How to enforce packaged java app to run as admin

Question

I'm trying to package a java application using java packager tool ( I'm new to this tool ) the app itself has to make some calls internally ( using the java process api )

This works fine if the java application is started with admin privileges. for example if I run my jar app as sudo java -jar application.jar from then all sub processes become admin as well.

For distribution purpose , I do not have control over how the users will start the app. thus trying to use java packager tool- but I need to enforce that the app is ran with admin privileges. ( fine the app will stop if the user does not have sudo for example )

The other workaround , which I strongly want to avoid is to ask the user to enter their admin/sudo password when I launch the internal processes..

---EDIT--- I think I needed to add more background after the comments and answer I got. as it looks to though the issue is about detecting admin or not.. this is not not what my issue is.

class MyApp...
main(...){
   System.exec("start format.app")
}

format.app requires admin to work.

I use javapackager tool to distribute MyApp.app ( for mac ) MyApp.exe ( for windows ) etc ...

• I want to MyApp.app to be executable only by an admin user.. meaning if a user tries to launch MyApp.app does not have admin privilege he OS would prompt en enter credentials, or else the os will not allow the app to start.

• my workaround is using sudo but them I need to prompt the user to enter password.. which to me is a security concern ( the prompt is not Native ) and 2/ I this this approach is weaker and may expose the password when attached to the process

Answer 1

This is a sample implementation of Detect if Java application was run as a Windows admin with a little extra to indicate how I imagine it could work.

MainClass

This is the "launcher" if you will. It's ´main´ method checks for admin privileges. if they are present, the "Real" class is called with the arguments provided. The program will run in the exact jvm.

If not, The user is prompted with a "this application needs admin privileges to run" message

package com.so.test.admindemo;

import java.io.IOException;
import java.io.PrintStream;
import java.util.prefs.Preferences;

public class MainClass {

    public static boolean isAdmin() {
        Preferences prefs = Preferences.systemRoot();
        PrintStream systemErr = System.err;
        synchronized (systemErr) {    // better synchronize to avoid problems with other threads that access System.err
            System.setErr(null);
            try {
                prefs.put("foo", "bar"); // SecurityException on Windows
                prefs.remove("foo");
                prefs.flush(); // BackingStoreException on Linux
                return true;
            } catch (Exception e) {
                return false;
            } finally {
                System.setErr(systemErr);
            }
        }
    }

    public static void main(String[] args) throws IOException {
        if (isAdmin()) {
            AdminOnlyClass.main(args);
        } else {
            //Check for environment and escalate privelegs
            System.out.println("Administrator Privileges required. Please rerun with appropriate permissions.");
            System.exit(1);
        }
    }

}

AdminOnlyClass

This is the class requiring admin privileges.

package com.so.test.admindemo;

public class AdminOnlyClass {
    public static void main(String[] args) {
        System.out.println("Got admin!");
    }
}

Answer 2

SOLVED by adding preinstall script to the javapackager. the script will run as root at deploy time giving me control of prepraing anything the app needs at runtime.