You probably need to SETUID the application to root.

> su
Enter password:
> chown root:wheel myJavaApp
> chmod ug+s myJavaApp
> exit

Now whenever someone in the wheel group runs myJavaApp, it will run as its owner (root). Just make sure you're in the wheel group (or whatever other group)

Alternatively, you could chmod a+s myJavaApp ... but that would let ANYONE AT ALL run the program as root. I would think carefully about that.

Try looking at Greg Guerin's AuthKit library. It is a Mac-specific library that wraps Mac OS X Authorization Services.

Here is an example:

import glguerin.authkit.*;

Privilege priv = new Privilege("system.privilege.admin");
Authorization auth = new MacOSXAuthorization();

try
{
  // This will cause an authentication prompt to be
  // shown to the user, requesting the "system.privilege.admin"
  // privilege.
  auth.authorize(priv, true);

  // If we reach this point, we can execute privileged programs.

  // Load the secured file.
  Process proc = auth.execPrivileged(new String[] { "/bin/cat", "/root/securefile" });
  InputStream inputStream = proc.getInputStream();

  // Use standard I/O mechanisms to read the input.
}
catch (UnauthorizedCancellation e)
{
  // User chose not to authorize the application.
  // Handle appropriately.
}

The auth.authorize() call will cause the standard "Please enter your password to allow program X to make changes" dialog. The user can cancel if desired, causing glguerin.authkit.UnauthorizedCancellation to be thrown.

This solution has a huge advantage over using sudo or setuid: it only runs the necessary tasks as root.

One last gotcha: the default JNI loader for AuthKit uses the Cocoa/Java bridge, which was removed from Mac OS X as of Snow Leopard. So on recent versions of Mac OS X, the code above will fail with UnsatisfiedLinkError. To work around this, use the following:

// Put this class somewhere:
public class AuthKitLibLoader extends LibLoader
{
  @Override
  protected File makeFallbackDir()
  {
    return new File(".");
  }
}

// Then, before calling AuthKit (using the above example), do this:

// Hook in our "Snow Leopard-safe" extension to AuthKit (see below).
System.setProperty("glguerin.util.LibLoader.imp", AuthKitLibLoader.class.getName());

Finally, be sure to read the AuthKit documentation for more detail.

If you run the application as the root user, the application will have full access to everything.

This is a dangerous operation however because it gives the application full privileges.

Another option would be to run it as a user that has the needed permissions to the files in question. This can be done by putting the user or the files in the appropriate group.