Java JSSE RMI SSL file gets access denied











up vote
2
down vote

favorite












For university security lab work I have to create a simple client/server application using RMI. For secure communication between client and server I wanted to use SSL. Oracle has example so I tried to use it. And I get errors. I try to start server rmi.HelloImpl.java which uses rmi.RMISSLServerSocketFactory.java where the file mentioned in error is defined. And I am getting this error:



"C:Program FilesJavajdk1.8.0_191binjava.exe" "-javaagent:C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5libidea_rt.jar=54269:C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5bin" -Dfile.encoding=UTF-8 -classpath "C:Program FilesJavajdk1.8.0_191jrelibcharsets.jar;C:Program FilesJavajdk1.8.0_191jrelibdeploy.jar;C:Program FilesJavajdk1.8.0_191jrelibextaccess-bridge-64.jar;C:Program FilesJavajdk1.8.0_191jrelibextcldrdata.jar;C:Program FilesJavajdk1.8.0_191jrelibextdnsns.jar;C:Program FilesJavajdk1.8.0_191jrelibextjaccess.jar;C:Program FilesJavajdk1.8.0_191jrelibextjfxrt.jar;C:Program FilesJavajdk1.8.0_191jrelibextlocaledata.jar;C:Program FilesJavajdk1.8.0_191jrelibextnashorn.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunec.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunjce_provider.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunmscapi.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunpkcs11.jar;C:Program FilesJavajdk1.8.0_191jrelibextzipfs.jar;C:Program FilesJavajdk1.8.0_191jrelibjavaws.jar;C:Program FilesJavajdk1.8.0_191jrelibjce.jar;C:Program FilesJavajdk1.8.0_191jrelibjfr.jar;C:Program FilesJavajdk1.8.0_191jrelibjfxswt.jar;C:Program FilesJavajdk1.8.0_191jrelibjsse.jar;C:Program FilesJavajdk1.8.0_191jrelibmanagement-agent.jar;C:Program FilesJavajdk1.8.0_191jrelibplugin.jar;C:Program FilesJavajdk1.8.0_191jrelibresources.jar;C:Program FilesJavajdk1.8.0_191jrelibrt.jar;C:UsersAgneIdeaProjectsjssesamplesoutproductionjssesamples" rmi.HelloImpl

java.security.AccessControlException: access denied ("java.io.FilePermission" "testkeys" "read")

    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)

    at java.security.AccessController.checkPermission(AccessController.java:884)

    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)

    at java.lang.SecurityManager.checkRead(SecurityManager.java:888)

    at java.io.FileInputStream.<init>(FileInputStream.java:127)

    at java.io.FileInputStream.<init>(FileInputStream.java:93)

    at rmi.RMISSLServerSocketFactory.<init>(RMISSLServerSocketFactory.java:27)

    at rmi.HelloImpl.main(HelloImpl.java:34)

HelloImpl err: access denied ("java.io.FilePermission" "testkeys" "read")

java.security.AccessControlException: access denied ("java.io.FilePermission" "testkeys" "read")

    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)


I checked my Java is 8 version, I use IntelliJ IDEA, I run it as administrator. Same error I got, when I tried to create the file in this code too, before it goes to testkeys. Then almost indentical error with new file name and access is denied in write. What am I missing?



And code in these two classes which are the main participations:



HelloImpl



package rmi;



import java.io.*;

import java.net.InetAddress;

import java.rmi.RemoteException;

import java.rmi.RMISecurityManager;

import java.rmi.registry.LocateRegistry;

import java.rmi.registry.Registry;

import java.rmi.server.UnicastRemoteObject;



public class HelloImpl extends UnicastRemoteObject implements Hello {



    private static final int PORT = 2019;



    public HelloImpl() throws Exception {

        super(PORT,

              new RMISSLClientSocketFactory(),

              new RMISSLServerSocketFactory());

    }



    public String sayHello() {

        return "Hello World!";

    }



    public static void main(String args) {



        // Create and install a security manager

        if (System.getSecurityManager() == null) {

            System.setSecurityManager(new RMISecurityManager());

        }



        try {

            // Create SSL-based registry

            Registry registry = LocateRegistry.createRegistry(PORT,

                new RMISSLClientSocketFactory(),

                new RMISSLServerSocketFactory());



            HelloImpl obj = new HelloImpl();



            // Bind this object instance to the name "HelloServer"

            registry.bind("HelloServer", obj);



            System.out.println("HelloServer bound in registry");

        } catch (Exception e) {

            System.out.println("HelloImpl err: " + e.getMessage());

            e.printStackTrace();

        }

    }

}


RMISSLServerSocketFactory



    package rmi;



import java.io.*;

import java.net.*;

import java.rmi.server.*;

import javax.net.ssl.*;

import java.security.KeyStore;

import javax.net.ssl.*;



public class RMISSLServerSocketFactory implements RMIServerSocketFactory {



    /*

     * Create one SSLServerSocketFactory, so we can reuse sessions

     * created by previous sessions of this SSLContext.

     */

    private SSLServerSocketFactory ssf = null;



    public RMISSLServerSocketFactory() throws Exception {

        try {

            // set up key manager to do server authentication

            SSLContext ctx;

            KeyManagerFactory kmf;

            KeyStore ks;



            char passphrase = "passphrase".toCharArray();

            ks = KeyStore.getInstance("JKS");

            ks.load(new FileInputStream("testkeys"), passphrase);



            kmf = KeyManagerFactory.getInstance("SunX509");

            kmf.init(ks, passphrase);



            ctx = SSLContext.getInstance("TLS");

            ctx.init(kmf.getKeyManagers(), null, null);



            ssf = ctx.getServerSocketFactory();

        } catch (Exception e) {

            e.printStackTrace();

            throw e;

        }

    }



    public ServerSocket createServerSocket(int port) throws IOException {

            return ssf.createServerSocket(port);

    }



    public int hashCode() {

        return getClass().hashCode();

    }



    public boolean equals(Object obj) {

        if (obj == this) {

            return true;

        } else if (obj == null || getClass() != obj.getClass()) {

            return false;

        }

        return true;

    }

}





java ssl rmi jsse







share|improve this question


























    up vote
    2
    down vote

    favorite












    For university security lab work I have to create a simple client/server application using RMI. For secure communication between client and server I wanted to use SSL. Oracle has example so I tried to use it. And I get errors. I try to start server rmi.HelloImpl.java which uses rmi.RMISSLServerSocketFactory.java where the file mentioned in error is defined. And I am getting this error:



    "C:Program FilesJavajdk1.8.0_191binjava.exe" "-javaagent:C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5libidea_rt.jar=54269:C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5bin" -Dfile.encoding=UTF-8 -classpath "C:Program FilesJavajdk1.8.0_191jrelibcharsets.jar;C:Program FilesJavajdk1.8.0_191jrelibdeploy.jar;C:Program FilesJavajdk1.8.0_191jrelibextaccess-bridge-64.jar;C:Program FilesJavajdk1.8.0_191jrelibextcldrdata.jar;C:Program FilesJavajdk1.8.0_191jrelibextdnsns.jar;C:Program FilesJavajdk1.8.0_191jrelibextjaccess.jar;C:Program FilesJavajdk1.8.0_191jrelibextjfxrt.jar;C:Program FilesJavajdk1.8.0_191jrelibextlocaledata.jar;C:Program FilesJavajdk1.8.0_191jrelibextnashorn.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunec.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunjce_provider.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunmscapi.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunpkcs11.jar;C:Program FilesJavajdk1.8.0_191jrelibextzipfs.jar;C:Program FilesJavajdk1.8.0_191jrelibjavaws.jar;C:Program FilesJavajdk1.8.0_191jrelibjce.jar;C:Program FilesJavajdk1.8.0_191jrelibjfr.jar;C:Program FilesJavajdk1.8.0_191jrelibjfxswt.jar;C:Program FilesJavajdk1.8.0_191jrelibjsse.jar;C:Program FilesJavajdk1.8.0_191jrelibmanagement-agent.jar;C:Program FilesJavajdk1.8.0_191jrelibplugin.jar;C:Program FilesJavajdk1.8.0_191jrelibresources.jar;C:Program FilesJavajdk1.8.0_191jrelibrt.jar;C:UsersAgneIdeaProjectsjssesamplesoutproductionjssesamples" rmi.HelloImpl
    
java.security.AccessControlException: access denied ("java.io.FilePermission" "testkeys" "read")
    
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
    
    at java.security.AccessController.checkPermission(AccessController.java:884)
    
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
    
    at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
    
    at java.io.FileInputStream.<init>(FileInputStream.java:127)
    
    at java.io.FileInputStream.<init>(FileInputStream.java:93)
    
    at rmi.RMISSLServerSocketFactory.<init>(RMISSLServerSocketFactory.java:27)
    
    at rmi.HelloImpl.main(HelloImpl.java:34)
    
HelloImpl err: access denied ("java.io.FilePermission" "testkeys" "read")
    
java.security.AccessControlException: access denied ("java.io.FilePermission" "testkeys" "read")
    
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)


    I checked my Java is 8 version, I use IntelliJ IDEA, I run it as administrator. Same error I got, when I tried to create the file in this code too, before it goes to testkeys. Then almost indentical error with new file name and access is denied in write. What am I missing?



    And code in these two classes which are the main participations:



    HelloImpl



    package rmi;
    

    
import java.io.*;
    
import java.net.InetAddress;
    
import java.rmi.RemoteException;
    
import java.rmi.RMISecurityManager;
    
import java.rmi.registry.LocateRegistry;
    
import java.rmi.registry.Registry;
    
import java.rmi.server.UnicastRemoteObject;
    

    
public class HelloImpl extends UnicastRemoteObject implements Hello {
    

    
    private static final int PORT = 2019;
    

    
    public HelloImpl() throws Exception {
    
        super(PORT,
    
              new RMISSLClientSocketFactory(),
    
              new RMISSLServerSocketFactory());
    
    }
    

    
    public String sayHello() {
    
        return "Hello World!";
    
    }
    

    
    public static void main(String args) {
    

    
        // Create and install a security manager
    
        if (System.getSecurityManager() == null) {
    
            System.setSecurityManager(new RMISecurityManager());
    
        }
    

    
        try {
    
            // Create SSL-based registry
    
            Registry registry = LocateRegistry.createRegistry(PORT,
    
                new RMISSLClientSocketFactory(),
    
                new RMISSLServerSocketFactory());
    

    
            HelloImpl obj = new HelloImpl();
    

    
            // Bind this object instance to the name "HelloServer"
    
            registry.bind("HelloServer", obj);
    

    
            System.out.println("HelloServer bound in registry");
    
        } catch (Exception e) {
    
            System.out.println("HelloImpl err: " + e.getMessage());
    
            e.printStackTrace();
    
        }
    
    }
    
}


    RMISSLServerSocketFactory



        package rmi;
    

    
import java.io.*;
    
import java.net.*;
    
import java.rmi.server.*;
    
import javax.net.ssl.*;
    
import java.security.KeyStore;
    
import javax.net.ssl.*;
    

    
public class RMISSLServerSocketFactory implements RMIServerSocketFactory {
    

    
    /*
    
     * Create one SSLServerSocketFactory, so we can reuse sessions
    
     * created by previous sessions of this SSLContext.
    
     */
    
    private SSLServerSocketFactory ssf = null;
    

    
    public RMISSLServerSocketFactory() throws Exception {
    
        try {
    
            // set up key manager to do server authentication
    
            SSLContext ctx;
    
            KeyManagerFactory kmf;
    
            KeyStore ks;
    

    
            char passphrase = "passphrase".toCharArray();
    
            ks = KeyStore.getInstance("JKS");
    
            ks.load(new FileInputStream("testkeys"), passphrase);
    

    
            kmf = KeyManagerFactory.getInstance("SunX509");
    
            kmf.init(ks, passphrase);
    

    
            ctx = SSLContext.getInstance("TLS");
    
            ctx.init(kmf.getKeyManagers(), null, null);
    

    
            ssf = ctx.getServerSocketFactory();
    
        } catch (Exception e) {
    
            e.printStackTrace();
    
            throw e;
    
        }
    
    }
    

    
    public ServerSocket createServerSocket(int port) throws IOException {
    
            return ssf.createServerSocket(port);
    
    }
    

    
    public int hashCode() {
    
        return getClass().hashCode();
    
    }
    

    
    public boolean equals(Object obj) {
    
        if (obj == this) {
    
            return true;
    
        } else if (obj == null || getClass() != obj.getClass()) {
    
            return false;
    
        }
    
        return true;
    
    }
    
}





    java ssl rmi jsse







    share|improve this question
























      up vote
      2
      down vote

      favorite









      up vote
      2
      down vote

      favorite











      For university security lab work I have to create a simple client/server application using RMI. For secure communication between client and server I wanted to use SSL. Oracle has example so I tried to use it. And I get errors. I try to start server rmi.HelloImpl.java which uses rmi.RMISSLServerSocketFactory.java where the file mentioned in error is defined. And I am getting this error:



      "C:Program FilesJavajdk1.8.0_191binjava.exe" "-javaagent:C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5libidea_rt.jar=54269:C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5bin" -Dfile.encoding=UTF-8 -classpath "C:Program FilesJavajdk1.8.0_191jrelibcharsets.jar;C:Program FilesJavajdk1.8.0_191jrelibdeploy.jar;C:Program FilesJavajdk1.8.0_191jrelibextaccess-bridge-64.jar;C:Program FilesJavajdk1.8.0_191jrelibextcldrdata.jar;C:Program FilesJavajdk1.8.0_191jrelibextdnsns.jar;C:Program FilesJavajdk1.8.0_191jrelibextjaccess.jar;C:Program FilesJavajdk1.8.0_191jrelibextjfxrt.jar;C:Program FilesJavajdk1.8.0_191jrelibextlocaledata.jar;C:Program FilesJavajdk1.8.0_191jrelibextnashorn.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunec.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunjce_provider.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunmscapi.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunpkcs11.jar;C:Program FilesJavajdk1.8.0_191jrelibextzipfs.jar;C:Program FilesJavajdk1.8.0_191jrelibjavaws.jar;C:Program FilesJavajdk1.8.0_191jrelibjce.jar;C:Program FilesJavajdk1.8.0_191jrelibjfr.jar;C:Program FilesJavajdk1.8.0_191jrelibjfxswt.jar;C:Program FilesJavajdk1.8.0_191jrelibjsse.jar;C:Program FilesJavajdk1.8.0_191jrelibmanagement-agent.jar;C:Program FilesJavajdk1.8.0_191jrelibplugin.jar;C:Program FilesJavajdk1.8.0_191jrelibresources.jar;C:Program FilesJavajdk1.8.0_191jrelibrt.jar;C:UsersAgneIdeaProjectsjssesamplesoutproductionjssesamples" rmi.HelloImpl
      
java.security.AccessControlException: access denied ("java.io.FilePermission" "testkeys" "read")
      
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
      
    at java.security.AccessController.checkPermission(AccessController.java:884)
      
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
      
    at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
      
    at java.io.FileInputStream.<init>(FileInputStream.java:127)
      
    at java.io.FileInputStream.<init>(FileInputStream.java:93)
      
    at rmi.RMISSLServerSocketFactory.<init>(RMISSLServerSocketFactory.java:27)
      
    at rmi.HelloImpl.main(HelloImpl.java:34)
      
HelloImpl err: access denied ("java.io.FilePermission" "testkeys" "read")
      
java.security.AccessControlException: access denied ("java.io.FilePermission" "testkeys" "read")
      
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)


      I checked my Java is 8 version, I use IntelliJ IDEA, I run it as administrator. Same error I got, when I tried to create the file in this code too, before it goes to testkeys. Then almost indentical error with new file name and access is denied in write. What am I missing?



      And code in these two classes which are the main participations:



      HelloImpl



      package rmi;
      

      
import java.io.*;
      
import java.net.InetAddress;
      
import java.rmi.RemoteException;
      
import java.rmi.RMISecurityManager;
      
import java.rmi.registry.LocateRegistry;
      
import java.rmi.registry.Registry;
      
import java.rmi.server.UnicastRemoteObject;
      

      
public class HelloImpl extends UnicastRemoteObject implements Hello {
      

      
    private static final int PORT = 2019;
      

      
    public HelloImpl() throws Exception {
      
        super(PORT,
      
              new RMISSLClientSocketFactory(),
      
              new RMISSLServerSocketFactory());
      
    }
      

      
    public String sayHello() {
      
        return "Hello World!";
      
    }
      

      
    public static void main(String args) {
      

      
        // Create and install a security manager
      
        if (System.getSecurityManager() == null) {
      
            System.setSecurityManager(new RMISecurityManager());
      
        }
      

      
        try {
      
            // Create SSL-based registry
      
            Registry registry = LocateRegistry.createRegistry(PORT,
      
                new RMISSLClientSocketFactory(),
      
                new RMISSLServerSocketFactory());
      

      
            HelloImpl obj = new HelloImpl();
      

      
            // Bind this object instance to the name "HelloServer"
      
            registry.bind("HelloServer", obj);
      

      
            System.out.println("HelloServer bound in registry");
      
        } catch (Exception e) {
      
            System.out.println("HelloImpl err: " + e.getMessage());
      
            e.printStackTrace();
      
        }
      
    }
      
}


      RMISSLServerSocketFactory



          package rmi;
      

      
import java.io.*;
      
import java.net.*;
      
import java.rmi.server.*;
      
import javax.net.ssl.*;
      
import java.security.KeyStore;
      
import javax.net.ssl.*;
      

      
public class RMISSLServerSocketFactory implements RMIServerSocketFactory {
      

      
    /*
      
     * Create one SSLServerSocketFactory, so we can reuse sessions
      
     * created by previous sessions of this SSLContext.
      
     */
      
    private SSLServerSocketFactory ssf = null;
      

      
    public RMISSLServerSocketFactory() throws Exception {
      
        try {
      
            // set up key manager to do server authentication
      
            SSLContext ctx;
      
            KeyManagerFactory kmf;
      
            KeyStore ks;
      

      
            char passphrase = "passphrase".toCharArray();
      
            ks = KeyStore.getInstance("JKS");
      
            ks.load(new FileInputStream("testkeys"), passphrase);
      

      
            kmf = KeyManagerFactory.getInstance("SunX509");
      
            kmf.init(ks, passphrase);
      

      
            ctx = SSLContext.getInstance("TLS");
      
            ctx.init(kmf.getKeyManagers(), null, null);
      

      
            ssf = ctx.getServerSocketFactory();
      
        } catch (Exception e) {
      
            e.printStackTrace();
      
            throw e;
      
        }
      
    }
      

      
    public ServerSocket createServerSocket(int port) throws IOException {
      
            return ssf.createServerSocket(port);
      
    }
      

      
    public int hashCode() {
      
        return getClass().hashCode();
      
    }
      

      
    public boolean equals(Object obj) {
      
        if (obj == this) {
      
            return true;
      
        } else if (obj == null || getClass() != obj.getClass()) {
      
            return false;
      
        }
      
        return true;
      
    }
      
}





      java ssl rmi jsse







      share|improve this question













      For university security lab work I have to create a simple client/server application using RMI. For secure communication between client and server I wanted to use SSL. Oracle has example so I tried to use it. And I get errors. I try to start server rmi.HelloImpl.java which uses rmi.RMISSLServerSocketFactory.java where the file mentioned in error is defined. And I am getting this error:



      "C:Program FilesJavajdk1.8.0_191binjava.exe" "-javaagent:C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5libidea_rt.jar=54269:C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5bin" -Dfile.encoding=UTF-8 -classpath "C:Program FilesJavajdk1.8.0_191jrelibcharsets.jar;C:Program FilesJavajdk1.8.0_191jrelibdeploy.jar;C:Program FilesJavajdk1.8.0_191jrelibextaccess-bridge-64.jar;C:Program FilesJavajdk1.8.0_191jrelibextcldrdata.jar;C:Program FilesJavajdk1.8.0_191jrelibextdnsns.jar;C:Program FilesJavajdk1.8.0_191jrelibextjaccess.jar;C:Program FilesJavajdk1.8.0_191jrelibextjfxrt.jar;C:Program FilesJavajdk1.8.0_191jrelibextlocaledata.jar;C:Program FilesJavajdk1.8.0_191jrelibextnashorn.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunec.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunjce_provider.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunmscapi.jar;C:Program FilesJavajdk1.8.0_191jrelibextsunpkcs11.jar;C:Program FilesJavajdk1.8.0_191jrelibextzipfs.jar;C:Program FilesJavajdk1.8.0_191jrelibjavaws.jar;C:Program FilesJavajdk1.8.0_191jrelibjce.jar;C:Program FilesJavajdk1.8.0_191jrelibjfr.jar;C:Program FilesJavajdk1.8.0_191jrelibjfxswt.jar;C:Program FilesJavajdk1.8.0_191jrelibjsse.jar;C:Program FilesJavajdk1.8.0_191jrelibmanagement-agent.jar;C:Program FilesJavajdk1.8.0_191jrelibplugin.jar;C:Program FilesJavajdk1.8.0_191jrelibresources.jar;C:Program FilesJavajdk1.8.0_191jrelibrt.jar;C:UsersAgneIdeaProjectsjssesamplesoutproductionjssesamples" rmi.HelloImpl
      
java.security.AccessControlException: access denied ("java.io.FilePermission" "testkeys" "read")
      
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
      
    at java.security.AccessController.checkPermission(AccessController.java:884)
      
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
      
    at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
      
    at java.io.FileInputStream.<init>(FileInputStream.java:127)
      
    at java.io.FileInputStream.<init>(FileInputStream.java:93)
      
    at rmi.RMISSLServerSocketFactory.<init>(RMISSLServerSocketFactory.java:27)
      
    at rmi.HelloImpl.main(HelloImpl.java:34)
      
HelloImpl err: access denied ("java.io.FilePermission" "testkeys" "read")
      
java.security.AccessControlException: access denied ("java.io.FilePermission" "testkeys" "read")
      
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)


      I checked my Java is 8 version, I use IntelliJ IDEA, I run it as administrator. Same error I got, when I tried to create the file in this code too, before it goes to testkeys. Then almost indentical error with new file name and access is denied in write. What am I missing?



      And code in these two classes which are the main participations:



      HelloImpl



      package rmi;
      

      
import java.io.*;
      
import java.net.InetAddress;
      
import java.rmi.RemoteException;
      
import java.rmi.RMISecurityManager;
      
import java.rmi.registry.LocateRegistry;
      
import java.rmi.registry.Registry;
      
import java.rmi.server.UnicastRemoteObject;
      

      
public class HelloImpl extends UnicastRemoteObject implements Hello {
      

      
    private static final int PORT = 2019;
      

      
    public HelloImpl() throws Exception {
      
        super(PORT,
      
              new RMISSLClientSocketFactory(),
      
              new RMISSLServerSocketFactory());
      
    }
      

      
    public String sayHello() {
      
        return "Hello World!";
      
    }
      

      
    public static void main(String args) {
      

      
        // Create and install a security manager
      
        if (System.getSecurityManager() == null) {
      
            System.setSecurityManager(new RMISecurityManager());
      
        }
      

      
        try {
      
            // Create SSL-based registry
      
            Registry registry = LocateRegistry.createRegistry(PORT,
      
                new RMISSLClientSocketFactory(),
      
                new RMISSLServerSocketFactory());
      

      
            HelloImpl obj = new HelloImpl();
      

      
            // Bind this object instance to the name "HelloServer"
      
            registry.bind("HelloServer", obj);
      

      
            System.out.println("HelloServer bound in registry");
      
        } catch (Exception e) {
      
            System.out.println("HelloImpl err: " + e.getMessage());
      
            e.printStackTrace();
      
        }
      
    }
      
}


      RMISSLServerSocketFactory



          package rmi;
      

      
import java.io.*;
      
import java.net.*;
      
import java.rmi.server.*;
      
import javax.net.ssl.*;
      
import java.security.KeyStore;
      
import javax.net.ssl.*;
      

      
public class RMISSLServerSocketFactory implements RMIServerSocketFactory {
      

      
    /*
      
     * Create one SSLServerSocketFactory, so we can reuse sessions
      
     * created by previous sessions of this SSLContext.
      
     */
      
    private SSLServerSocketFactory ssf = null;
      

      
    public RMISSLServerSocketFactory() throws Exception {
      
        try {
      
            // set up key manager to do server authentication
      
            SSLContext ctx;
      
            KeyManagerFactory kmf;
      
            KeyStore ks;
      

      
            char passphrase = "passphrase".toCharArray();
      
            ks = KeyStore.getInstance("JKS");
      
            ks.load(new FileInputStream("testkeys"), passphrase);
      

      
            kmf = KeyManagerFactory.getInstance("SunX509");
      
            kmf.init(ks, passphrase);
      

      
            ctx = SSLContext.getInstance("TLS");
      
            ctx.init(kmf.getKeyManagers(), null, null);
      

      
            ssf = ctx.getServerSocketFactory();
      
        } catch (Exception e) {
      
            e.printStackTrace();
      
            throw e;
      
        }
      
    }
      

      
    public ServerSocket createServerSocket(int port) throws IOException {
      
            return ssf.createServerSocket(port);
      
    }
      

      
    public int hashCode() {
      
        return getClass().hashCode();
      
    }
      

      
    public boolean equals(Object obj) {
      
        if (obj == this) {
      
            return true;
      
        } else if (obj == null || getClass() != obj.getClass()) {
      
            return false;
      
        }
      
        return true;
      
    }
      
}





      java ssl rmi jsse




      java ssl rmi jsse






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 11 at 18:47









      Agne

      132




      132
























          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote



          accepted










          Once you install an RMISecurityManager, you need to have a policy file that specifies the permissions that your application will need in a security policy file. I think there used to be a policytool application that would help you write that file, and the error message tells you what permission you need to add to the file. In your case, it looks like something like:



          grant {
          
    filePermission "testKeys", "read" 
          
}


          would need to be part of your security policy.






          share|improve this answer





















          • For me it works with: grant { permission java.security.AllPermission; }; But I like your solution better for security reasons grant { permission java.io.FilePermission "testkeys", "read"; };. Only problem, that I get access denied Launcher failed - "Dump Threads" and "Exit" actions are unavailable (access denied ("java.io.FilePermission" "C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5binbreakgen64.dll" "read")) java.security.AccessControlException: access denied ("java.net.SocketPermission" "localhost:2019" "listen,resolve")
            – Agne
            Nov 12 at 13:01












          • You would need to add those permissions to the file, too ... That's the problem/feature with not using "AllPermission" - you get to find out what all the things are that the code needs permission to do, then add them all to the policy file. IIRC, mine ended up with something like 15-20 permission lines in it...
            – moilejter
            Nov 12 at 15:06











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53252010%2fjava-jsse-rmi-ssl-file-gets-access-denied%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          0
          down vote



          accepted










          Once you install an RMISecurityManager, you need to have a policy file that specifies the permissions that your application will need in a security policy file. I think there used to be a policytool application that would help you write that file, and the error message tells you what permission you need to add to the file. In your case, it looks like something like:



          grant {
          
    filePermission "testKeys", "read" 
          
}


          would need to be part of your security policy.






          share|improve this answer





















          • For me it works with: grant { permission java.security.AllPermission; }; But I like your solution better for security reasons grant { permission java.io.FilePermission "testkeys", "read"; };. Only problem, that I get access denied Launcher failed - "Dump Threads" and "Exit" actions are unavailable (access denied ("java.io.FilePermission" "C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5binbreakgen64.dll" "read")) java.security.AccessControlException: access denied ("java.net.SocketPermission" "localhost:2019" "listen,resolve")
            – Agne
            Nov 12 at 13:01












          • You would need to add those permissions to the file, too ... That's the problem/feature with not using "AllPermission" - you get to find out what all the things are that the code needs permission to do, then add them all to the policy file. IIRC, mine ended up with something like 15-20 permission lines in it...
            – moilejter
            Nov 12 at 15:06















          up vote
          0
          down vote



          accepted










          Once you install an RMISecurityManager, you need to have a policy file that specifies the permissions that your application will need in a security policy file. I think there used to be a policytool application that would help you write that file, and the error message tells you what permission you need to add to the file. In your case, it looks like something like:



          grant {
          
    filePermission "testKeys", "read" 
          
}


          would need to be part of your security policy.






          share|improve this answer





















          • For me it works with: grant { permission java.security.AllPermission; }; But I like your solution better for security reasons grant { permission java.io.FilePermission "testkeys", "read"; };. Only problem, that I get access denied Launcher failed - "Dump Threads" and "Exit" actions are unavailable (access denied ("java.io.FilePermission" "C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5binbreakgen64.dll" "read")) java.security.AccessControlException: access denied ("java.net.SocketPermission" "localhost:2019" "listen,resolve")
            – Agne
            Nov 12 at 13:01












          • You would need to add those permissions to the file, too ... That's the problem/feature with not using "AllPermission" - you get to find out what all the things are that the code needs permission to do, then add them all to the policy file. IIRC, mine ended up with something like 15-20 permission lines in it...
            – moilejter
            Nov 12 at 15:06













          up vote
          0
          down vote



          accepted







          up vote
          0
          down vote



          accepted






          Once you install an RMISecurityManager, you need to have a policy file that specifies the permissions that your application will need in a security policy file. I think there used to be a policytool application that would help you write that file, and the error message tells you what permission you need to add to the file. In your case, it looks like something like:



          grant {
          
    filePermission "testKeys", "read" 
          
}


          would need to be part of your security policy.






          share|improve this answer












          Once you install an RMISecurityManager, you need to have a policy file that specifies the permissions that your application will need in a security policy file. I think there used to be a policytool application that would help you write that file, and the error message tells you what permission you need to add to the file. In your case, it looks like something like:



          grant {
          
    filePermission "testKeys", "read" 
          
}


          would need to be part of your security policy.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 11 at 19:06









          moilejter

          62447




          62447












          • For me it works with: grant { permission java.security.AllPermission; }; But I like your solution better for security reasons grant { permission java.io.FilePermission "testkeys", "read"; };. Only problem, that I get access denied Launcher failed - "Dump Threads" and "Exit" actions are unavailable (access denied ("java.io.FilePermission" "C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5binbreakgen64.dll" "read")) java.security.AccessControlException: access denied ("java.net.SocketPermission" "localhost:2019" "listen,resolve")
            – Agne
            Nov 12 at 13:01












          • You would need to add those permissions to the file, too ... That's the problem/feature with not using "AllPermission" - you get to find out what all the things are that the code needs permission to do, then add them all to the policy file. IIRC, mine ended up with something like 15-20 permission lines in it...
            – moilejter
            Nov 12 at 15:06


















          • For me it works with: grant { permission java.security.AllPermission; }; But I like your solution better for security reasons grant { permission java.io.FilePermission "testkeys", "read"; };. Only problem, that I get access denied Launcher failed - "Dump Threads" and "Exit" actions are unavailable (access denied ("java.io.FilePermission" "C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5binbreakgen64.dll" "read")) java.security.AccessControlException: access denied ("java.net.SocketPermission" "localhost:2019" "listen,resolve")
            – Agne
            Nov 12 at 13:01












          • You would need to add those permissions to the file, too ... That's the problem/feature with not using "AllPermission" - you get to find out what all the things are that the code needs permission to do, then add them all to the policy file. IIRC, mine ended up with something like 15-20 permission lines in it...
            – moilejter
            Nov 12 at 15:06
















          For me it works with: grant { permission java.security.AllPermission; }; But I like your solution better for security reasons grant { permission java.io.FilePermission "testkeys", "read"; };. Only problem, that I get access denied Launcher failed - "Dump Threads" and "Exit" actions are unavailable (access denied ("java.io.FilePermission" "C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5binbreakgen64.dll" "read")) java.security.AccessControlException: access denied ("java.net.SocketPermission" "localhost:2019" "listen,resolve")
          – Agne
          Nov 12 at 13:01






          For me it works with: grant { permission java.security.AllPermission; }; But I like your solution better for security reasons grant { permission java.io.FilePermission "testkeys", "read"; };. Only problem, that I get access denied Launcher failed - "Dump Threads" and "Exit" actions are unavailable (access denied ("java.io.FilePermission" "C:Program FilesJetBrainsIntelliJ IDEA Community Edition 2018.2.5binbreakgen64.dll" "read")) java.security.AccessControlException: access denied ("java.net.SocketPermission" "localhost:2019" "listen,resolve")
          – Agne
          Nov 12 at 13:01














          You would need to add those permissions to the file, too ... That's the problem/feature with not using "AllPermission" - you get to find out what all the things are that the code needs permission to do, then add them all to the policy file. IIRC, mine ended up with something like 15-20 permission lines in it...
          – moilejter
          Nov 12 at 15:06




          You would need to add those permissions to the file, too ... That's the problem/feature with not using "AllPermission" - you get to find out what all the things are that the code needs permission to do, then add them all to the policy file. IIRC, mine ended up with something like 15-20 permission lines in it...
          – moilejter
          Nov 12 at 15:06


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53252010%2fjava-jsse-rmi-ssl-file-gets-access-denied%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          How to pass form data using jquery Ajax to insert data in database?

          Image
          .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 1 I have 4 tables namely stud, country_master_academic,master_state and master_city. The main problem is that my form consists of many different fields like textbox, radio buttons, dropdown and an image file, so i am getting really confused. I can't insert data in database. Please help me. I tried many times but its not working. Thanks for the help in advance. Modal in home.php page <div class="container"> <div class="modal fade" id="add_data_modal" role="dialog"> <div class="modal-dialog"> <div class="modal-content"> ...
          Read more

          National Museum of Racing and Hall of Fame

          Image
          Coordinates: 43°04′35″N 73°46′24″W  /  43.0763°N 73.7734°W  / 43.0763; -73.7734 Professional sports hall of fame in Saratoga Springs, New York National Museum of Racing and Hall of Fame National Museum of Racing and Hall of Fame Established 1951 Location Saratoga Springs, New York Type Professional sports hall of fame Director Cathy Marino Curator Victoria Tokarowski Website racingmuseum.org The National Museum of Racing and Hall of Fame was founded in 1951 in Saratoga Springs, New York, to honor the achievements of American Thoroughbred race horses, jockeys, and trainers. In 1955, the museum moved to its current location on Union Avenue near Saratoga race course, at which time inductions into the hall of fame began. Each spring, following the tabulation of the final votes, the announcement of new inductees is made, usually during Kentucky Derby Week in early May. The actual inductions are held in mid-August during the Saratoga race meeting...
          Read more

          Guess what letter conforming each word

          Image
          6 $begingroup$ This is an entry in the Fortnightly Topic Challenge #41: Short and Sweet. 1 letter only could be mean anything . With an additional letter in front , could be used as medicine component and something you definitely learn or at least heard once. Add another letter in front , you would possibly hear that many times . Add an additional letter in front , you would found an independent country . With an additional letter, in the end , you would found something related to apple . Add another letter in the end , you would found something bad . Hint: Each letter is unique . word knowledge letters chemistry share | improve this question ...
          Read more