Java – Request admin privileges for Java app on Windows Vista

access-deniedjavaschedulerwindows-vista

When I try to create a new task in the task scheduler via the Java ProcessBuilder class I get an access denied error an Windows Vista. On XP it works just fine.

When I use the "Run as adminstrator" option it runs on Vista as well..

However this is a additional step requeried an the users might not know about this. When the user just double clicks on the app icon it will fail with access denied. My question is how can I force a java app to reuest admin privileges right after startup?

Best Answer

Have you considered wrapping your Java application in an .exe using launch4j? By doing this you can embed a manifest file that allows you to specify the "execution level" for your executable. In other words, you control the privileges that should be granted to your running application, effectively telling the OS to "Run as adminstrator" without requiring the user to manually do so.

For example...

build.xml:

<target name="wrapMyApp" depends="myapp.jar">
        <launch4j configFile="myappConfig.xml" />
</target>

myappConfig.xml:

<launch4jConfig>
  <dontWrapJar>false</dontWrapJar>
  <headerType>gui</headerType>
  <jar>bin\myapp.jar</jar>
  <outfile>bin\myapp.exe</outfile>
  <priority>normal</priority>
  <downloadUrl>http://java.com/download</downloadUrl>
  <customProcName>true</customProcName>
  <stayAlive>false</stayAlive>
  <manifest>myapp.manifest</manifest>
  <jre>
    <path></path>
    <minVersion>1.5.0</minVersion>
    <maxVersion></maxVersion>
    <jdkPreference>preferJre</jdkPreference>
  </jre>
</launch4jConfig>

myapp.manifest:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
    <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
        <security>
            <requestedPrivileges>
            <requestedExecutionLevel level="highestAvailable"
                uiAccess="False" />
        </requestedPrivileges>
    </security>
    </trustInfo>
</assembly>

See http://msdn.microsoft.com/en-us/library/bb756929.aspx and the launch4j website for mode details.

Related Solutions

Java – How does the Java ‘for each’ loop work

for (Iterator<String> i = someIterable.iterator(); i.hasNext();) {
    String item = i.next();
    System.out.println(item);
}

Note that if you need to use i.remove(); in your loop, or access the actual iterator in some way, you cannot use the for ( : ) idiom, since the actual iterator is merely inferred.

As was noted by Denis Bueno, this code works for any object that implements the Iterable interface.

Also, if the right-hand side of the for (:) idiom is an array rather than an Iterable object, the internal code uses an int index counter and checks against array.length instead. See the Java Language Specification.

Python – Request UAC elevation from within a Python script

As of 2017, an easy method to achieve this is the following:

import ctypes, sys

def is_admin():
    try:
        return ctypes.windll.shell32.IsUserAnAdmin()
    except:
        return False

if is_admin():
    # Code of your program here
else:
    # Re-run the program with admin rights
    ctypes.windll.shell32.ShellExecuteW(None, "runas", sys.executable, " ".join(sys.argv), None, 1)

If you are using Python 2.x, then you should replace the last line for:

ctypes.windll.shell32.ShellExecuteW(None, u"runas", unicode(sys.executable), unicode(" ".join(sys.argv)), None, 1)

Also note that if you converted you python script into an executable file (using tools like py2exe, cx_freeze, pyinstaller) then you should use sys.argv[1:] instead of sys.argv in the fourth parameter.

Some of the advantages here are:

No external libraries required. It only uses ctypes and sys from standard library.
Works on both Python 2 and Python 3.
There is no need to modify the file resources nor creating a manifest file.
If you don't add code below if/else statement, the code won't ever be executed twice.
You can get the return value of the API call in the last line and take an action if it fails (code <= 32). Check possible return values here.
You can change the display method of the spawned process modifying the sixth parameter.

Documentation for the underlying ShellExecute call is here.

Best Answer

Related Solutions

Java – How does the Java ‘for each’ loop work

Python – Request UAC elevation from within a Python script

Related Topic