Search code examples
javaintellij-idearmi

rmi server throws AccessControlException

I am trying to build a client-server relationship with a tutorial from here. My server class is in the engine package in my path: /home/rozerin/IdeaProjects/computetest/src/main/java/engine and client and the interface packages are also in ~/main/java package. Like suggested in previous questions about this problem, I ended my directory for permission in policy file with a "/", but it didn't work. Right now, my policy file is in engine folder. I am using Intellij Idea for compilation, yet i didn't use the IDE since i am trying to build the server from command line in ubuntu. I don't know what is wrong and I am very stuck at that point.

My parameters for command line is like following;

java -cp /home/rozerin/IdeaProjects/computetest/src/main/java:/home/rozerin/Public/public_html/classes/compute.jar -Djava.rmi.server.codebase=http://mycomputer/home/rozerin/IdeaProjects/computetest/src/main/java/compute.jar -Djava.rmi.server.hostname=mycomputer.example.com -Djava.security.policy=server.policy engine/ComputeEngine

My client class is like following;

package client;

/**
 * Created by rozerin on 08.03.2016.
 */
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.math.BigDecimal;
import compute.Compute;

public class ComputePi {
 public static void main(String args[]) {
    if (System.getSecurityManager() == null) {
        System.setSecurityManager(new SecurityManager());
    }
    try {
        String name = "Compute";
        Registry registry = LocateRegistry.getRegistry(args[0]);
        Compute comp = (Compute) registry.lookup(name);
        Pi task = new Pi(Integer.parseInt(args[1]));
        BigDecimal pi = comp.executeTask(task);
        System.out.println(pi);
    } catch (Exception e) {
        System.err.println("ComputePi exception:");
        e.printStackTrace();
    }
  }
}

My server class is like following;

package engine;

/**
 * Created by rozerin on 08.03.2016.
 */
 import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.UnicastRemoteObject;
import compute.Compute;
import compute.Task;

public class ComputeEngine implements Compute {

    public ComputeEngine() {
    super();
    }

    public <T> T executeTask(Task<T> t) {
    return t.execute();
    }

    public static void main(String[] args) {
    if (System.getSecurityManager() == null) {
        System.setSecurityManager(new SecurityManager());
    }
      try {
        String name = "Compute";
        Compute engine = new ComputeEngine();
        Compute stub =
                (Compute) UnicastRemoteObject.exportObject(engine, 0);
        Registry registry = LocateRegistry.getRegistry();
        registry.rebind(name, stub);
        System.out.println("ComputeEngine bound");
    } catch (Exception e) {
        System.err.println("ComputeEngine exception:");
        e.printStackTrace();
    }
 }
}

My policy file is

grant codeBase "file:/home/rozerin/IdeaProjects/computetest/src/main/java/"{ permission java.security.AllPermission; };

Stack trace is;

ComputeEngine exception: java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve") at java.security.AccessControlContext.checkPermission(AccessControlContext.java:474) at java.security.AccessController.checkPermission(AccessController.java:685) at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051) at java.net.Socket.connect(Socket.java:574) at java.net.Socket.connect(Socket.java:528) at java.net.Socket.(Socket.java:425) at java.net.Socket.(Socket.java:208) at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40) at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:147) at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613) at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216) at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202) at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:341) at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source) at engine.ComputeEngine.main(ComputeEngine.java:33)

"at engine.ComputeEngine.main(ComputeEngine.java:33)" is where it uses rebind method of the server class.

The interfaces are in the website I shared, I don't want to make this place too crowdy. Any help would be very appreciated. Thanks!

Solution

  • For server side and for client side both should use this:

    System.setProperty("java.security.policy", "path_to_your_Security_policy_file_located_in_file_system");
System.setSecurityManager(new RMISecurityManager());

    Security policy file should contain

     grant {
    permission java.security.AllPermission;
    };

    I think this may help you out.