Standalone Client and JAAS authentication


EJB programming & troubleshooting: Standalone Client and JAAS authentication

  1. Standalone Client and JAAS authentication (1 messages)

    Hi all,
    I'm trying to execute a Standalone Java Client Application that uses JAAS to authenticate (Client has to connect
    to a remote Session Bean)

    When I run the client:

    java MyClientClass

    I get the following exception:

    Exception in thread "main" access denied ( createLoginContext.other)
            at java.lang.SecurityManager.checkPermission(
            at client.gui.ProvaUser.main(

    The strange thing is that I don't get the exception if I run the client in the
    directory where client.policy and auth.conf files reside.

    I thought that it was a CLASSPATH problem but even if I indicate in the
    CLASSPATH the directory where the two files reside, the problem doesn't disappear.

    Many thanks in advance
  2. The policy and auth.conf files are loaded using a file path, not the classpath. Therefore, the values you specify in the and must be the full or relative paths to these files, based on the startup directory of the application.

    The reason for this is security: if these files were loaded via the classpath, it would be too easy to substitute a "fake" policy file for the real one.