Re: RMI security policy

From:

"R" <raymond.mh.ng@gmail.com>

Newsgroups:

comp.lang.java.programmer

Date:

2 Oct 2006 20:05:53 -0700

Message-ID:

<1159844753.140146.128820@m73g2000cwd.googlegroups.com>

May consider to use JAAS to create a subject to pass username password
to the server.

Or I use the following cod in my weblogic server:
   private Context getInitialContext() throws NamingException
   {
      Hashtable h = new Hashtable();
      h.put(Context.INITIAL_CONTEXT_FACTORY,
"weblogic.jndi.WLInitialContextFactory");
      h.put(Context.PROVIDER_URL, "t3://"+ EAI_Server+ ":7001");
      h.put(Context.SECURITY_PRINCIPAL, "username");
      h.put(Context.SECURITY_CREDENTIALS, "password");
      return new InitialContext(h);
   }

main()
{
            Context ctx = getInitialContext();
            Object home = ctx.lookup("ejb.MyEJB");
}

Regards,
Ray,

polaris wrote:

Hello everybody,

Im using RMI to connect java applet with a remote server.
The client looks up the server successfully but when I press
any button in the client applet interface which performs remote
method invocation this message is displayed in java console:

Exception in thread "AWT-EventQueue-23" java.lang.RuntimeException:
java.security.AccessControlException: access denied
(java.net.SocketPermission 10.0.0.2:4411 connect,resolve) at
ClientApplet$ButtonHandler.actionPerformed(ClientApplet.java:153)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)

I don't use any security policy to run the registry or in the server or
client.
This is the client look up code:
remoteReference = (RemoteInterface)
Naming.lookup("//localhost/"+RemoteInterface.REGISTRY_NAME);

and this is the server rebind code:
Naming.rebind(RemoteInterface.REGISTRY_NAME, remoteReference);

do i need to use any specific security policy or what?