, but at some point I created this interface on the server
package xyz;
import somePackage.SomeClass ;
public interface A extends Remote{
public void methodA( SomeClass x ) throws RemoteEx; //SomeClass is implementing interface A
and exported it to the RemoteReg folowing standard RMI procedure.
The problem came when i tried to pass a instance of SomeClass to methodA from the corresponding object retrived from the registry, got myself a nice
java.rmi.MarshalException: error marshalling arguments; nested exception is:
java.io.NotSerializableException: somePackage.SomeClass
The question is: can't RMI pass arguments as shown previously or it's my implementation faulty?
//ofc i could send the vars needed and create the SomeClass instance on the server but maybe it can be done this way too.Well the .class on the client implemented Serialize, while the .class from the server didn't(this being the only difference).So in other words 'yes, I had different versions of the .class file at the server and the client'.
So in theory they might get different serialVersionsUID due to this discrepancyNo, in theory one of them isn't Serializable, so either the sender or the receiver is going to throw an exception of some kind.
You have to deploy the same .class file at both ends (until you get into Versioning), and they certainly both have to implement Serializable. They also both have to have the same serialVersionUID, which you should hard-code into the class now. -
In case of RMI, are arguments passed by Value or passed by reference?
Please elaborate and explain as I am completely confused.Arguments to or return values from remote methods can be of almost any type, including local objects, remote objects, and primitive types. More precisely, any entity of any type can be passed to or from a remote method as long as the entity is an instance of a type that is a primitive data type, a remote object, or a serializable object, which means that it implements the interface java.io.Serializable.
A few object types do not meet any of these criteria and thus cannot be passed to or returned from a remote method. Most of these objects, such as a file descriptor, encapsulate information that makes sense only within a single address space. Many of the core classes, including those in the packages java.lang and java.util, implement the Serializable interface.
The rules governing how arguments and return values are passed are as follows.
Remote objects are essentially passed by reference. A remote object reference is a stub, which is a client-side proxy that implements the complete set of remote interfaces that the remote object implements.
Local objects are passed by copy, using object serialization. By default all fields are copied, except those that are marked static or transient. Default serialization behavior can be overridden on a class-by-class basis.
Passing an object by reference (as is done with remote objects) means that any changes made to the state of the object by remote method calls are reflected in the original remote object. When passing a remote object, only those interfaces that are remote interfaces are available to the receiver; any methods defined in the implementation class or defined in nonremote interfaces implemented by the class are not available to that receiver. -
Differences in setting a security manager
Hello,
what is the difference between installing a security manager using a system property like this:
-Djava.security.manager=java.rmi.RMISecurityManagerand by executing the following at the beginning of the main method:
if (System.getSecurityManager() == null) {
System.setSecurityManager(new RMISecurityManager());
}To my understanding of the various reference documentations for java security, they should be equivalent in the obtained result. In my case, however, the system property one doesn't work, that is classes are not downloaded dynamically; everything works fine with the java code solution.
Many thanks,
valerioWorks for me.
-Djava.security.manager=java.rmi.RMISecurityManagerThis argument needs to appear first on the command line, before any other -D and -jar arguments.
NB the RMISecurityManager is obsolete, you can use java.lang.SecurityManager. See the Javadoc. You can just specify:
-Djava.security.manager=defaultor just:
-Djava.security.manager -
Error: while generating SQL.java.rmi.ServerException:
Hi:
I tried the JGuru's "MusicStore" example. HOwever at Task 6 and 7 I am getting the following error:
Error: while generating SQL.java.rmi.ServerException:
RemoteException occured in server thread; nested exception is:
* java.rmi.RemoteException: Error connecting to database;
nested exception is:
* SQL Exception: Failed to start database 'MusicStoreDB', see
the next exception for details.
Please make sure the database name/user/password is valid
and the J2ee server and database are running.
However when i check my database it is running perfectly:
E:\>%j2ee_home%\bin\cloudscape -start
Sun Feb 16 12:48:11 PST 2003: [RmiJdbc] Starting Cloudscape RmiJdbc Server Version
Sun Feb 16 12:48:14 PST 2003: [RmiJdbc] COM.cloudscape.core.JDBCDriver registered i
Sun Feb 16 12:48:14 PST 2003: [RmiJdbc] Binding RmiJdbcServer...
Sun Feb 16 12:48:14 PST 2003: [RmiJdbc] No installation of RMI Security Manager...
Sun Feb 16 12:48:14 PST 2003: [RmiJdbc] RmiJdbcServer bound in rmi registry
Server:
J2EE server listen port: 1050
Naming service started:1050
Binding DataSource, name = jdbc/DB2, url = jdbc:cloudscape:rmi:CloudscapeDB;crea
te=true
Binding DataSource, name = jdbc/Cloudscape, url = jdbc:cloudscape:rmi:Cloudscape
DB;create=true
Binding DataSource, name = jdbc/InventoryDB, url = jdbc:cloudscape:rmi:Cloudscap
eDB;create=true
Binding DataSource, name = jdbc/DB1, url = jdbc:cloudscape:rmi:CloudscapeDB;crea
te=true
Binding DataSource, name = jdbc/MusicStore, url = jdbc:cloudscape:rmi:MusicStore
DB;create=false
Binding DataSource, name = jdbc/XACloudscape, url = jdbc/XACloudscape__xa
Binding DataSource, name = jdbc/XACloudscape__xa, dataSource = COM.cloudscape.co
re.RemoteXaDataSource@1d88db7
Starting JMS service...
Initialization complete - waiting for client requests
Binding: < JMS Destination : jms/Topic , javax.jms.Topic >
Binding: < JMS Destination : jms/Queue , javax.jms.Queue >
Binding: < JMS Cnx Factory : TopicConnectionFactory , Topic , No properties >
Binding: < JMS Cnx Factory : QueueConnectionFactory , Queue , No properties >
Binding: < JMS Cnx Factory : jms/QueueConnectionFactory , Queue , No properties
>
Binding: < JMS Cnx Factory : jms/TopicConnectionFactory , Topic , No properties
>
Starting web service at port: 8000
Starting secure web service at port: 7000
J2EE SDK/1.3.1
Starting web service at port: 9191
J2EE SDK/1.3.1
J2EE server startup complete.
Can anyone suggest me a way out..plzwhat type of persistent u r using also post ur query if bmp and check with another example with cmp.
-
I am upgrading an old NB4.1 produced JSP system that runs on Netscape iplanet to NB7.0.1 built JSP system running on Glassfish 3.1.1. I have four main files: login.html, login.jsp, ApplicationRmiConnection, and MenuManager.jsp . Three of four are working. The login.html is only a startup means to be sent to the login.jsp. The ApplicationRmiConnection is a servlet called by the login.jsp. It reads a properties file, establishes connection with the RMI and database (currently on the OLD system (Netscape iplanet)) which it does quite well. After the ApplicationRmiConnection is established and working the MenuManager.jsp . The first output from the MenuManager.jsp is a series of application.log calls for verification of data passed in from the successful ApplicationRmiConnection database read.
How does GF 3.1.1 loose AccessControl permissions to the server.log to which it is writing? All I am using is application.log statements and it coughs, chokes, and quits.
My output stacktrace is:
INFO: PWC1412: WebModule[null] ServletContext.log():ApplicationRmiConnect: getRealPath("/") = [C:\Program Files\glassfish\glassfish-3.1\glassfish\domains\domain1\applications\MyApplication\]
INFO: PWC1412: WebModule[null] ServletContext.log():MenuMgr: sParms - RMI Connect = com.company.rmi.ServerAppClientAdapter@19ca6bc
INFO: PWC1412: WebModule[null] ServletContext.log():MenuMgr: caught an Exception
WARNING: StandardWrapperValve[jsp]: PWC1406: Servlet.service() for servlet jsp threw exception
java.security.AccessControlException: access denied (java.io.FilePermission C:\Program Files\glassfish\glassfish-3.1\glassfish\domains\domain1\logs\server.log read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.io.File.exists(File.java:731)
at com.sun.enterprise.server.logging.GFFileHandler.publish(GFFileHandler.java:676)
at java.util.logging.Logger.log(Logger.java:481)
at com.sun.logging.LogDomains$1.log(LogDomains.java:354)
at java.util.logging.Logger.doLog(Logger.java:503)
at java.util.logging.Logger.logp(Logger.java:619)
at com.sun.enterprise.web.logger.IASLogger.write(IASLogger.java:127)
at com.sun.enterprise.web.logger.LoggerBase.log(LoggerBase.java:190)
at com.sun.enterprise.web.logger.IASLogger.log(IASLogger.java:57)
at org.apache.catalina.core.StandardContext.log(StandardContext.java:6828)
at org.apache.catalina.core.ApplicationContext.log(ApplicationContext.java:449)
at org.apache.catalina.core.ApplicationContextFacade.log(ApplicationContextFacade.java:359)
at org.apache.jsp.MenuMgr_jsp._jspService(MenuMgr_jsp.java from :533)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:403)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:492)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:378)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1539)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:330)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:174)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:828)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:725)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1019)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:662)The problem area has been found. We need to know the best method to replace the two lines of code we commented out. Here is what we found.
Glassfish 3.1.1 Security does not play well with old RMI security (JDK1.2 vintage). Furthermore, once the old RMI security has messed with the mind of GF3.1.1 security the GF security truly believes it has in some cases no permission to read its own server.log file.
Here is the offending code commented out in the Server Client Adapter (client wrapper):
Note: this is legacy rmi code. i.e. manually executed rmic on the appropriate classfiles as this was originally created for java 1.2.
// if(System.getSecurityManager() == null)
// System.setSecurityManager(new RMISecurityManager());
remote = (com.davisco.rmi.ServerAppServantAdapter_Stub)Naming.lookup(stringbuffer.toString());
A thank you goes out to www.velocityreviews.com/forums/t276590-access-denied-java-lang-runtimepermission-createsecuritymanager.html even if it is five years old.
Again, this is using the original version of RMI. How do we re-implement the RMI Security Manager without offending GF 3.1.1 security? -
Access denied security policy file
All i a simple client which is trying to talk to a remote EJB. When i try and startup the client i get the following error.
java.security.AccessControlException: access denied (java.util.PropertyPermission java.security.policy write)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.System.setProperty(System.java:699)
at com.db.abmonitor.client.Client.example(Client.java:51)And i am calling it like
System.setProperty("java.security.policy", "client.policy");
if (System.getSecurityManager() == null)
System.setSecurityManager(new RMISecurityManager()); And i have defined a client.policy file in the src directory of the project under eclipse, with the following entries
grant {
permission java.security.AllPermission;
};Anyone got any ideas ?Ah RMI headaches...
here is what i blogged for my own self when i was starting with the RMI security stuff:
Since i havent figured out how to do SecurityManager stuff properly, i can override 2 checkPermission methods in SecurityManager with empty method bodies, thats a quick and dirty fix.
- Alternativly, you can set your policy file located in /lib/security/java.policy to: http://java.sun.com/docs/books/tutorial/rmi/example-1dot2/java.policy
- or pass the property to the policy location: -Djava.security.policy=./policy.all
maybe that will help...
i think that maybe your policy file isnt being found where it should be -
Hello All,
I have a basic question about RMI. Usually we run RMI client like:
java -dcodebase=http://mysite.com -djava.securit.policy=mypolicy.policy client
Is it possible to run RMI client on web browsers, say, through Java servlet, Tomcat is installed?
If possible, how to configure Tomcat and the client, may be servlet? I don't think RMI server need change.
Thanks
ChenTomcat is for servers. Why would that change the
client?Thanks for the reply. I want to put RMI client in Tomcat, the RMI client connect to RMI server (not in the Web server, some other place). The questionis :
Every RMI client need start like this:
java -Djava.rmi.security=my.policy myclient
But in Tomcat, we only have classes. The servlet call the class(es) to finish the request and return response. In fact my question is how to provide security policy to these classes?
Merry Xmas!
CL
Maybe you are looking for
-
Itunes wont open when i click on it but it never tells me why, so i went on troubleshoot and it found some problems and resolved them however it still says that a problem 'incompatible program' was detected and it doesnt give me an option to do anyth
-
Encrypt/Decrypt pdf files in adobe air applications
Hi Friends I want to encrypt and decrypt pdf files in adobe air application. I tried it many ways but am not getting it right method. Please help me this situation.
-
How to reference Aplication Item in Computation
I have a computation which works fine but I would like to have computation source as Applicaiton Item. I have tried type of computation Static Assignement and Item Value with no success. Right now I set it up as Static Assignment with value SUBITTED.
-
Too late to add user account?
I have been working in my administrator account since buying my iMac G5 in December. I understand the wisdom of using a user account instead. I am wondering if it is too late to add a user account. If I do that, can I import the folders and files fro
-
INoficatorService implementation not found
Hi all, I need to send a notification mail from my code but i have not been able to get the implementation class for INoficatorService so that i may call its send() method. Could u pls help me on this. regards saurav