Forum Stats

  • 3,817,079 Users
  • 2,259,275 Discussions
  • 7,893,653 Comments

Discussions

Rmi server : authorize client with a policy file

843811
843811 Member Posts: 49,851
Hello,

I have a Rmi client/server application

I wan't my server only authorize a list of clients.

For doing that I define a security manager started with my server :

My server is started :

java -java.security.manager=java.lang.SecurityManager -MyRmiServer

I defined a policy file :

// permission

grant {

permission java.io.FilePermission "<<ALL FILES>>", "execute, read, write, delete";

permission java.net.SocketPermission "127.0.0.1", "accept,connect,listen,resolve";
permission java.net.SocketPermission "client1", "accept,connect,listen,resolve";
};

With this system my client1 got ConnectException when trying to accessed rmi service.

Note : without security manager everything works fine.

Thanks Philippe

Comments

  • 843811
    843811 Member Posts: 49,851
    Hi Pinston,


    Here is the code for the general policy file


    For connect or to accept connections on unprivileged ports( ports greater than 1024) in any host.

    grant
    {

    permission java.net.SocketPermission "*:1024-65535",
    "connect,accept";

    };




    Connect to port 80

    grant {
    permission java.net.SocketPermission "*:80","connect";
    };



    Host name can be given while starting the server.


    java -Djava.rmi.server.codebase=file:\/
    -Djava.rmi.server.hostname=sundts1
    -Djava.security.policy=java.policy
    engine ComputeEngine.

    I hope this will help you out.

    Thanks
    Bakrudeen
    Technical Support Engineer
    Sun MicroSystems Inc, India
This discussion has been closed.