Stack Overflow
Stack Overflow

Questions tagged [javapolicy]

16 questions
13
votes
2 answers

Which permission to set, to avoid error with Security-Manager with https-URLS?

In a software for a customer we have to read given URLs to parse their content. Also the customer needs to activate Tomcat-Security-Manager to let Java-Policies control what the program does. Now, with reading URLs the exception…
Mnementh
  • 50,487
  • 48
  • 148
  • 202
3
votes
1 answer

How to limit access to JMX to only certain IP-addresses?

I don't want to bother with SSL and passwords each time, but still don't want my program's JMX functionality reachable by others on the LAN. I populated my ~/.java.policy thus: grant principal javax.management.remote.JMXPrincipal "*" { …
Mikhail T.
  • 3,043
  • 3
  • 29
  • 46
3
votes
1 answer

Is it possible to use wildcards in Jar File names in the Policy file?

Is it possible to replace code like: grant codeBase "file:${home.url}/installed/Engine/lib/runtime_3.jar" { // permission for the Engine permission java.util.PropertyPermission "*", "read"; permission java.util.PropertyPermission "*",…
Ro.
  • 1,357
  • 4
  • 13
  • 25
3
votes
2 answers

Java policy settings not working for FilePermission

Our Java policy file used to just be: grant { permission java.security.AllPermission; }; I am trying to make our application more secure than just granting everything to everyone. I have it working well except I am having troubles giving…
northpole
  • 10,244
  • 7
  • 35
  • 58
1
vote
1 answer

Java 8 Windows permissions

I am trying to add the following permissions in my java.policy file: permission java.net.SocketPermission "127.0.0.1:1024-", "accept,connect,listen,resolve"; permission java.net.SocketPermission "127.0.0.1:28080”,…
Mihaimyh
  • 1,262
  • 1
  • 13
  • 35
1
vote
0 answers

Java WebStart custom secuity policy ignored

I am trying to trace an issue in one of our client software with aspectJ. The software is deployed via an jnlp file. I try to launch the application with JAVA_TOOL_OPTIONS -Djava.security.policy==path\to\all.policy Where all.policy contains grant…
meneken17
  • 350
  • 1
  • 10
1
vote
1 answer

Java SecurityException Cannot locate policy or framework files after updating to latest version

Here's how I launch java java -Djava.rmi.server.hostname=myhostname \ -Djava.security.policy=/myprogram/java.policy \ -Dcom.ibm.tools.attach.enable=no -jar \ /myprogram/myjar.jar and the contents of java.policy is grant codeBase…
activedecay
  • 10,129
  • 5
  • 47
  • 71
1
vote
0 answers

JMX authorize by method name using a java policy file

Can I write a java policy file to authorize with readOnly or readWrite access for individual methods (by the method name) of an Mbean server for JMX monitoring? If yes, please show an example. Thanks in advance.
Asma Zinneera Jabir
  • 801
  • 3
  • 13
  • 31
1
vote
2 answers

Wildfly Security Manager : Permission failed for javax.management.MBeanPermission

I have My JBOSS Wildfly10 set up. I am enabling SECMGR flag in standlone.conf.bat file to true for enabling java security manager and as my war is deployed in wildfy 10 ,I am giving following permission set in standalone.xml as below and getting…
Pathak
  • 183
  • 5
  • 21
1
vote
0 answers

Loading Desired Policy Implementation in JVM (Loading the value of policy.provider in Java security properties file)

According to the documentation, the default Policy implementation can be changed by setting the value of the "policy.provider" security property (in the Java security properties file) to the fully qualified name of the desired Policy subclass…
ChaaminiM
  • 21
  • 2
0
votes
0 answers

Java SecurityManager AccessControlException - Running from Network Share

I have a Java 8 application that evaluates user provided code via the Nashorn JavaScript ScriptEngine. To provide protection from evaluating malicious code, I am enabling the Java SecurityManager with the following policy: grant codeBase "file:/-"…
chrixm
  • 942
  • 6
  • 26
0
votes
2 answers

java.net.SocketPermission for localhost won't work on Java 1.8 but with your local IP it does

I have a seemingly strange problem with the Java 8 Policy. I used the following permission in Java 7 up to update 51 and it worked fine: grant { (...) java.net.SocketPermission "localhost:1024-", "accept,connect,listen,resolve"; }; But now…
Oli
  • 561
  • 7
  • 18
0
votes
1 answer

Security Exception for RMI in Tomcat

I don't seem to get my RMI server running when using server.policy running as a Tomcat7 Servlet. My policy file and codebase is running on my server. My server.policy is located in /home/foo/policyfiles/server.policy. I'm still getting some…
Gustav Cajander
  • 85
  • 2
  • 12
0
votes
1 answer

requesting a .java.policy file from URL security risk

My client wants to use an applet to do drag and drop file transfers from the browser. We have everything working for the most part, but the .java.policy file granting the applet file system access needs to be uploaded to every client in order for…
tjb1982
  • 2,257
  • 2
  • 26
  • 39
0
votes
1 answer

Suppressing Applet Alert in a eclipse extension plugin that uses jersey

I have written a REST client plugin for KNIME (a software that is based on eclipse). I have used jersey as library. Everything works fine. However, if I send an client request a APPLET ALERT dialog pops up asking me whether I want to allow, disallow…
user2161098
  • 1
  • 2
1
2