Hello,I want to run keytool through my java program and i want to pass arguments through my code. i have been trying this but had no luck.Any body please help me.this is my codeimport java.io.*;public class RunExe {public static void main(String[] args) { Runtime run = Runtime.getRuntime(); try ...

Hello,I have a public key in pem format (file starts with '--BEGIN PUBLIC KEY--). The key isn't wrapped into any certificate. Is there a way to import it into java keystore?

hello.i'm going a little crazy here. i've downloaded tool after tool and configured my java application/web server hundreds of times now.i was asked to build a .NET web service running on a windows 2003 server machine and to only allow users to enter via Integrated windows authentication ...

Hello Security People,I would be very glad if you answer my following questions.The Java security manager (when activated) can control almost every operation by Java program. But, is it possible to stop a Java program from creating Threads? If yes, How? Thank you very much for your ...

[nobr]I get the following error:org.apache.jasper.JasperException: access denied (javax.security.auth.AuthPermission ...

hello.i new with this technology, i have been reading about keytool and generation of Certificates, exporting and importing certificates...i was trying the examples from here http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/keytool.html#EXAMPLES...but i only get errors.keytool error: ...

Hi Freinds,By mistake i have deleted a java file (SHIFT+DELETE) . and when i tried to recover that file from some recovery software , i am not getting the file in the proper format , i am not getting which for mat it is .I have posted a part of the file below.It was a importants one.Please give ...

For the data base program i am writing, I have an ExceptionWindow class which alerts the user if there was an unexptected exception. The information of the exception would then be saved to a file so that I can fix whatever caused the error. I am using a security manager with the database and I ...

I have a dialog that displays list of items whose cell renderer is customized using ImageIcons. Permissions have been granted properly, I think. The dialog can be shown but it can not draw it's children element correctly. And java.lang.NullPointerException was ...

When I encounter a java.security.AccessControlException, how can I find which class on the call stack cause the problem.Thanks in advance!

hiI would like to give a java.io.FilePermission to one of my packages which than writes into a file contained in an other package. If I apply the policy to to all packages, everything works correctly. But as soon as I apply the security only to one package, my policy doesn't work any more. ...

I am working on a pluginengine and wanted to add support for signed pluginsand want to store which certificates are accepted by the user, I guess I should store them in a keystore but how do I safely imlpement it so that no other program can add a certificate that the user didn't accepted? ...

Hi,I am trying to get an application that is usually deployed on JRun to run on Tomcat 4.1 within Eclipse (using Eclipse's WTP).Now, this application uses JAAS for authentication via a FORM.I have been trying to get it to work by using Tomcat's JAASRealm without much success.Here is what I ...

Log of tomcat:Sep 28, 2006 3:21:49 PM org.apache.catalina.core.AprLifecycleListener lifecycleEventINFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Apache Software Foundation\Tomcat ...

Good morningCurrently I am working on a Terminal-Server-Project which provides applications to users. Through Software Restriction Policys the users are restricted to a certain set of executables (Whitelisting). One of these permitted executables is java.exe. So if Java is enabled any Java ...

I'm beginning work on a new web application, and I'm looking for a framework or library that provides user management functionality. What I mean by that phrase is:- user/role CRUD (Create, Read, Update, Delete)- user authentication/authorizationWe've always written this functionality ...

Was wondering if anyone had any input on a good book to read on java security? I was looking at "Java Security, 2nd Ed" by Oaks. Wondering if anyone has an opinion on this book or another that may be more suited. I am looking for a solid foundation in security and then moving into more advanced ...

Hello all,I am trying to build a very simple JavaEE application with JAAS, but I getting mad.I have an EAR packed with a WAR module an EJB JAR module and a JAR with other classes. Struts is the MVC framework and EJB 3.0 is been used.First of all, I configured the "login-config.xml" file within ...

Dear colleagues, I have following problem.Configuration. We have Oracle AS 10.1.2.0.1 cluster. Client module requests functionality from EJB module deployed in server (stateless session beans). Client is written by Java 1.5, EJB - by Java 1.4. JAAS is used to establish security context between ...

Hi,For some reason I'm currently using the Sun PKCS11 wrapper directly in Java5. But, in Java 6, they changed the arguments of this static method. They added a string as second argument. What should I put in there?In Java5 I used to call:PKCS11.getInstance(pkcs11Library, null, ...

Hi,I'm implementing a client that uses a eID to sign XML messages in a SAML implementation of the FIPS196 protocol for SSO.When I launch the client, the SAML assertions are being exchanged and signed by the eid. The first time something gets signed a pin code is asked using a pop-up dialog ...

My application is an EAR deployed in OAS 9.0.4 successfully. Now I am trying to deploy it in oc4j standalone 10.1.3. I use Enterprise Manager to do deploy it. My EAR contains a War and also an application.xml like ...

Hi all.I'm developing an application for an E61 mobile, using PKI SATSA package. The IDE I use is netbeans 4.1 with the wireless toolkit 2.5, and the java card emulator 2.2.2.Ok, the thing is that with the emulators, everything goes right. I can generate a CSR, I can add a certificate and I ...

Can a Subject that is created independently be used for doAs() or doAsPrivileged()?Due to some restrictions I can not use LoginModule(and LoginContext) to authenitcate a user, instead, the authentication process is done using another approach. After that process I have added the gained roles as ...

Hi,I'd like to access the file permissions on a Unix system in order to know what action to do.Is that possible?I had a look at FilePermission, but it seems to deal only with java permissions.RegardsYann

In all examples of using JASS, it uses the following way. System.setProperty("java.security.auth.login.config", fileName)Is there a way I can specify the policies in code, not in a file? That way I don't have to worry about file permissions.p.s. Thanks for Seema-1 who anwsered my last ...

Hi,I need to iterate the Certificates in my App Server (Websphere)'s trust store (trust.jks) programmatically. I need to look at each cert, tell if it is within a month of expiring (and send a warning email if it is). We just got burned by an expired SSL certificate and my manager is adamant ...

Hi,I like to write a function that will take two credit cards number (valid luhn numbers) and counts how many luhn numbers exist in the range. Any pointers as to how to approach this?I have the fuction that check if the card is a valid Luhn and also know how to commute the check digit. But not ...

I think this is a simple question on grant statements and the default security manager, but I'm missing something obvious:1) If I have a class PrintHomepublic class PrintHome {public static void main(String[] argv) {System.out.println(System.getProperty("user.home"));}}residing in ...

Hi all,For security, we are using JAAS (in JBoss). The problem is whenever the user enters the application and logs out. Later then user gets deleted and its getting deleted in database. But if i login using"deleted user", instead of showing invalid login details, it is taking me to application ...

I am trying to get the SunPKCS11 provider to work with our PKCS11 library. The problem I have is that to access the keys within the PKCS11 token as a key store it is necessary to log into the token using C_LOGIN. I have tried to get the SunPKCS11 library to do this but I have totally ...

Hi There,I'm not sure if this is the right place to be posting this topic, but I'm not sure where else to put it. I think it's more of a Microsoft issue than a Java one, but maybe someone can point me in the right direction of where to look.I have written a front-end Java application that ...

My goal is to design an Authentication and Authorization system based on settings stored in an RDBMS schema. These settings would control which users would have certain CRUD operations associated to Features or specific Functionality.I also want to declaratively control the association between ...

WHEN ERROR OCCURS:-This problem never occured earlier but since the last few days this problem is occuring on my Windows XP System (Version 2002 Service Pack2).CLASSPATH includes bcprov-jdk14-134.jar and bcmail-jdk14-134.jar.At this statement....signerInformation.verify(cert.getPublicKey(), ...

I am making a "secure" chat server that has some simple functionality.For the server cert, I sent off the CSR to Thawte and set up the trust chain. That keystore seems to be fine:Keystore type: jksKeystore provider: SUNYour keystore contains 2 entriesAlias name: verisigntestrootCreation date: ...

Hi,can any one tell me how to configure HTTPS in websphere.thanks.

I have an X509Certificate object with me. Now how can I write this X509Certificate object as a .cer file containing the public key on the hard disk?Can it be done with BouncyCastle? Please help!

I am receiving the following error in the log files:Nov 14, 2006 11:32:23 AM org.apache.commons.modeler.Registry registerComponentSEVERE: Error registering Catalina:type=RequestProcessor,worker=jk-8009,name=JkRequest8163016javax.management.InstanceAlreadyExistsException: ...

Whenever I attempt to use jarsigner to sign or verify a jar file I receive the following message:C:\Contract Manager\Contractmanager\dist>jarsigner -verify CM.jarException in thread "main" java.lang.NoClassDefFoundError: sun/security/tools/JarSignerC:\Contract ...

How to validate the server to server using ssl,I have a server A with ssl cert,,also i have another server B with ssl cert,,,now when server A send request to server B,,the server B should validate server A,,means the server B shud service the requests of only server A for a perticular ...

Good day.I am putting the finishing touches on a custom security manager that profiles an application's security needs at runtime http://www.petrovic.org/content/SecMgrTutorial/sm.htmlIn short, the custom security manager extends java.lang.SecurityManager and overrides the two checkPermission() ...

I am developing an application that simulates the user's actions on a browser (logs in a site, do some POST's and GET's, etc) and I get the following error:Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: ...

Hi, i磛e some problems invalidating session web from my app web.I磛e my application web that uses multiples contexts. I want when I logout, the session is invalidate to all context. I use JAAS for authenticate in a login.jsp, and when I logout, I come back to lign.jsp but don磘 let me login ...

Hi everyone,I built a client- server RMI application;I'm defyining the policy permission for both clien and server side;I would like to know if there is a way to declare "variables" in policy files like that:grant codebase "/home/accounts/.../javarmi/" {permission java.net.SocketPermission ...

Hi,I am creating a small program that will need to sign a XML document given a keyname. At this point my program can import the key and also sign the XML document. However I cannot find any documentation on how to save signature so its embedded in the XML document. The apache xml security ...

Hi,First, I am a novice in security issues.Problem:I know how to generate CSR using PKCS#10 format with keytool. However I need to implement this functionality in my application. Unfortunately I can't find any docs describing this issue.Do anybody know about some API where I just pass data and ...

Hello all, This may be a silly question, but I would like to understan this. I can read from the Java 1.5 feature that it offers more efficiency than the older versions. But what happens if I'm already working with older version (may be Java 1.4) and upgraded to Java 1.5 hence most of my ...

Hi everyone,I am having trouble starting up my application after enabling global security on WAS 6.The startup logs show that the datasource has been successfully created and bound to server. But as soon as my application is trying to load and lookup that datasource an Exception is being ...

1. What is the benifit to get MIDlet signed.2. how to do it? Can I do it with keytool? or J2ME toolkit?3. I tried to sign my midlet suite with a self signed cert and using keytool, jarsigner and JadTool in WTK22. I export the cert to a .crt file and installed it on my 6630 and give all ...

I am trying to read through a directory and check whether I can read the files located in that directory. When I don't use a security manager the canRead() function always returns true. So I'm trying to implement a security manager and can't figure out what I'm doing wrong.I created the ...