Java Web Start Permissions

Does anyone here know about permissions in Java Web Start?

I'm starting to learn how to use Java Web Start. After a bumpy start, I
finally succeeded in getting some Hello World applets and applications to
work perfectly via Java Web Start.

Now I'm working on a considerably more sophisticated application and
bumping into issues involving permissions. For example, the first error I
am getting is:

access denied ("java.util.PropertyPermission" "" "read")

I'm also expecting to need permission to write logs, although I haven't
gotten that far into executing my code yet. It's possible that there will
be other things that need permission too.

Can anyone explain how I give the application the permissions it needs?
I've done some googling on this issue and know that policy files are part
(or all?) of the solution. I see that I that there is a master permissions
file as well as individual permission files for individual users, situated
in their home directories. Is the user's home directory always My Documents
in Windows? (I'm only worried about serving Windows users for the moment
but I have no idea which version of Windows they'll have: XP, Vista, 7 or

I'm assuming the JNLP file for the Java Web Start also needs to have
something in it to point to the necessary permission. Unfortunately, the
documentation I've found so far is NOT very clear and examples are scarce
so I'm not sure what needs to happen in the JNLP file.

I'm also interested in knowing how the user of the application gives his
consent to any permissions I need. For instance, if I create a policy file
that gives me permission to do what I need to do, how does the user of the
Java Web Start application keep me from doing bad things, like deleting
every file on his hard drive? It seems to me that I should only be able to
request what I need but that the user of the program needs to be able to
look over that request, realize how dangerous or harmless that request is,
and then give consent if he is satisfied that it is safe. But how/when does
that happen? Do I send him the policy file and then let him eyeball it in a
text editor to make sure it's not doing something inappropriate? Then wait
for him to put the policy file in the appropriate place?


Relevant Pages

  • Re: RWW
    ... Were the permissions correct, or did you have to adjust them? ... >> Add Local Service and Network Service account Read & Execute, ... >>> current web request. ... >>> Exception Details: System.UnauthorizedAccessException: Access to the ...
  • Re: Receiving a strong name error when trying to access a library
    ... or use one of the other strong name hacking techniques ... > you are using the request will have the security context of the ... > ASPNET account does not have enough permissions, ... >> an assembly tag with in code? ...
  • Re: System.Security.SecurityException
    ... I needed to add permissions ... > I'm attempting to build an app then sends a request to a URL and reads the ... > Public Function LoadURL(ByVal Url As String) As String ... > Dim sr As New StreamReader ...
  • Access problems trying to access my log files
    ... folder to get the name of the folder the ex040920.log is ... granting access rights to the resource to the ASP.NET request identity. ... As I said I did try to set the permissions to everyone to solve the problem ... This is only on my WXP Pro machine so I am not concerned ...
  • Re: Access is denied
    ... What are you trying to instantiate? ... then check permissions on that object. ... What do you mean by all permissions (for ASP account)? ... > execution of the current web request. ...