I have a server where I work with a database and files using a java app.
When I start my app I give a report regarding file access to the server using:
public static boolean folderExists(String folderPath) {
File folderToCheck = new File(folderPath);
return folderToCheck.exists();
}
Every time I start my app (after a fresh restart of my computer)
I get a false response, even though the server is on.
The reason is because I must give an authentication as another user.
What I do is access the server through Windows
where I am being asked for username/password,
and after that I get a true response regarding file access to the server.
Is there a way to give the authentication username/password through Java,
and not through Windows?
Thank you
On Windows 'native' Java IO (e.g. java.io.File) always inherits the security context of the user running the JVM process. For example, you could run the Java app as a Windows service with the correct credentials.
The JCIFS project implements CIFS (the Windows SMB file server protocol) and allows you to directly specify the username/password.
See the API for examples.
I am pretty sure, that there is no way to grant fileaccess by java, without a Windows-Call.
You can call cacls file.log /e /t /p Everyone:f but this will be language-dependent.
I had a similar problem: How to change the file ACL in windows, if I only know the SID?
With Java7 there may be a way to do this.
Related
I want to read the content of a remote directory using java.
The directory is on a machine running Ubuntu. Right clicking on the folder should give the share folder option and its installed samba client for windows sharing, but I don't have any machine running Windows.
I'm looking for a java api library to access the remote directory content?
User will only provide username, password, ip and folder name.
eg [//172.17.0.1/sharefolder/demo/]
Thanks.
For a Samba Share:
Even SAMBA shares in linux use the same protocol as windows shares.
So the post here can help: How can I mount a windows drive in Java?
Basically, you could mount the shared location as a network drive using "net use" command .
You could call this either through windows console, or through a java Process.
For a SFTP location:
If you don't have a problem with calling/using an external command you could use sshfs (either out of java or through Process) to mount the remote directory into a local folder.
See: http://numberformat.wordpress.com/2010/03/01/how-to-mount-a-remote-ssh-filesystem-using-sshfs/
If you want pure java on how to access SFTP,I read that a library called JSch can be used to access SFTP directly from java. See:
http://chrisjordan.ca/post/15052396308/java-sftp
http://jcraft.com/jsch/examples/Sftp.java.html
If it's another type please specify
You might find the The Java CIFS Client Library having the API you need - it is useful for both server and client.
Here is an example taken from their documentation to retrieve a file:
import jcifs.smb.*;
jcifs.Config.setProperty( "jcifs.netbios.wins", "192.168.1.220" );
NtlmPasswordAuthentication auth = new NtlmPasswordAuthentication("domain", "username", "password");
SmbFileInputStream in = new SmbFileInputStream("smb://host/c/My Documents/somefile.txt", auth);
byte[] b = new byte[8192];
int n;
while(( n = in.read( b )) > 0 ) {
System.out.write( b, 0, n );
}
For SFTP consider using JSCAPE's Secure FTP Factory. Documentation with code examples can be found here.
jsch-nio is a fully functional unix/linux java FileSystemProvider over ssh.
I have an applet running in jnlp. My single jar file is signed. I accept the permissions prompt each time the JNLP client is launched. I can obtain the BasicService but it still throws a url permission denied exception when I try to follow a URI:
file:///D:\temp\test.txt
The file is present on all the Windows client machines I've tried and there are no security issues with opening it.
The issue happens when using a 32 or 64-bit JRE on the client. The server is 32-bit but I would think this irrelevant. The only clue (or red-herring perhaps) is that I get no security exception when the client and server are on the same host. If I use a remote client then I get the exception.
Whilst I needed to include the jnlp.jar file to compile the code, I assume it is not needed on the client if run using Java WebStart.
What else might you need to know? What else should I try?
Later that day...
Now this may or may not be a bug, it may be something wrong with the parameters in my jnlp file but I suspect that I'm using the wrong approach. Just to reitterate I'm trying to open a file:// url.
Here is what I am now doing:
I assumed that the Desktop facilities were only available in a Desktop Application - not an applet. I was wrong (and the documentation is scant - even on this hallowed site the only reference tells me to use JNLP Services for an Applet and Desktop for an Application) - Wrong (thankfully)
So you can use Desktop (having first checked that Desktop.isDesktopSupported() of course) in an applet - as long as you are running through WebStart not embedded as an applet.
I would propose the following approach to anyone.
See if Desktop is supported and use that.
Desktop.getDesktop().open(file);
If not then see if you can get the Basic JNLP Service.
BasicService bs = (BasicService)ServiceManager.lookup("javax.jnlp.BasicService");
and if that is available the use it with boolean openedOK = bs.showDocument(url);
Finally resort to the applet API.
AppletContext context = applet.getAppletContext();
context.showDocument(url, targetFrame);
File posisifileXML = new File("namefile.xml");
Writer outXML = new BufferedWriter(new FileWriter(posisifileXML));
outXML.write(String1);
outXML.close();
I have created Java applet in Linux, the program is used to create a namefile.xml, when I'm accessing java applet from the browser (with that Linux) to create a file, it's worked. That file is saved in my home directory. But the problem is when I'm accessing that Java applet from the browser with another computer (Windows 7), then appeared an error:
java.io.FileNotFoundException:namefile.xml (Access is denied)
oh sorry, I want to create a file from client's computer (windows 7) to the server's computer via the client's browser (using java applet)..
What should I do?
You should have posted the code :(
However, I have had the same issue because of the following two issues, when I was working with Applets
The access was restricted by windows (sometimes user privileges can do it. i.e: in my machine, it's hard to access C:/Desktop for programs)
Forgot to give the rights using Policy tool
The program is seeking for an existing file, but there is no such
File posisifileXML = new File("namefile.xml");
Never dump a File from an applet into the 'default directory'. Make that something like:
File posisifileXML = new File(
new File(System.getProperty("user.home")),
"namefile.xml");
I want to create a file from client's computer (windows 7) to the server's computer via the client's browser..
An applet on the client computer can not create or access a File on the server, security aside. File objects just do not work that way.
In order to get information from the user to be saved on the server file-system, requires help from the server.
I have a server where I work with a database and files using a java app.
When I start my app I give a report regarding file access to the server using:
public static boolean folderExists(String folderPath) {
File folderToCheck = new File(folderPath);
return folderToCheck.exists();
}
Every time I start my app (after a fresh restart of my computer)
I get a false response, even though the server is on.
The reason is because I must give an authentication as another user.
What I do is access the server through Windows
where I am being asked for username/password,
and after that I get a true response regarding file access to the server.
Is there a way to give the authentication username/password through Java,
and not through Windows?
Thank you
On Windows 'native' Java IO (e.g. java.io.File) always inherits the security context of the user running the JVM process. For example, you could run the Java app as a Windows service with the correct credentials.
The JCIFS project implements CIFS (the Windows SMB file server protocol) and allows you to directly specify the username/password.
See the API for examples.
I am pretty sure, that there is no way to grant fileaccess by java, without a Windows-Call.
You can call cacls file.log /e /t /p Everyone:f but this will be language-dependent.
I had a similar problem: How to change the file ACL in windows, if I only know the SID?
With Java7 there may be a way to do this.
I have a client-side security policy, with a statement that grants permissions. I want to be able to specify it to grant the set of permissions for an RMI server only. For example this works:
grant{
//my permissions
};
But I cant figure out how to link the set of permissions so that they apply to my codebase on the server. Actually anything, as long as its tied to the server would be fine. I have tried:
grant codeBase "file://hostname/-"{
//my permissions
};
With the hostname being the name or IP of the machine, both with and w/o the port number. But this does not work, neither does using http instead of file. If I understand what I read so far correctly the hyphen at the end should apply the permissions to anything located on the server. Anyone know what I need to do to get this to work?
Thanks.
Heres the codebase specified when running the server:
-Djava.rmi.server.codebase=file://home/me/PageServer/build/classes/ pageserver.LoginService pageserver.PlannerService
Where is the local JVM getting the code that should be granted permissions?
If it's downloading the code from an HTTP codebase on the server, you can use a URL starting with "http:".
If it's local code, you can use a URL starting with "file:" and ending with a local path.
Disclaimer: I've written security files for Jini, which is built atop RMI, and it's been a few years. Apologies for anything I've missed.
Use a JAR for the codebase, and specify exactly the HTTP URL in the .policy file that you specified in -Djava.rmi.server.codebase.