I'm trying to implement Sun Tutorials RMI application that calculates Pi. I'm having some serious problems and I cant find the solution eventhough I've been searching the entire web and several javaskilled people.
I'm hoping you can put an end to my frustrations.
The crazy thing is that I can run the application from the cmd on my desktop computer. Trying the exact same thing with the exact same code in the exact same directories on my laptop produces the following errors. The problem occures when I try to connect the client to the server.
I don't believe that the error is due to my policyfile as I can run it on the desktop. It must be elsewhere. Have anyone tried the same and can you give me a hint as to where my problem is, please?
POLICYFILE SERVER:
grant
{
permission java.security.AllPermissions;
permission java.net.SocketPermission"*", "connect, resolve";
};
POLICYFILE CLIENT:
grant
{
permission java.security.AllPermissions;
permission java.net.SocketPermission"*", "connect, resolve";
};
______________________________________________
SERVERSIDE ERRORS:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\STUDENT>cd\
C:\>start rmiregistry
C:\>java -cp c:\java;c:\java\compute.jar -Djava.rmi.server.codebase=file:/c:/jav
a/compute.jar -Djava.rmi.server.hostname=localhost -Djava.security.policy=c:/jav
a/servertest.policy engine.ComputeEngine
ComputeEngine bound
Exception in thread "RMI TCP Connection(idle)" java.security.AccessControlExcept
ion: access denied (java.net.SocketPermission 127.0.0.1:1440 accept,resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkAccept(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.checkAcceptPermi
ssion(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport.checkAcceptPermission(Unknown Sour
ce)
at sun.rmi.transport.Transport$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown Source)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(Unknown Sou
rce)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Sour
ce)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source
)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
_______________________________
CLIENTSIDE ERRORS:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\STUDENT>cd\
C:\>java -cp c:\java;c:\java\compute.jar -Djava.rmi.server.codebase=file:\C:\jav
a\files\ -Djava.security.policy=c:/java/clienttest.policy client.ComputePi local
host 45
ComputePi exception:
java.rmi.UnmarshalException: Error unmarshaling return header; nested exception
is:
java.io.EOFException
at sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source)
at sun.rmi.server.UnicastRef.invoke(Unknown Source)
at java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(Unkn
own Source)
at java.rmi.server.RemoteObjectInvocationHandler.invoke(Unknown Source)
at $Proxy0.executeTask(Unknown Source)
at client.ComputePi.main(ComputePi.java:18)
Caused by: java.io.EOFException
at java.io.DataInputStream.readByte(Unknown Source)
... 6 more
C:\>
Thanks in advance
Perry
Your server didn't have permission to accept a connection from that client.
Ergo your policy file wasn't where you said it was, or wasn't loaded for some other reason.
Run it with -Djava.security.debug=access,failure and you will see what protection domain you were in when the security exception occurred, and what permissions it had.
java -cp c:\java;c:\java\compute.jar -Djava.rmi.server.codebase=file:/c:/java/compute.jar -Djava.rmi.server.hostname=localhost -Djava.security.policy=c:/java/servertest.policy engine.ComputeEngine
NB a file: codebase cannot work if it refers to a local filesystem, unless the client is also in the same machine, which makes RMI fairly pointless. Codebase URLs need to refer to locations that are accessible by the client. You can use shared file systems but you must provide a URL that is usable by the client. The server doesn't use its own codebase URL at all.
I tried the same and I found that Java simply ignored the policy file, no matter where I put it or what I put into it or which option I used to make the VM pick it up.
In the end, I create my own SecurityManager in the code and did everything manually.
Related
I'm trying to run a simple Java Web Start App. I wrote my code in NetBeans and used the jar exported for my .jnlp file. Eventually I plan on having the code read from the windows registry and use that data, but for now all I'm doing is creating a String then calling System.out.println(strName); I am self signing the jar using the strategy outlined here. When I download and run the .jnlp, I get the following exception:
java.security.AccessControlException: access denied ("java.util.PropertyPermission" "jna.debug_load" "read")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at com.sun.javaws.security.JavaWebStartSecurity.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.lang.Boolean.getBoolean(Unknown Source)
at com.sun.jna.Native.<clinit>(Native.java:95)
at com.sun.jna.Pointer.<clinit>(Pointer.java:41)
at com.sun.jna.platform.win32.WinReg$HKEY.<init>(WinReg.java:32)
at com.sun.jna.platform.win32.WinReg.<clinit>(WinReg.java:61)
at cvbxtractor.CvbXtractor.main(CvbXtractor.java:17)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I have tried adding permission java.util.PropertyPermission "jna.debug_load", "read"; to my java.policy file, I have tried signing and resigning any jars it might be using, and made sure my .jnlp has the
<security>
<all-permissions/>
</security>
line in it, but none have helped. I'm sure I'm just missing some security toggle somewhere, if this is easy please forgive me, this is my first Java Web Start App.
As of java 7u45, you can't read system properties when running from a jnlp. Oracle basically ruined javaws. If you're writing a new app, I would recommend staying away from java webstart. It's broken and they just keep making it worse by forcing security updates that break your application.
That being said, one partial workaround to this problem is to prefix all of your properties with jnlp.. So, you'd have to rename your property jnlp.jna.debug_load. If it's a property from a third party library/jar you're using, you're out of luck.
I am trying to start the network server from outside netbeans. I did set the DERBY_INSTALL variable to the appropriate directory, then i issue setNetworkServerCP command which also works fine. But when i try to run startNetworkServer i am getting the following error.
C:\Users\tandons>D:
D:>cd D:\netbeans\glassfish-v2.1\javadb\bin
D:\netbeans\glassfish-v2.1\javadb\bin>setNetworkServerCP DERBY_HOME or
DERBY_INSTALL not set. Set one of these variables to the location of
your Derby installation. D:\netbeans\glassfish-v2.1\javadb\bin>set
DERBY_INSTALL=D:\netbeans\glassfish-v2 .1\javadb
D:\netbeans\glassfish-v2.1\javadb\bin>setNetworkServerCP.bat
D:\netbeans\glassfish-v2.1\javadb\bin>SET
DERBY_INSTALL=D:\netbeans\GLASSF~1.1\j avadb
D:\netbeans\glassfish-v2.1\javadb\bin>set
CLASSPATH=D:\netbeans\glassfish-v2.1\j
avadb\lib\derbynet.jar;D:\netbeans\glassfish-v2.1\javadb\lib\derbytools.jar;
D:\netbeans\glassfish-v2.1\javadb\bin>setNetworkServerCP
D:\netbeans\glassfish-v2.1\javadb\bin>SET
DERBY_INSTALL=D:\netbeans\GLASSF~1.1\j avadb
D:\netbeans\glassfish-v2.1\javadb\bin>set
CLASSPATH=D:\netbeans\glassfish-v2.1\j
avadb\lib\derbynet.jar;D:\netbeans\glassfish-v2.1\javadb\lib\derbytools.jar;D:\n
etbeans\glassfish-v2.1\javadb\lib\derbynet.jar;D:\netbeans\glassfish-v2.1\javadb
\lib\derbytools.jar;
D:\netbeans\glassfish-v2.1\javadb\bin>startNetworkServer Security
manager installed using the Basic server security policy. access
denied ("java.net.SocketPermission" "localhost:1527" "listen,resolve")
java.security.AccessControlException: access denied
("java.net.SocketPermission" "localhost:1527" "listen,resolve")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkListen(Unknown Source)
at java.net.ServerSocket.bind(Unknown Source)
at java.net.ServerSocket.(Unknown Source)
at javax.net.DefaultServerSocketFactory.createServerSocket(Unknown Sourc
e)
at org.apache.derby.impl.drda.NetworkServerControlImpl.createServerSocke
t(Unknown Source)
at org.apache.derby.impl.drda.NetworkServerControlImpl.access$000(Unknow
n Source)
at org.apache.derby.impl.drda.NetworkServerControlImpl$1.run(Unknown Sou
rce)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.derby.impl.drda.NetworkServerControlImpl.blockingStart(Unk
nown Source)
at org.apache.derby.impl.drda.NetworkServerControlImpl.executeWork(Unkno
wn Source)
at org.apache.derby.drda.NetworkServerControl.main(Unknown Source)
D:\netbeans\glassfish-v2.1\javadb\bin>
also is there a better way to do this from within a java program. I read the official doc given on Apache website( using NetworkServerControl api ) but i can make hardly anything out of whats given there..........
This is a known bug. Workarounds are described in the links below. (Google is your friend):
Netbeans bug report
Blog 1
Blog 2
I'm trying to connect a client and remote server through RMI and I get this error message:
java.rmi.UnmarshalException: error unmarshalling return; nested exception is:
java.net.MalformedURLException: unknown protocol: c
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at java.rmi.Naming.lookup(Unknown Source)
at RmiClient.getMessage(RmiClient.java:11)
at RmiClient.main(RmiClient.java:26)
Caused by: java.net.MalformedURLException: unknown protocol: c
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at sun.rmi.server.LoaderHandler.pathToURLs(Unknown Source)
at sun.rmi.server.LoaderHandler.getDefaultCodebaseURLs(Unknown Source)
at sun.rmi.server.LoaderHandler.loadClass(Unknown Source)
at java.rmi.server.RMIClassLoader$2.loadClass(Unknown Source)
at java.rmi.server.RMIClassLoader.loadClass(Unknown Source)
at sun.rmi.server.MarshalInputStream.resolveClass(Unknown Source)
at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
at java.io.ObjectInputStream.readClassDesc(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
... 4 more
The following may be the cause of the problem:
The server has this line:
Naming.rebind("rmi://172.31.24.66:1099/RmiServer", obj);
which refers to the private IP address of an EC2 instance. The client on the other hand has this line - which is line 11 from above:
RmiServerIntf obj = (RmiServerIntf)Naming.lookup("rmi://54.229.66.114:1099/RmiServer");
which is the public IP of that instance. Also, on the client side I set the codebase property as:
System.setProperty("java.rmi.server.codebase", "C:\\Users\\spacitron\\Projects\\RMIClient\\bin");
If I try to add the same line on the server I get a "permission denied" error.
A codebase is a list of URLs. What you have specified is a file name, not a URL.
It is also a rather useless filename, unless the client is on the same host as the server, in which case it is difficult to see why you're using the codebase feature at all. Even if you have a shared drive it is just as easy to specify directories in the client's CLASSPATH as it is to use java.rmi.server.codebase. A codebase URL needs to be usable by the recipient. That's why they are almost always HTTP URLs, or maybe FTP URLs.
try down grading your jdk7 below update 21/jdk6 below update 45.
compile and test again of this work problem is java.rmi.server.useCodebaseOnly system property
please check below link for solution for both version of jdk's
http://docs.oracle.com/javase/7/docs/technotes/guides/rmi/relnotes.html
I have a java program Read which reads file from an URL looks like this:
file://myhost/system.log
On Windows I use this command:
java Read "file://myhost/system.log"
and it works flawlessly.
But on Linux when I try to use the same command it gives me this error:
Exception in thread "main" java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.net.ftp.impl.FtpClient.doConnect(Unknown Source)
at sun.net.ftp.impl.FtpClient.tryConnect(Unknown Source)
at sun.net.ftp.impl.FtpClient.connect(Unknown Source)
at sun.net.ftp.impl.FtpClient.connect(Unknown Source)
at sun.net.www.protocol.ftp.FtpURLConnection.connect(Unknown Source)
at sun.net.www.protocol.ftp.FtpURLConnection.getInputStream(Unknown Source)
at java.net.URL.openStream(Unknown Source)
at read.readInput(ReadHTML.java:53)
at read.readInput.main(ReadHTML.java:76)
Any ideas?
UPDATE:
I think I found the problem:
myhost is not mounted on the Linux machine so that it cannot connect to it by using file://...
Thanks for all the answers, guys!
This is because your program (by virtue of using a file URL on a Linux OS) is attempting to open an FTP connection to the host specified in the URL. The establishment of the FTP connection fails.
This could be due to a variety of issues. Try connecting with ftp directly:
ftp myhost
And I'm guessing it'd fail as well. Do you have an FTP server installed & running?
One of the possible reason can be that hosts.allow does not have entry of your machine.
I suspect you just need a third /. The correct syntax for file uris is file://[path] but [path] should begin with a /.
I get the ff. error in Java Console occassionally:
Exception in thread "thread applet-my.package.MyApplet-10" java.lang.NoClassDefFoundError: another/package/SomeClass
at my.package.MyApplet.init(MyApplet.java:95)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.ClassNotFoundException: another.package.SomeClass
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
... 3 more
Caused by: java.io.IOException: open HTTP connection failed:https://myserver/mycontext/applets/another/package/SomeClass.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 7 more
My applet tag is as follows:
<applet codebase="../../applets" code="my.package.MyApplet" class="invisible" id="myApplet">
<param value="value0" name="param0"/>
...
<param value="valueN" name="paramN" />
<param value="folder/myApplet__0.0.1177.jar,folder/commons-io-1.3.2__0.0.1177.jar,..." name="cache_archive"/>
<param value="0.0.1177.0,0.0.1177.0,...," name="cache_version"/>
</applet>
It is important I stress the word "occasionally". Sometimes the applet is initialized without a hitch. This also means that, often, when the browser is restarted, the problem goes away.
I am aware of applet fails to load class from jar and Applet class loader cannot find a class in the applet's jar but I think they are not applicable to my case. SomeClass and MyApplet are in the same jar and the page is being accessed locally.
Caused by: java.io.IOException: open HTTP connection failed:https://myserver/mycontext/applets/another/package/SomeClass.class
This looks like there is a connection issue with retrieving the jar file from the HTTPS server.
I don't know exactly what version of Java are you running, but you can check the reason of the defect pertaining to your problem here.
If this is not the problem, then make sure that there's enough caching for your JAR file when downloaded else it fails to launch. It's not code issue unfortunately.
UPDATE Is your class SomeClass accessing any remote server or database by any chance?
The exception clearly shows that there is an AccessControl privilege that has been denied.
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
Bear in mind, that applets are like Flash Objects:
They are both downloaded and run from the client side.
Only difference is that Applets were designed with lots of access control rules such as, it must not connect to servers hidden behind company DMZ (De-Militarized Zone), etc.
If that's the case, I suggest you find a way to retrieve your data outside applets (try servlet?)
UPDATE 2 It seems the JVM can't find the trusted certificate to match with your signed jar.
Since your jar file is signed make sure that the jar file can point your trusted certificate (remember, it must be trusted).
More information, check: http://faq.javaranch.com/java/HowCanAnAppletReadFilesOnTheLocalFileSystem AND http://www.developer.com/article.php/3303561
Probably has something to do with http://download.oracle.com/javase/6/docs/api/java/util/ServiceLoader.html. I.e., one or more of the jars defines/expects a provider. Investigate when there is time.