Apparent gap in java applet security on client machine
I know about signing applets, and both the new and original security models for applets. For my purposes, the original security model for applets is just about perfect. My applets do not need access to the client machine hardware, nor do they need to access any machine other than that which provides them to the client (at least at present).
What I have been told is that it is not possible for a server of any kind (DB, servlets, &c.) to authenticate an applet. The claim was made that all the security was designed for client security and that a developer's only option is to trust the client machine.
I can exchange information among my servers over SSL, and secure communications between by servers and applet clients. However, what is there to prevent a bad guy from breaking into a client machine and then capturing and modifying the applet I am relying on to protect the client's sensitive data? Signing the applet tells the user that the applet has not been modified from what I have produced, and so the user should feel confident enough to run it. But what if the applet and related web page is cached, and someone who has, legitimately or not, access to the machine and tries to use the cached copy for inappropriate purposes?
If my servers can not verify that the applet code accessing them is mine, rather than a variant created to mimic my applet, then that certainly creates a risk for my code, but doesn't it also create a security risk for the client? After all, it is the client's sensitive data I am trying to protect, and I can envision a situation in which a bogus applet mascerades as mine and sends that sensitive data to a bad guy's machine; all this while giving the user the illusion that his data is safe.
The gap here is either in my understanding of this technology or a gap in java security, so I'll put the question another way also. Is it possible for a server (e.g. an application server such as Tomcat or Sun's application server) to verify that the applet code used to try to connect with them is in fact the applet code that was signed on and served from the same machine and not malicious code masceraing as my code? If so, how does that work, and how does the programmer do it?
Thanks,
Ted
the jar file reqiured is jmf.jar this jar file will there in
jmf_home/lib
for example in my mechine
C:\Program Files\JMF2.1.1e\lib this jar file contain all the file reqired to run the application
i think you may need some of the dll files also to run see
if reqiured the then it may throw exception
java.lang.UnsatisfiedLinkError then put respective dll file to workiing folder or the system32 folder
Similar Messages
-
hello all, i was just wondering if there is any secure way to send information from a java applet to a server, for example a number for storage in a database? I would like to create a very simple game which send the high score back to the server without any possibility of that information being falsified.
Thanks for any advice received.
DoriNot really. You'd have to trust the users PC, which you can't.
You can make it harder to submit wrong values, but you can't make it impossible. -
Java Applet Security Restriction?
Hi,
I wrote a java applet and test it on my computer. When I view it with applet viewer I can view the applet correctly. But when I try to view on the Internet Explorer, it said "Java Applet Started" But I didn't see anything on the screen.
This happens when I actually incorporate the JFileChooser. When I take out that, the applet can run.
What I think is, even if I run the applect in Internet Explorer, since I am actually running directly from my computer (i.e C:\Myapplet.html) and not even through Apache or IIS why I won't be able to carry out such operation?Output from JavaConsole
Exception in thread "AWT-EventQueue-2" java.security.AccessControlException: access denied (java.util.PropertyPermission user.dir read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.io.Win32FileSystem.getUserPath(Unknown Source)
at java.io.Win32FileSystem.resolve(Unknown Source)
at java.io.File.getAbsolutePath(Unknown Source)
at sun.awt.shell.Win32ShellFolder2.<init>(Unknown Source)
at sun.awt.shell.Win32ShellFolder2.listFiles(Unknown Source)
at sun.awt.shell.ShellFolder.listFiles(Unknown Source)
at sun.awt.shell.Win32ShellFolderManager2.get(Unknown Source)
at sun.awt.shell.ShellFolder.get(Unknown Source)
at javax.swing.plaf.metal.MetalFileChooserUI.updateUseShellFolder(Unknown Source)
at javax.swing.plaf.metal.MetalFileChooserUI.installComponents(Unknown Source)
at javax.swing.plaf.basic.BasicFileChooserUI.installUI(Unknown Source)
at javax.swing.plaf.metal.MetalFileChooserUI.installUI(Unknown Source)
at javax.swing.JComponent.setUI(Unknown Source)
at javax.swing.JFileChooser.updateUI(Unknown Source)
at javax.swing.JFileChooser.setup(Unknown Source)
at javax.swing.JFileChooser.<init>(Unknown Source)
at javax.swing.JFileChooser.<init>(Unknown Source)
at FotoUpload.createGUI(FotoUpload.java:48)
at FotoUpload.access$000(FotoUpload.java:24)
at FotoUpload$1.run(FotoUpload.java:86)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
This is what happen when I run my code below
* FotoUpload.java
* Created on November 15, 2006, 11:30 AM
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
* @author Leo Liu
import java.io.*;
import javax.swing.JApplet;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import javax.swing.border.*;
import javax.swing.JComponent.*;
import javax.swing.filechooser.*;
public class FotoUpload extends JApplet implements ActionListener{
JButton BtnBrowse;
JPanel PnlUpload;
JFileChooser fcSelectFile;
JTextArea log;
private void createGUI(){
setLayout(new BorderLayout(5,5));
//Making Button
BtnBrowse=new JButton("Browse");
BtnBrowse.setToolTipText("Click on Browse to select picture");
BtnBrowse.setAlignmentX(Component.RIGHT_ALIGNMENT);
BtnBrowse.setPreferredSize(new Dimension(30,20));
BtnBrowse.addActionListener(this);
//Putting Button inside the panel and specifying the button size
JPanel PnlBrowse = new JPanel();
PnlBrowse.setLayout(new BoxLayout(PnlBrowse, BoxLayout.X_AXIS));
PnlBrowse.add(Box.createRigidArea(new Dimension(30,20)));
PnlBrowse.add(BtnBrowse);
//Create a file chooser
fcSelectFile = new JFileChooser();
//Creating Panel to show selected pictures for uploading
PnlUpload=new JPanel();
PnlUpload.setBorder(javax.swing.BorderFactory.createTitledBorder("Place Pictures to Upload"));
PnlUpload.setToolTipText("You can drag and drop images into this area");
log=new JTextArea(5,20);
log.setMargin(new Insets(5,5,5,5));
log.setEditable(false);
PnlUpload.add(log);
//adding UI components to Applet
add(PnlBrowse,BorderLayout.NORTH);
add(PnlUpload,BorderLayout.CENTER);
public void actionPerformed(ActionEvent e) {
if (e.getSource() == BtnBrowse) {
int returnVal = fcSelectFile.showDialog(this,"Select");
if (returnVal == JFileChooser.APPROVE_OPTION) {
File file[]= fcSelectFile.getSelectedFiles();
//This is where a real application would open the file.
int count=0;
while(count<file.length)
log.append("Opening: " + file[count].getName() + ".\n");
count++;
} else {
log.append("Open command cancelled by user.\n");
public void init() {
javax.swing.SwingUtilities.invokeLater(new Runnable() {
public void run() {
createGUI();
}It seems like I need to catch some exception or something. Can anyone help me? -
Java applet security file.list()
I am trying to read the directory structure from a signed applet. I
have created the applet and provided it with the
UniversalFileAccess. I am able to read a specific file, and see all
the contents of the file. I am wanting to performa simple
directory listing vie the following code.
My browser is Communictor 4.76 on Win 2000.
blah.. blah...
if(browser.indexOf("netscape") >= 0){
//Assert Netscape permissions
try{
// tried UniversalFileRead, UniversalFileAccess,
UniversalPropertyWrite,
PrivilegeManager.enablePrivilege("UniversalFileRead");
System.out.println("Netscape now has UniversalFileRead
privilege.");
} catch (netscape.security.ForbiddenTargetException e1) {
System.out.println("Permission to read file system denied by
user.");
e1.printStackTrace();
} catch(Throwable e){
System.out.println("Could not enable privilege." +
e.getMessage());
e.printStackTrace();
try {
File f = new File("c:\\temp\\");
String [] fileList = a.list();
} catch (Throwable e) {
System.out.println("File List failed");
e.printStackTrace();
I keep getting a secuity exception that I do not have priveledes to
perform this action.
Can anyone help!!!!!!!! I am on a deadline, and this is working just
fine with IE.
Please reply directly to me, as this is the first time I've ever posted
to this newsgroup. My email is [email protected]
Thanks,
James KurfeesThis question has been asked many times in these forums.
There is no way to prevent this from a determined reverse engineer.
Search for java obfuscators, which can help a little bit.
The only way to prevent code stealing is to run it on your own server,
which means not to use applets, but servlets/JSP. I am sure this is
not what you want to hear. -
Java Applet + Security: blacklist: hasBeenModifiedSince
I am trying to understand java blacklist.
I am working on an applet and in my java console I get the following errors.
security: blacklist: hasBeenModifiedSince 1366405605649 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405649631 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405733469 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405327880 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405327880 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405992865 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405327978 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405992725 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405327719 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405993102 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405802813 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405802919 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405324808 (we have 1366405324565)
security: blacklist: hasBeenModifiedSince 1366405994221 (we have 1366405324565)
All my jars are signed and if there are any signed third party jars I resign the. Where can i read more about jar blacklisting. or what is causing these errors to be thrown.Number looks like a unix timestamp, IfModifiedSince is a HTTP Caching-Header. Maybe plugin calls home, lets someone third party ask for the signed jars, and than compares the two. You are "working on" it, is it possible that the applet you load is another one than the public accessible, maybe from a dev-server renamed to be the original one?
Sorry, my fault, looks like a new behaviour, the timestamp shown is fix, it has nothing to do with my brain dump above.
Edited by: 988683 on 23.04.2013 04:38 -
Hi,
I am getting the following error when I try to open a file dialog using my applet (that's part of a cab file). The error message is
exception: com.ms.security.SecurityExceptionEx(BaseFrame.setAcrobatDir); FileDialog creation Denied.
Could anyone help?Are you creating a dialog box? what is your codes looks like?
-
Hey,
I have created a Java GUI using a few XML files (for the front end components). Then in the code, I have parsed the files to make them appear on the GUI.
When I posted the GUI (test. jar) on the Internet, the browser displays "access denied" error. I found the problem to be with the XML files, since they are granted the default permission in the java.policy file.
Is there any other method to avoid this error without editing the java.policy file?
thanks,
Dinesh Chandrasekaran@summernima
Your post is against section 1.2 of the forum [Code of Conduct|http://wikis.sun.com/display/SunForums/Sun+Forums+Code+of+Conduct] so I am blocking it and locking your account for a month. -
Is thr way to applet write file, client machine without entry in policy
hi,
is there any way to allow applet write file in local machine (client ) without entry in policy file... i feel this extra step to clients...
To achieve this what are class i have to implements...No, thank God there isn't.
-
Hi,
For L3 OOB deployment , does any one know how the NAC agent/ActiveX/Java applet refresh the IP address for the client??
i know that In the Login Page configuration, two options need to be checked to use the ActiveX/Applet webclient to
refresh the client’s IP address:
- Use web client to detect client MAC address and Operating System
- Use web client to release and renew IP address when necessary (OOB) .
But what i need to know how the agent/ActiveX/Java applet refresh the IP address for the client???
are these programs ( agent/ActiveX/Java applet ) triggers the client machine to do that???
regards
MAMMAM,
You're right. The applets do indeed trigger a dhcp refresh on the machines. This is to avoid bouncing the port which can be problematic when you have IP phones.
More info on this in the docs here: http://tinyurl.com/yhnskdf
HTH,
Faisal -
The role of java.security.acl in Java 2 security
I have been trying to assess the role of the java.security.acl package within the Java 2 Security architecture. I have some questions regarding it.
First where in the JVM are the interfaces of java.security.acl used? Are there any examples out there to guide developers in understanding their proper implementation?
What is the relationship between this package and the core security package? There seems to be a Permission interface in the acl sub-package and an abstract Permission class in the core security package. Why is this the case? Why is the core abstract class not used instead of declaring a new Permission interface within the acl subpackage?
Are not PermissionCollections and Permissions analogous to ACLs? If so then wouldn't that fact make the acl subpackage redundant?
JSR 115 tries to bridge the gap between Java 2 Security in the SDK with security in J2EE. Namely enabling the RBAC-like approach to security in J2EE while using the AccessController of the J2SE to do the evalualtion of J2EE (Servlet/EJB) Permissions. Why are the Group and Owner interfaces defined here not leveraged in both JSR 115 and in general for Role Based Access Control?
Could someone give some background on the vision behind creating the acl subpackage and how it relates to the historical progression of security advances in Java security architectures?
Thanks much,
Alex KarasuluI see from the defined interfaces that its an attempt at a formal approach to RBAC. However RBAC can be implemented without it all together using existing J2SE and JAAS based constructs. This does not answer the redundancy question. Could you elaborate a little bit more?
Thanks,
Alex -
Installing Java Development Pieces on Client
How do I install the missing java pieces on the client machine without installing an entire workflow/database instance?
I've installed Workflow 2.6.2 on a Linux server. I've installed the 9.0.2 client on my Windows laptop. I can connect to the server with workflow builder, etc.
Only problem is that none of the Java development pieces were installed on the client. So I cannot, for example, compile the WFTest.java application.Robert,
You can copy the Jar files from your linux install onto your client oracle home.
Check OH/jlib for the jar files.
Cheers,
Raja -
Interrogating your system with Java Applets
If a machine has several network adapters is it possible in a Java Applet to interrogate the machine and determine, which adapters are currently available and which one is currently being used, so the user can automatically select the prefered one.
I ask this question becuase we have a web application that is used by several mobile test engineers, who connect to the web application through one adapter while on site and another when they are in the office. These engineers want to be able to automatically select which adapter to use before the application starts i.e They want to implement some kind of pop up box in the application that lists the available network adapters on the machine and gives them the option to choose which one to use.
Any help/ideas much appreciated.If the standard Java API has a way, then yes, but possibly it would need to be a signed applet.
Look at the java.net package... -
Launching EAS from URL not working on client machine.
We are on version 11.1.1.4. When I use EAS URL on the server it is working fine. But when I use from a different machine other than the server it is not working, after selecting the "locale country" and clicking launch button it is giving the following error. i checked the java version also and client machine is on 1.6. I also tried on different IE versions. But from the same client machine I am able to connect through the installed version of EAS.
Is something I need to open ports or anything like that. Please let me know your suggestions or comments.
HTTP Status 404 -
type status report
description the requested resource () is not available
Hyperion embedded java container/1.0.0
Thanks,Shiva -- Java version on the server and the client machine is same which is 1.6.0_24.
That is good point about the network. Actually the client and the server are not in the same network but I opened ports on the network router as well as I disabled windows firewall on the server to make sure it is not creating the problem. -
How to pick wireless physical address of client machine
Dear memebers,
Using the follwoing tutorail, I have picked the network card address ( MAC Address ).
[forms java beans|http://forms.pjc.bean.over-blog.com/article-15985856.html]
but this code dont' display / return the MAC address of wireless network card.
the java code is here:
package oracle.forms.fd;
import java.net.InetAddress;
import java.io.InputStream;
import java.io.BufferedInputStream;
import java.io.IOException;
import java.text.ParseException;
import java.util.StringTokenizer;
import oracle.forms.ui.VBean;
import oracle.forms.handler.IHandler;
import oracle.forms.properties.ID;
* A Java Bean that returns Client machine info
* code found on the java forum
* http://forum.java.sun.com/thread.jspa?threadID=655913
* @author Francois Degrelle (wrapper)
* @version 1.1
public final class ClientInfos extends VBean {
private static final ID GETINFOS = ID.registerProperty("GET_CLIENT_INFOS");
private static final ID GETINFO = ID.registerProperty("GET_CLIENT_INFO");
private static final ID Operating = ID.registerProperty("OPERATING");
private static final ID architecture = ID.registerProperty("ARCHITECTURE");
private static final ID osVersion = ID.registerProperty("OSVERSION");
private static final ID IP = ID.registerProperty("IP");
private static final ID MAC = ID.registerProperty("MAC");
private static final ID javaVersion = ID.registerProperty("JAVAVERSION");
private static final ID javaVendor = ID.registerProperty("JAVAVENDOR");
private static final ID javaVendorUrl = ID.registerProperty("JAVAVENDORURL");
private static final ID javaHome = ID.registerProperty("JAVAHOME");
private static final ID javaVmSpecificationVersion = ID.registerProperty("JAVAVMSPECIFICATIONVERSION");
private static final ID javaVmSpecificationVendor = ID.registerProperty("JAVAVMSPECIFICATIONVENDOR");
private static final ID javaVmSpecificationName = ID.registerProperty("JAVAVMSPECIFICATIONNAME");
private static final ID userName = ID.registerProperty("USERNAME");
private static final ID userHome = ID.registerProperty("USERHOME");
private String sInfos = "";
private String sOperating = "";
private String sarchitecture = "";
private String sosVersion = "";
private String sIP = "";
private String sMAC = "";
private String sjavaVersion = "";
private String sjavaVendor = "";
private String sjavaVendorUrl = "";
private String sjavaHome = "";
private String sjavaVmSpecificationVersion = "";
private String sjavaVmSpecificationVendor = "";
private String sjavaVmSpecificationName = "";
private String suserName = "";
private String suserHome = "";
private boolean bInit = false ;
public void init(IHandler handler)
super.init(handler);
try {
sOperating = System.getProperty("os.name");
sarchitecture = System.getProperty("os.arch");
sosVersion = System.getProperty("os.version");
sIP = InetAddress.getLocalHost().getHostAddress();
sMAC = getMacAddress();
sjavaVersion = System.getProperty("java.version");
sjavaVendor = System.getProperty("java.vendor");
sjavaVendorUrl = System.getProperty("java.vendor.url");
sjavaHome = System.getProperty("java.home");
sjavaVmSpecificationVersion = System.getProperty("java.vm.specification.version");
sjavaVmSpecificationVendor = System.getProperty("java.vm.specification.vendor");
sjavaVmSpecificationName = System.getProperty("java.vm.specification.name");
suserName = System.getProperty("user.name");
suserHome = System.getProperty("user.home");
} catch(Throwable t) {
t.printStackTrace();
public Object getProperty(ID pId)
if(pId == GETINFOS)
sInfos = "Operating System:" + sOperating ;
sInfos += "\nOperating system architecture:" + sarchitecture ;
sInfos += "\nOperating system version:" + sosVersion ;
sInfos += "\nIP/Localhost:" + sIP ;
sInfos += "\nMAC Address:" + sMAC ;
sInfos += "\nJava Version:" + sjavaVersion ;
sInfos += "\nJava Vendor:" + sjavaVendor ;
sInfos += "\nJava vendor URL:" + sjavaVendorUrl ;
sInfos += "\nJava installation directory:" + sjavaHome ;
sInfos += "\nJava Virtual Machine specification version:" + sjavaVmSpecificationVersion;
sInfos += "\nJava Virtual Machine specification vendor:" + sjavaVmSpecificationVendor;
sInfos += "\nJava Virtual Machine specification name:" + sjavaVmSpecificationName;
sInfos += "\nUser Name:" + suserName;
sInfos += "\nUser's home directory:" + suserHome ;
return sInfos ;
else if(pId == Operating) return sOperating;
else if(pId == architecture) return sarchitecture ;
else if(pId == osVersion) return sosVersion ;
else if(pId == IP) return sIP ;
else if(pId == MAC) return sMAC ;
else if(pId == javaVersion) return sjavaVersion ;
else if(pId == javaVendor) return sjavaVendor ;
else if(pId == javaVendorUrl) return sjavaVendorUrl ;
else if(pId == javaHome) return sjavaHome ;
else if(pId == javaVmSpecificationVersion) return sjavaVmSpecificationVersion ;
else if(pId == javaVmSpecificationVendor) return sjavaVmSpecificationVendor ;
else if(pId == javaVmSpecificationName) return sjavaVmSpecificationName ;
else if(pId == userName) return suserName ;
else if(pId == userHome) return suserHome ;
return super.getProperty(pId);
private final static String getMacAddress() throws IOException {
String os = System.getProperty("os.name");
try {
if(os.startsWith("Windows")) {
return windowsParseMacAddress(windowsRunIpConfigCommand());
} else if(os.startsWith("Linux")) {
return linuxParseMacAddress(linuxRunIfConfigCommand());
} else {
throw new IOException("unknown operating system: " + os);
} catch(ParseException ex) {
ex.printStackTrace();
throw new IOException(ex.getMessage());
* Linux stuff
private final static String linuxParseMacAddress(String ipConfigResponse) throws ParseException {
String localHost = null;
try {
localHost = InetAddress.getLocalHost().getHostAddress();
} catch(java.net.UnknownHostException ex) {
ex.printStackTrace();
throw new ParseException(ex.getMessage(), 0);
StringTokenizer tokenizer = new StringTokenizer(ipConfigResponse, "\n");
String lastMacAddress = null;
while(tokenizer.hasMoreTokens()) {
String line = tokenizer.nextToken().trim();
boolean containsLocalHost = line.indexOf(localHost) >= 0;
// see if line contains IP address
if(containsLocalHost && lastMacAddress != null) {
return lastMacAddress;
// see if line contains MAC address
int macAddressPosition = line.indexOf("HWaddr");
if(macAddressPosition <= 0) continue;
String macAddressCandidate = line.substring(macAddressPosition + 6).trim();
if(linuxIsMacAddress(macAddressCandidate)) {
lastMacAddress = macAddressCandidate;
continue;
ParseException ex = new ParseException
("cannot read MAC address for " + localHost + " from [" + ipConfigResponse + "]", 0);
ex.printStackTrace();
throw ex;
private final static boolean linuxIsMacAddress(String macAddressCandidate) {
// TODO: use a smart regular expression
if(macAddressCandidate.length() != 17) return false;
return true;
private final static String linuxRunIfConfigCommand() throws IOException {
Process p = Runtime.getRuntime().exec("ifconfig");
InputStream stdoutStream = new BufferedInputStream(p.getInputStream());
StringBuffer buffer= new StringBuffer();
for (;;) {
int c = stdoutStream.read();
if (c == -1) break;
buffer.append((char)c);
String outputText = buffer.toString();
stdoutStream.close();
return outputText;
* Windows stuff
private final static String windowsParseMacAddress(String ipConfigResponse) throws ParseException {
String localHost = null;
try {
localHost = InetAddress.getLocalHost().getHostAddress();
} catch(java.net.UnknownHostException ex) {
ex.printStackTrace();
throw new ParseException(ex.getMessage(), 0);
StringTokenizer tokenizer = new StringTokenizer(ipConfigResponse, "\n");
String lastMacAddress = null;
while(tokenizer.hasMoreTokens()) {
String line = tokenizer.nextToken().trim();
// see if line contains IP address
if(line.endsWith(localHost) && lastMacAddress != null) {
return lastMacAddress;
// see if line contains MAC address
int macAddressPosition = line.indexOf(":");
if(macAddressPosition <= 0) continue;
String macAddressCandidate = line.substring(macAddressPosition + 1).trim();
if(windowsIsMacAddress(macAddressCandidate)) {
lastMacAddress = macAddressCandidate;
continue;
ParseException ex = new ParseException("cannot read MAC address from [" + ipConfigResponse + "]", 0);
ex.printStackTrace();
throw ex;
private final static boolean windowsIsMacAddress(String macAddressCandidate) {
// TODO: use a smart regular expression
if(macAddressCandidate.length() != 17) return false;
return true;
private final static String windowsRunIpConfigCommand() throws IOException {
Process p = Runtime.getRuntime().exec("ipconfig /all");
InputStream stdoutStream = new BufferedInputStream(p.getInputStream());
StringBuffer buffer= new StringBuffer();
for (;;) {
int c = stdoutStream.read();
if (c == -1) break;
buffer.append((char)c);
String outputText = buffer.toString();
stdoutStream.close();
return outputText;
how to pick the wireless physical address?
Regards:Hi !
our request object, which is available to all the jsp pages can access ip address and host name of client through these calls.
request.getRemoteAddr()
request.getRemoteHost()
Interface "ServletRequest"
getRemoteAddr ----
public java.lang.String getRemoteAddr()
Returns the Internet Protocol (IP) address of the client that sent the request. For HTTP servlets, same as the value of the CGI variable REMOTE_ADDR.
Returns:
a String containing the IP address of the client that sent the request
getRemoteHost
public java.lang.String getRemoteHost()
Returns the fully qualified name of the client that sent the request. If the engine cannot or chooses not to resolve the hostname (to improve performance), this method returns the dotted-string form of the IP address. For HTTP servlets, same as the value of the CGI variable REMOTE_HOST.
Returns:
a String containing the fully qualified name of the client
All the Best!
(Simmy) -
Tools for Security Audit of Java Applets in a Website
Hello,
I am auditing the Website which has a Java Applet attached to it, I wanted to know, what security tools should I use to check the security of Java Applets.
Thank youYou should also consider that applets are not allowed to access their client system's hardware without being signed; in other words, the user must agree (by clicking a button) to disable the applet security features. Why would you use an applet to do this? Applets are meant to be an extension of a website. You should use an application in this situation.
Maybe you are looking for
-
Creative Suite 5.5 on Windows 7. Installation problem of Acrobat X Pro with error code 6
I can install all other programs in this Suite including photoshop and AI ..in design...etc But installation failed for Acrobat X pro with the following message even I tried turning off my Anti-Virus or restarted my machine to use Safe mode .... the
-
How to get the logged in userId value in adf task flow
Hi, I have created an adf task flow and deployed the same in application as an adf library. Now I need to get the Logged in User ID value in the adf task flow which I created. Based on this userid I need to run query to fetch the data related to the
-
Applications Volume not found in Finder (Mac owner for 3 weeks)
Hi, I goofed today. I had an error in my Verify Disk (Below), so I thought I would boot from my OSX CDs, and fix it in Repair Disk. I ended up actually going through a new installation, choosing the non erase option. (I did not know how to boot from
-
Using different locale with date format
Hi guys, I'm trying to print of the same date represented in its different locale but can't seem to get it right. I want the dates and times to be represented appropriately (e.g., ?Feb? should be represented as ?f?vr.? in a localized for France). I'v
-
Firefox now uses Yahoo as default engine in address bar. ow to return to Google?
Since FF 8.0 typing in the address bar returns a Yahoo search and it is absolutely hopeless, the results bear no relation to the search terms. Using the search box to the right (Google default) is perfect. I have altered the about:config listing and