Allow starting applet only from certain webpages
Hello,
I'm programming an application where Client is based on applet which communicates with servlet on the server side. I will place the applet on two webpages:
1. www.mywebpage.com
2. www.otherpage.com
I would like to restrict the access to this applet so that it is accesible only via those webpages. I would like to prevent others from just copy and paste the link in the browser.. or placing the link on other webpages.
Is this possible to do such thing? ..
or I would have to implement some authorisation -> user enters username and password obtained from one of my webpage <- of course this is not ideal solution... the password and user name can be just remebered by the user and he would not have a need to visit my pages again to start the applet... moreover I would like to avoid user/password autorisation.. and allow the applet to be accesed by anyone but only by clicking on the link on one of my websites.
I would also appriciate any comments regarding technical aspects of security:
1. I guess it is not a problem to establish HTTPS connection between applet and servlet
2. Should the applet be signed... I'm asking because I've heard that there is a possibility to inject a trojan horse through not signed applets <- is it true? and how this can technically be possible?
Edited by: walkeros on Mar 11, 2008 2:46 AM
To merely stop copy and paste of the link, you could check the expression:
java.util.Arrays.asList(
"www.mywebpage.com",
"www.otherpage.com"
).contains(applet.getDocumentBase().getHost())It is guaranteed that there is a https handler for java.net.URL.
To demonstrate that your web page is really your web page use https with a genuine recognised certificate. Signing your applet will not help. In general, follow the principle of least privilege.
Similar Messages
-
How to allow access only from certain IPs?
I have Portal Server 6.0 on Sun ONE Web Server and want to allow access to it only from certain IPs, i.e. if my IP differs from predefined, then access is denied (no page is opened).
How can I implement this with minimal efforts?
Thanks in advance!Where did you set the ACLs?
When webclients connect direct to the portal/ids this is pretty straight forward using htttpacl files. When SRAP GW's are used for Internet portal access the web or app-server never sees the client IP thus those ACLs don't get applied.
Am I missing something (won't be the first time... or the last:-)
Cheers,
-psr -
Why java allow start() method only once for a thread
Hi ,
Why java allows start method only once for thread . suppose
Thread t = new Thread();
t.start();
say at later stage if again we call t.start() IllegalStateException is thrown , even though isAlive method returns false.
Hence the question , why start() method is allowed only once.If you need start a thread , we need to create a new instance.Really. Why do you think that? Do you have any evidence? It is one of the first things I would think of, personally.Considering that the Thread API doesn't allow you to specify a stack address (only stack size), I think it demonstrates they wanted to remove that capability from their Thread API all together. That missing "capability" makes me believe they want me to believe it's not something I need to worry about when using their API... I think the exact semantics of the Thread class and its methods were driven by how to make it most understandable and usable for their customers. I'm certain this issue was one of many that was given considerable thought during the design and implementation of the JVM and the underlying runtime classes.
Do I have any evidence? No. But if you can point me at some first-hand information on this, I'd love to read it. Most of what I've found is second or third hand accounts. (and I mean that sincerely, not as a smart-ass remark or rebuke of your comments).
On the one hand you seem to think the Java API designers are idiots, on the other hand you think that they should be. I can't make it out.I thought my position was that the Java developers were talented enough to implement platform in whatever way their API called for; hence, the designers made a choice about how they wanted their API to be used by their customers. They decided which capabilities they wanted to include or exclude, and created an API that was consistent with their vision for this technology. While I'm certain technical limitations had an effect on the API design, I certainly don't think the API was dictated by the them.
I think the current design of the Java Thread API was a reflection of their vision to make Threading easier and more accessible to Joe Programmer, not limitations in the implementation. I never said it was wrong or that I could do better... I just said I think they could have done something different if they decided it would have made for a better customer experience. But hey, maybe I'm wrong. -
Mailbox to receive emails only from certain mail addresses with organisation
Hi
We are using exchange 2010 in our organisation. A user has requested to only receive emails from certain users within the organisation. And if any other users try to email then the email is bounced back. So in a nut shell only certaion
individuals can email him with the organisation.
Is there a cmdlet shell that can be used? Or is there anything that can be done in Exchange Console.Hi,
You can create a transport rule to achieve this goal. Here is an example for your reference.
Note: 'reject' and '5.7.10' are custom rejection message and enhanced status code. You can change them to what you need.
Hope it helps.
Best regards,
Amy Wang
TechNet Community Support -
SSIS package truncating fields only from certain machines
I created an SSIS package that fails based on one field being truncated, but ONLY if run from one particular workstation.
We have two VM Workstations, A and B, and the database server, C. The SSIS package takes data from an Excel file and loads it into a table on C/DataSources.
The package is located in a directory on B, but if I map the directory from A and run the package in a command line from A, the package runs fine with no errors.
If I run the package directly from B in a command line, it fails with errors. This is driving me crazy!!!!! Can anyone help???The package errors out because it says the field was truncated....
The Excel file is the same on A and B because A and B are just workstations with SSMS
The packages are located in one place, the input files in another, and both
A and B map to the input files as a shared directory. The packages are local to B, and A maps to them as a shared directory.
There's really no reason it should be truncated when run from B and not from A when it's the same package. -
Mac Pro starts up only from Install Disk
The Mac Pro will not start up from any internal or bootable external disk. The spinning progress wheel just goes on forever.
When I connect those same disks to my laptop - either directly or via target mode - they will start up and operate the laptop without a problem.
The Mac Pro lets me install the system from the install disk onto an internal had drive, but will not start up from that drive.
When attempting to format an internal disk from the install disk, the computer freezes after about 6 minutes.
Upon pressing the start button, the chime and gray screen are there almost instantly, but it takes an awful long time for the Apple logo and progress wheel - or the drive symbols when starting up with the option key pressed down - to appear.
Could this be corrupted firmware? And if yes, how do I replace it on a machine that doesn't start up?
But then, the freezing when attempting to format a drive from the install disk happens after a mild flash brightened the monitors ever so briefly. Seems to indicate a hardware problem.Start with Zapping the Pram. Then, run the Apple Hardware Test program, extended tests at least twice. If the problem persists, it's time to call AppleCare or carry it into an Apple repair station.
-
How to start iPhoto mavericks from a particular photo (not from the beginning)
In my previous versions of iphoto I could start the slideshow from any photo, after highlighting it first. Now, I can start it only from the beginning and only if I did not highlight any photo in the albom. If I highlight a photo and then click on ``slideshow'', it will show me this particular photo but will not play after that (even if use settings). Can I do anything about it?
My alboms are long, so to start them each time from the beginning is very inconvenient.There's a bug with iPhoto 9.5.1 and Mavericks in that slidshows from albums only play correctly, i.e. from the first slide, with the photos sorted by date, keyword, rating or title. When sorted manually the slideshow can start5 from any seemingly random photo.
Send a bug report to Apple via http://www.apple.com/feedback/iphoto.html
OT -
I cannot "click" on the top inch of any screen when in firefox. This prevents me from signing in and out of certain webpages. If I minimize the screen this does not go away either. This doesn't happen when I am either on my desktop or using IE. I love firefox, but this is frustrating! Help!
Try the Firefox SafeMode to see how it works there. <br />
''A troubleshooting mode, which disables most Add-ons.'' <br />
''(If you're not using it, switch to the Default Theme.)''
* You can open the Firefox 4/5/6/7 SafeMode by holding the '''Shft''' key when you use the Firefox desktop or Start menu shortcut.
* Or use the Help menu item, click on '''Restart with Add-ons Disabled...''' while Firefox is running. <br />
''Don't select anything right now, just use "Continue in SafeMode."''
''To exit the Firefox Safe Mode, just close Firefox and wait a few seconds before using the Firefox shortcut (without the Shft key) to open it again.''
If it is good in the Firefox SafeMode, your problem is probably caused by an extension, and you need to figure out which one. <br />
http://support.mozilla.com/en-US/kb/troubleshooting+extensions+and+themes -
Safari has stopped opening certain webpages and says can't connect to server... This started 3 months ago with FB and now randomly with another site... all other sites are fine.. Help?
I've tried resetting safari, deleting all webpage data and setting time/date to automatic, but no such luck.
The message that comes up is: "Safari can't establish a secure connection to the server 'Facebook' "
I'd be genuinely impressed if anyone were to actually work out what was wrong.Hi ..
Might be a cookies, cache, or extensions issue.
From your Safari menu bar click Safari > Preferences then select the Privacy tab.
Click: Remove All Website Data
Then delete the cache.
Open a Finder window. From the Finder menu bar click Go > Go to Folder
Type or copy paste the following
~/Library/Caches/com.apple.Safari/Cache.db
Click Go then move the Cache.db file to the Trash.
Quit and relaunch Safari to test.
If that doesn't help, troubleshoot Safari extensions.
From the Safari menu bar click Safari > Preferences then select the Extensions tab. Turn that OFF, quit and relaunch Safari to test.
If that helped, turn one extension on then quit and relaunch Safari to test until you find the incompatible extension then click uninstall. -
How can i run an applet from a webpage????
can someone PLEASE tell me how i can run an applet from my webpage. a detailed response would be extremely appreciated.
samHere's a web page that you can use as skeleton. You should be able to start with that.
<HTML>
<HEAD>
<TITLE>Title</TITLE>
</HEAD>
<BODY>
<APPLET CODE="your.class" WIDTH=400 HEIGHT=300 IGNORE=""></APPLET>
</BODY>
</HTML> -
When in a hierarchy, a user right clicks on a node to crate a new node, he has two options
-Child
-Sibling
Is it possible to restrict the user from creating a sibling and allow him to ONLY create child nodes?
Business cases:
1. different level nodes need to have different prefixes.
- Thus, the default prefix property definition uses the level number to assign a prefix
- Also, a validation, to ensure the correct prefix, uses the level number
But if the user can create a child and a sibling then the default prefix will only be right for a single case and not both.
ThanksIf the images are exactly the same size then make sure the layer with the mask
is the active layer and in the other documents go to Select>Load Selection and choose
your document with the layer mask under Source document and under channel choose the layer mask.
After the selection loads press the layer mask icon at the bottom of the layers panel.
MTSTUNER -
I have iphoto 6. How do I only selecy certain photos from my camera when importing rather than all of them as show in the import page that loads
You use Image Capture (in your Applications Folder) for that job - or upgrade to a later iPhoto.
Regards
TD -
i have to restore my phone from back up but in order to do it i had to update my software. now that my software is updated there isnt enough room on the phone to back up. is there a way to only restore certain things from the backup like contacts?
Because it says it's incompatible when it can't be, I got hope. I get error messages all the time with my iPod and iPhone that it cannot sync and that 'this device is not capapble of connecting to iTunes' stuff. I literally forget that happened, plug it in again and it works, I later realize that iTunes made a mistake, they do that.
-
I downloaded a widget from apple and was unable to open it because a window appeared telling me that the developer was unidentified. How do I change the security preferences that allow me to only install apps from the Mac App Store?
go to system preferences - security and privacy - under allow applications downloaded from - click on anywhere.
-
i'm running10.8.5. I have tried to install a programme but can't because it is from an unidentified developer. the box says-Your security preferences allow installation of only apps from the Mac App Store and identified developers.how do i install the programme
macjack gave you the easiest solution. Need to have admin privilieges to change this option.
Maybe you are looking for
-
BOM explosion while creation of scheduling agreement / PO
Hi all, Can anyone pls tell me how can i control / make settings for the explosion of BOM, when MM creates a scheduling agreement or a PO ? Also, if i have multiple alternative BOMs, how can i get the BOMs selected automatically?? Thank you, Shrenik
-
MacBook Pro dropped on concrete, potential internal damage?
I have had my MacBook Pro for only 40 days, when it accidently and violently fell onto the concrete. I might add that in all the years I have had laptops, never once have any of them fallen! Anyway, I was at a coffee shop and the table top was not lo
-
In some case our directory proxy (5.2_Patch_4) generate 2 gigabyte log in several minutes fulfill with this lines: Feb 14 2008 14:53:29 bl4.lvs.sztaki.hu SunONEDPS[ 30684]: [EXCEPTION] [ 560304] NSPR error: -5971 (0xffffe8ad). Native errno is: 24 F
-
"Recipient address not valid" regedit
I am wondering if anyone nows how to turn off the following MailTip with a registry setting. I would like to turn off "Recipient address not valid" it is located under Undeliverable Message MailTips. The reason being is we have users within our organ
-
Where can I find a list of acceptable products that could have been used to apply to a Creative Suites Design Standard 4 Upsell?