views:

43

answers:

1

I'm having trouble getting RMI security policies working. I have a .policy file on both the server and client, each of which is running a SecurityManager.

When I try and run the client its failing. My policy file grants everything atm. Heres the content:

grant { permission java.security.AllPermission };

I have the file client.policy in the root directory of my JAR file (I tried running it with the policy file outside the jar too). Then I run the client with this:

java -jar PagePlanner.jar -Djava.security.policy=client.policy -Djava.rmi.codebase=http://192.168.0.88:2077/home/me/NetbeansProjects/PageServer/dist/PageServer.jar -Djava.security.debug=access

Specifying my policy file and the path to my code base. I'm not sure if either of these are correct. I also tried setting the debug switch as I read somewhere it should give me extra info about whats going wrong, but it does not seem to make a difference.Heres the output when I run the client:

Exception in thread "main" java.security.AccessControlException: access denied (java.awt.AWTPermission setWindowAlwaysOnTop)
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
    at java.security.AccessController.checkPermission(AccessController.java:546)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
    at java.awt.Window.setAlwaysOnTop(Window.java:2038)
    at gui.LoginForm.<init>(LoginForm.java:59)
    at main.Main.main(Main.java:21)

From which point the client just hangs. Any ideas what I'm doing wrong here? The policy setup on the server-side is pretty much the same. I can post the details if that helps.

Cheers.

A: 

Run the client with -Djava.security.debug=access,failure. Most probably your .policy file isn't being found.

BTW you don't need to set the codebase at the client unless the client has its own implementations of abstract classes/interfaces and the server doesn't know about them. The codebase is normally only set at the server, so as to annotate classes that are downloaded to the client and the Registry.

EJP
For some reason-Djava.security.debug=access,failure was not giving me any output. Not sure why that was, in the end I modified the system-wide policy file and dropped the client-side switches for the time being. Then I ran into several more problems which you appear to already have answered on other sites - so thanks for that :)
DrDipshit