質問
I have made a rest application which is working fine on its own.
https://stackoverflow.com/questions/22216978
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianimport javax.ws.rs.GET;
import javax.ws.rs.Path;
@Path("/helloworld")
public class HelloWorldResource
{
@GET
public String getMessage()
{
return "Hello World!";
}
}
I want to invoke this from a client using JAAS.There are two Principals namely UserPrincipal and SystemAdminPrincipal.I want to invoke the web service when the Principal is SystemAdminPrincipal.I am using URLPermission to grant permission and apache HttpClient to execute the get method. The policy file is
grant Principal UserPrincipal "user"
{
};
grant Principal SysAdminPrincipal "sysadmin"
{
permission java.net.URLPermission "http://localhost:8080/HelloWorldREST/helloworld","GET";
};
But I am encountering Security Exception even for SystemAdminPrincipal.Probably the usage of URLPermission is faulty is my case.Could someone point how to properly use URLPermission.Thanks in advance.
解決
The policy file should grant socket permission prior to granting URLPermission .The policy file should be.
grant Principal SysAdminPrincipal "sysadmin"
{
permission java.net.SocketPermission "127.0.0.1:8080","connect,resolve";
permission java.net.URLPermission "http://localhost:8080/HelloWorldREST/helloworld","GET";
};
grant Principal UserPrincipal "user"
{
};
