Search code examples
javajsouprmi

How to solve java.security.AccessControlException

I need suggestions concerning the java.security.AccessControlException, I get when executing the following code. (I have consulted similar questions here but didn't success to make it work)

Here is my server code: 

 public class GetPageInfos extends UnicastRemoteObject  implements RemoteGetInfo{

    private static final String url="http://www.lemonde.fr/";
public class GetPageInfos extends UnicastRemoteObject  implements RemoteGetInfo{
    private static final String url="http://www.lemonde.fr/";

    public GetPageInfos() throws RemoteException{           
    }

    public String getSiteInfos() throws RemoteException {
         Document doc;
            try {                   
                 doc = Jsoup.connect(url).get();
                 String title = doc.title();  
                 return "title is "+title;                                       
            } catch (IOException e) {
                System.out.println("Faild! "+e.getMessage());
                return "not found";
            }  

    }

    public static void main(String[] args){
         try {

            GetPageInfos infos= new GetPageInfos();
            //System.setProperty("java.rmi.server.hostname","5lq04x1.gemalto.com");
            Naming.rebind("RemoteGetInfo", infos);
             /*GetPageInfos obj=new GetPageInfos(); 
             RemoteGetInfo stub = (RemoteGetInfo) UnicastRemoteObject.exportObject(obj, 0);
             Registry registry = LocateRegistry.getRegistry();
             registry.bind("RemoteGetInfo", stub);
             */
             System.out.println("server ready");

        } catch (RemoteException e) {
              System.out.println("GetPageInfos "+e.getMessage());
        }
        catch (MalformedURLException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }   
    }
}

And here is my client code:

//RMI Client
public class PrintSiteInfos {

    public static void main(String arg[]) 
    { 

        System.setSecurityManager(new RMISecurityManager());

             try 
                { 

                   /*String host=null;
                   Registry registry = LocateRegistry.getRegistry(host);
                   RemoteGetInfo stub = (RemoteGetInfo) registry.lookup("RemoteGetInfo");
                   String response = stub.getSiteInfos();
                   System.out.println(response); */
                 RemoteGetInfo obj = (RemoteGetInfo) Naming.lookup( "RemoteGetInfo");        
                 System.out.println(obj.getSiteInfos()); 
                } 
                catch (Exception e) 
                { 
                   System.out.println("PrintSiteInfos exception: " + e.getMessage()); 
                   e.printStackTrace(); 
                }  
    }   
}

So I got 

exception: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")

I found that I have to pass a policy file which I have like:

grant { 
  permission java.security.AllPermission;};

But how? Anyother suggestions?

Solution

  • You may grant only the socket permission not all permissions (which might be a security risk). Thus something like:

    grant {
    permission java.net.SocketPermission "127.0.0.1:1099", "connect, resolve";
};

    Two ways to do it:

    1) As an argument at the command line

    java -Djava.security.policy=mypolicyfile PrintSiteInfo

    2) within the JRE environment:

    Add the permission in the JRE_HOME/lib/security/java.policy file