ACC Client's Permission
My client application gets the following security exceptions when it's invoked via Java Web Start.
--- CASE1: Caused by ImageIO
java.security.AccessControlException: access denied (java.io.FilePermission C:/Temp/users/xxxx/imageio18686.tmp delete)
--- CASE2: Caused by System.getProperties()
java.security.AccessControlException: access denied (java.util.PropertyPermission * read,write)
I guess that Java Web Start's security sandbox causes these exception. Of course, in CASE1, the OS user has sufficient OS permission to delete the file.
Then, how to allow the client to access files and System.getProperties()?
I thought that I should give it permissions by writing JNLP file with . But the client's JNLP file is generated by GlassFish, and I don't know how to tell GlassFish to include element in the generated JNLP file. (In addition, generated JNLP file has element already?).
Then, the developer guide of GlassFish mentions client.policy file, and I thought that it could be an answer.
But it's not clear for me with the document that...
- should I edit GLASSFISH_HOME/lib/appclient/client.policy?
- or should I include custom client.policy somewhere in EAR archive?
Any help is appreciated.