I'm working on a custom remote desktop in Java using java.awt.Robot
on Windows 7. It all works apart from running a Command Prompt as an administrator. The UAC dialog appears, however button clicks are not accepted on the Yes button using mousePress()
/mouseRelease()
, neither are key presses with keyPress()
/keyRelease()
. The application is launched via a launch4j launcher in launcher rather than wrap mode.
Things I've done so far
Disabled secure desktop for UAC. This allowed the screen grabber part of the application to at least 'see' the prompt
- Changed group policy to disable PromptOnSecureDesktop from UAC Group Policy Settings and Registry Key Settings
Followed Security Considerations for Assistive Technologies - this has allowed the remote desktop to interact with the Command Prompt once launched but not allowed pressing the Yes button.
- added a manifest to launch4j specifying uiaccess=true
- Signed the .exe using signtool.exe using self signed certificate generated with makecert.exe
- Installed certificate as Trusted root certificate
- Verified the .exe is marked as Trusted via Right click properties, Digital Signatures
- Ensured .exe is in Trusted location, c:\Program Files (x86)\ in this case.
- Tried to run part of the app as a service as Administrator - however I could not get a Windows Service that ran as Admin AND allowed access to the desktop - it seems only LocalSystem can do that...?
Questions
- Is this ultimately possible?
- Does the javaw.exe being a child process of the launch4j wrapper effect things? I've read through Windows Integrity Mechanism Design however I don't know how this effects launch4j.
Launch4j manifest file
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="true" />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>