Client Request restriction socket programming (local)
up vote
1
down vote
favorite
I went through many question asked here for socket programming but they are either connected to HTTP/URL . I just have two java class for server and client connected through port. The problem I face is that i have to let client1 read a file where as client2 is not allowed to read.I'm looking for any possible method to implement so that I will be able to allow or delete request based on the policy file.I tried to use the Security Manger method but failed to implement it properly. any suggest would be of great help
I will post the server class and the policy details below
Policy file
grant {
permission java.io.FilePermission "D:\Uni\System security\Client Server
Example\ClientServerExample\src\javaapplication2\abc.txt", "read",
signedBy "client1";
permission java.io.FilePermission "D:\Uni\System security\Client Server
Example\ClientServerExample\src\javaapplication2\abc.txt", "write",
signedBy "client2";
permission java.security.AllPermission, signedBy "client1";
permission javax.security.auth.kerberos.ServicePermission "285", "initiate,
accept", signedBy "client1";
};
Server Class
package javaapplication2;
import java.io.*;
import java.net.*;
import java.security.*;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
class Multi extends Thread
{
private Socket s = null;
DataInputStream infromClient;
Multi() throws IOException
{
}
Multi( Socket s ) throws IOException
{
this.s = s;
infromClient = new DataInputStream( s.getInputStream() );
}
public void run()
{
try
{
System.out.println( "Socket Closing" );
s.close();
}
catch ( IOException ex )
{
Logger.getLogger( Multi.class.getName() ).log( Level.SEVERE, null, ex );
}
}
}
public class Server
{
@SuppressWarnings("resource")
public static void main( String args ) throws IOException, InterruptedException
{
System.setProperty( "java.security.policy", "file:/C:/Users/Ali/Desktop/java.policy" );
SecurityManager client1 = new SecurityManager();
System.setSecurityManager( client1 );
ServerSocket socket = null;
DataInputStream in;
PrintStream out;
Socket clientSocket1 = null;
//try {
//System.out.println("Allowed!");
//}
while ( true )
{
socket = new ServerSocket( 200 );
System.out.println( "Server is Awaiting" );
clientSocket1 = socket.accept();
in = new DataInputStream( ( clientSocket1 ).getInputStream() );//read from client1
BufferedReader fileRead = new BufferedReader( new InputStreamReader( in ) );
String fname = fileRead.readLine();
FileInputStream propFile =
new FileInputStream( fname );
Properties p = new Properties( System.getProperties() );
p.load( propFile );
System.setProperties( p );
// display new properties
System.getProperties().list( System.out );
try
{
AccessController.checkPermission( new FilePermission( fname, "read" ) );
BufferedReader contentRead = new BufferedReader( new FileReader( fname ) );
out = new PrintStream( clientSocket1.getOutputStream() );//write to client1
PrintWriter pwrite = new PrintWriter( out, true );
String str;
while ( ( str = contentRead.readLine() ) != null )
{
pwrite.println( str ); // sending each line to client
}
}
catch ( SecurityException e )
{
}
Multi t = new Multi( clientSocket1 );
t.start();
Thread.sleep( 2000 );
socket.close();
}
}
}
java sockets acl access-control accesscontrolservice
edited Nov 11 at 17:19
Gayan Mettananda
45037
asked Nov 11 at 16:31
user13412
73
add a comment |
up vote
1
down vote
favorite
I went through many question asked here for socket programming but they are either connected to HTTP/URL . I just have two java class for server and client connected through port. The problem I face is that i have to let client1 read a file where as client2 is not allowed to read.I'm looking for any possible method to implement so that I will be able to allow or delete request based on the policy file.I tried to use the Security Manger method but failed to implement it properly. any suggest would be of great help
I will post the server class and the policy details below
Policy file
grant {
permission java.io.FilePermission "D:\Uni\System security\Client Server
Example\ClientServerExample\src\javaapplication2\abc.txt", "read",
signedBy "client1";
permission java.io.FilePermission "D:\Uni\System security\Client Server
Example\ClientServerExample\src\javaapplication2\abc.txt", "write",
signedBy "client2";
permission java.security.AllPermission, signedBy "client1";
permission javax.security.auth.kerberos.ServicePermission "285", "initiate,
accept", signedBy "client1";
};
Server Class
package javaapplication2;
import java.io.*;
import java.net.*;
import java.security.*;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
class Multi extends Thread
{
private Socket s = null;
DataInputStream infromClient;
Multi() throws IOException
{
}
Multi( Socket s ) throws IOException
{
this.s = s;
infromClient = new DataInputStream( s.getInputStream() );
}
public void run()
{
try
{
System.out.println( "Socket Closing" );
s.close();
}
catch ( IOException ex )
{
Logger.getLogger( Multi.class.getName() ).log( Level.SEVERE, null, ex );
}
}
}
public class Server
{
@SuppressWarnings("resource")
public static void main( String args ) throws IOException, InterruptedException
{
System.setProperty( "java.security.policy", "file:/C:/Users/Ali/Desktop/java.policy" );
SecurityManager client1 = new SecurityManager();
System.setSecurityManager( client1 );
ServerSocket socket = null;
DataInputStream in;
PrintStream out;
Socket clientSocket1 = null;
//try {
//System.out.println("Allowed!");
//}
while ( true )
{
socket = new ServerSocket( 200 );
System.out.println( "Server is Awaiting" );
clientSocket1 = socket.accept();
in = new DataInputStream( ( clientSocket1 ).getInputStream() );//read from client1
BufferedReader fileRead = new BufferedReader( new InputStreamReader( in ) );
String fname = fileRead.readLine();
FileInputStream propFile =
new FileInputStream( fname );
Properties p = new Properties( System.getProperties() );
p.load( propFile );
System.setProperties( p );
// display new properties
System.getProperties().list( System.out );
try
{
AccessController.checkPermission( new FilePermission( fname, "read" ) );
BufferedReader contentRead = new BufferedReader( new FileReader( fname ) );
out = new PrintStream( clientSocket1.getOutputStream() );//write to client1
PrintWriter pwrite = new PrintWriter( out, true );
String str;
while ( ( str = contentRead.readLine() ) != null )
{
pwrite.println( str ); // sending each line to client
}
}
catch ( SecurityException e )
{
}
Multi t = new Multi( clientSocket1 );
t.start();
Thread.sleep( 2000 );
socket.close();
}
}
}
java sockets acl access-control accesscontrolservice
edited Nov 11 at 17:19
Gayan Mettananda
45037
asked Nov 11 at 16:31
user13412
73
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I went through many question asked here for socket programming but they are either connected to HTTP/URL . I just have two java class for server and client connected through port. The problem I face is that i have to let client1 read a file where as client2 is not allowed to read.I'm looking for any possible method to implement so that I will be able to allow or delete request based on the policy file.I tried to use the Security Manger method but failed to implement it properly. any suggest would be of great help
I will post the server class and the policy details below
Policy file
grant {
permission java.io.FilePermission "D:\Uni\System security\Client Server
Example\ClientServerExample\src\javaapplication2\abc.txt", "read",
signedBy "client1";
permission java.io.FilePermission "D:\Uni\System security\Client Server
Example\ClientServerExample\src\javaapplication2\abc.txt", "write",
signedBy "client2";
permission java.security.AllPermission, signedBy "client1";
permission javax.security.auth.kerberos.ServicePermission "285", "initiate,
accept", signedBy "client1";
};
Server Class
package javaapplication2;
import java.io.*;
import java.net.*;
import java.security.*;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
class Multi extends Thread
{
private Socket s = null;
DataInputStream infromClient;
Multi() throws IOException
{
}
Multi( Socket s ) throws IOException
{
this.s = s;
infromClient = new DataInputStream( s.getInputStream() );
}
public void run()
{
try
{
System.out.println( "Socket Closing" );
s.close();
}
catch ( IOException ex )
{
Logger.getLogger( Multi.class.getName() ).log( Level.SEVERE, null, ex );
}
}
}
public class Server
{
@SuppressWarnings("resource")
public static void main( String args ) throws IOException, InterruptedException
{
System.setProperty( "java.security.policy", "file:/C:/Users/Ali/Desktop/java.policy" );
SecurityManager client1 = new SecurityManager();
System.setSecurityManager( client1 );
ServerSocket socket = null;
DataInputStream in;
PrintStream out;
Socket clientSocket1 = null;
//try {
//System.out.println("Allowed!");
//}
while ( true )
{
socket = new ServerSocket( 200 );
System.out.println( "Server is Awaiting" );
clientSocket1 = socket.accept();
in = new DataInputStream( ( clientSocket1 ).getInputStream() );//read from client1
BufferedReader fileRead = new BufferedReader( new InputStreamReader( in ) );
String fname = fileRead.readLine();
FileInputStream propFile =
new FileInputStream( fname );
Properties p = new Properties( System.getProperties() );
p.load( propFile );
System.setProperties( p );
// display new properties
System.getProperties().list( System.out );
try
{
AccessController.checkPermission( new FilePermission( fname, "read" ) );
BufferedReader contentRead = new BufferedReader( new FileReader( fname ) );
out = new PrintStream( clientSocket1.getOutputStream() );//write to client1
PrintWriter pwrite = new PrintWriter( out, true );
String str;
while ( ( str = contentRead.readLine() ) != null )
{
pwrite.println( str ); // sending each line to client
}
}
catch ( SecurityException e )
{
}
Multi t = new Multi( clientSocket1 );
t.start();
Thread.sleep( 2000 );
socket.close();
}
}
}
java sockets acl access-control accesscontrolservice
edited Nov 11 at 17:19
Gayan Mettananda
45037
asked Nov 11 at 16:31
user13412
73
I went through many question asked here for socket programming but they are either connected to HTTP/URL . I just have two java class for server and client connected through port. The problem I face is that i have to let client1 read a file where as client2 is not allowed to read.I'm looking for any possible method to implement so that I will be able to allow or delete request based on the policy file.I tried to use the Security Manger method but failed to implement it properly. any suggest would be of great help
I will post the server class and the policy details below
Policy file
grant {
permission java.io.FilePermission "D:\Uni\System security\Client Server
Example\ClientServerExample\src\javaapplication2\abc.txt", "read",
signedBy "client1";
permission java.io.FilePermission "D:\Uni\System security\Client Server
Example\ClientServerExample\src\javaapplication2\abc.txt", "write",
signedBy "client2";
permission java.security.AllPermission, signedBy "client1";
permission javax.security.auth.kerberos.ServicePermission "285", "initiate,
accept", signedBy "client1";
};
Server Class
package javaapplication2;
import java.io.*;
import java.net.*;
import java.security.*;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
class Multi extends Thread
{
private Socket s = null;
DataInputStream infromClient;
Multi() throws IOException
{
}
Multi( Socket s ) throws IOException
{
this.s = s;
infromClient = new DataInputStream( s.getInputStream() );
}
public void run()
{
try
{
System.out.println( "Socket Closing" );
s.close();
}
catch ( IOException ex )
{
Logger.getLogger( Multi.class.getName() ).log( Level.SEVERE, null, ex );
}
}
}
public class Server
{
@SuppressWarnings("resource")
public static void main( String args ) throws IOException, InterruptedException
{
System.setProperty( "java.security.policy", "file:/C:/Users/Ali/Desktop/java.policy" );
SecurityManager client1 = new SecurityManager();
System.setSecurityManager( client1 );
ServerSocket socket = null;
DataInputStream in;
PrintStream out;
Socket clientSocket1 = null;
//try {
//System.out.println("Allowed!");
//}
while ( true )
{
socket = new ServerSocket( 200 );
System.out.println( "Server is Awaiting" );
clientSocket1 = socket.accept();
in = new DataInputStream( ( clientSocket1 ).getInputStream() );//read from client1
BufferedReader fileRead = new BufferedReader( new InputStreamReader( in ) );
String fname = fileRead.readLine();
FileInputStream propFile =
new FileInputStream( fname );
Properties p = new Properties( System.getProperties() );
p.load( propFile );
System.setProperties( p );
// display new properties
System.getProperties().list( System.out );
try
{
AccessController.checkPermission( new FilePermission( fname, "read" ) );
BufferedReader contentRead = new BufferedReader( new FileReader( fname ) );
out = new PrintStream( clientSocket1.getOutputStream() );//write to client1
PrintWriter pwrite = new PrintWriter( out, true );
String str;
while ( ( str = contentRead.readLine() ) != null )
{
pwrite.println( str ); // sending each line to client
}
}
catch ( SecurityException e )
{
}
Multi t = new Multi( clientSocket1 );
t.start();
Thread.sleep( 2000 );
socket.close();
}
}
}
java sockets acl access-control accesscontrolservice
java sockets acl access-control accesscontrolservice
edited Nov 11 at 17:19
Gayan Mettananda
45037
asked Nov 11 at 16:31
user13412
73
edited Nov 11 at 17:19
Gayan Mettananda
45037
asked Nov 11 at 16:31
user13412
73
edited Nov 11 at 17:19
Gayan Mettananda
45037
edited Nov 11 at 17:19
Gayan Mettananda
45037
edited Nov 11 at 17:19
Gayan Mettananda
45037
45037
asked Nov 11 at 16:31
user13412
73
asked Nov 11 at 16:31
user13412
73
asked Nov 11 at 16:31
user13412
73
73
add a comment |
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
draft saved
draft discarded
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53250801%2fclient-request-restriction-socket-programming-local%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
