Skip to Content
Former Member
Dec 19, 2007 at 09:23 PM

RMI security issue


Hi, there!

I have a security issue when I try to run RMI client code in the web application on the Web AS 2004s. There is

lookup statement in JSP or servlet code:


which throws access denied (

D:\usr\sap\AS1\JC00\j2ee\cluster\server0\apps\\MyEntApp\servlet_jsp\MyWebApp\work\com\mycompany\packagename\RemoteClassImpl_Stub.class read)

I have investigated where "" parameter is setup, there has value "./java.policy". This file is

regenerated each time when web AS is started, thus I created another policy file, granted file permission for

above path and set it as in server start parameter. It doesn't resolve problem, I have

investigated this parameter doesn't correlate with real application run-time permissions. Have anybody ideas?


P.S. This code works fine as a standalone application.