Hi,
it should be possible to determine this by trial-and-error. Remove that
AllPermissions and run your program. Watch out for the first
SecurityException. It usually can be derived from the error message
which permission is missing. Grant this permissen, then run you prg
again...
Matthias
Joseph Shraibman wrote:
>
> Something else:
>
> I modified my permissions and granted accept resolv listen connect for a
> specific client machine. But that client machine still couldn't connect
> until I granted allpermissions. So obviously there is more than
> socetpermission involved in rmi calls. But what?
>
> Joseph Shraibman wrote:
>
> > All applications can listen on sockets on the localhost for ports 1024
> > and up. In addition I gave all files on my machine to connect and
> > resolv on localhost. If I try to do a Naming.lookup() from another
> > machine it will succeed, even though I didn't give rmiregistry accept
> > permission for anything. Calls to my rmi program fail from another
> > machine. Calls from the localhost succeed though.
> >
> > My questions are:
> > 1) How come rmiregistry works when I didn't give it accept permission
> > for *any* machine, not even the localhost?
> > 2) How come my rmi program will accept calls from the localhost when I
> > didn't give it permission to accept from any machine? And if it will
> > accept from the localhost, why not from other hosts?
> >
> > here is my java.policy:
> > /* AUTOMATICALLY GENERATED ON Thu Dec 09 21:47:50 EST 1999*/
> > /* DO NOT EDIT */
> >
> > grant codeBase "file:${java.home}/lib/ext/*" {
> > };
> >
> > grant {
> > permission java.lang.RuntimePermission "stopThread";
> > permission java.net.SocketPermission "localhost:1024-", "listen";
> > permission java.util.PropertyPermission "java.version", "read";
> > permission java.util.PropertyPermission "java.vendor", "read";
> > permission java.util.PropertyPermission "java.vendor.url", "read";
> > permission java.util.PropertyPermission "java.class.version", "read";
> > permission java.util.PropertyPermission "os.name", "read";
> > permission java.util.PropertyPermission "os.version", "read";
> > permission java.util.PropertyPermission "os.arch", "read";
> > permission java.util.PropertyPermission "file.separator", "read";
> > permission java.util.PropertyPermission "path.separator", "read";
> > permission java.util.PropertyPermission "line.separator", "read";
> > permission java.util.PropertyPermission "java.specification.version",
> > "read";
> > permission java.util.PropertyPermission "java.specification.vendor",
> > "read";
> > permission java.util.PropertyPermission "java.specification.name",
> > "read";
> > permission java.util.PropertyPermission
> > "java.vm.specification.version", "read";
> > permission java.util.PropertyPermission
> > "java.vm.specification.vendor", "read";
> > permission java.util.PropertyPermission "java.vm.specification.name",
> > "read";
> > permission java.util.PropertyPermission "java.vm.version", "read";
> > permission java.util.PropertyPermission "java.vm.vendor", "read";
> > permission java.util.PropertyPermission "java.vm.name", "read";
> > };
> >
> > grant codeBase "file://-" {
> > permission java.io.FilePermission "<<ALL FILES>>", "read, write,
> > delete, execute";
> > permission java.net.SocketPermission "localhost", "connect, resolve";
> > };
> >
> > ----------------------------------------------------------------------
> > To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
> ----------------------------------------------------------------------
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
----------------------------------------------------------------------
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
