Applet(using SSL sockets) application in browser
hello everyone,
I am new to this forum, and this is my first forum in this site, please help me,
My problem is,
I have done an applet application which uses the SSL sockets, and it is working fine if i use the appletviewer tool, with the arguments of policy and URL, when i run this command "appletviewer -J-Djava.security.policy=mypolicy.policy URL of my html page" in the command mode its working fine.
I have wrote HTML file for running the applet, and when i used it in the browser i was not able to get output , i was getting the error "NoTrustedCertificates found", i have setted the properties of truststore and password in the program itself like,
System.setProperty("javax.net.ssl.trustStore", System.getProperty("java.home")+"cert");
System.setProperty("javax.net.ssl.trustStorePassword", "pwd");
and i also used the policy tool. I have stored my certificate along with the jar file, and i was getting this error
can anyone please help me, or suggest me the right way to reach my target.
Thanx in advance
Hai,
I have made my client applet running from the remote system, and the client was establishing SSL sockets, and there is a problem in Handshake, NO TRUSTED CERTIFICATE found was the error, and i had loaded the certificates ( one is used for signing the certificate, and the other is used for the SSL sockets authentication ) in my applet client code i have setted the system properties like
System.setProperty("javax.net.ssl.trustStore", System.getProperty("java.home")+"\\lib\\security\\cert");
System.setProperty("javax.net.ssl.trustStorePassword", "pwd");
and this is the certificate which is used for SSL sockets authentication, and i stored the cert in the "jre\lib\security\" directory, and im using the jdk1.4.2_05 version.
At the client side the error is
Network Error: sun.security.validator.ValidatorException: No trusted certificate found.
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.OutputStream.write(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: sun.security.validator.ValidatorException: No trusted certificate found
at sun.security.validator.SimpleValidator.buildTrustedChain(Unknown Source)
at sun.security.validator.SimpleValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
At the server side the error is
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
at com.ClientNeg.run(ClientNeg.java:76)
at java.lang.Thread.run(Unknown Source)
i was not able to understand what went wrong , so any one please help me in doing my work.
Thanx
dwurity
Similar Messages
-
Some General Questions about using SSL sockets
1 Since both SSL and TLS rely on public-key cryptography, can I use it efficiently for encrypting large amount of data transfer within a network? Or I�ll be better off using secret key.
2 If I understand correctly, I can install client/server certificate (public key) along with the software installation. Is that right? In other words, I don�t have to create them programmatically.
3 To convert our unsecured client/server application, is it enough to replace plain sockets with SSL sockets and use a self signed certificate for the server? (Ours is a closed network and we don�t require any client authentication).
4 How does SSL handles server to server communications?
5 How do you encrypt data ( some of the fields) in a text file?
Thank you all.hey there.
1.yes you can use it to encrypt large amounts of data, and heres why:
when you use SSL, it uses public key encryption to first tranfser across a private key. then from then on the data is simply private key encrypted, which is relatively fast and easy.
2. Yes, you may chose to make them programatically or not
4. the question doesn't really make sense. In the end, what is a Server and what is a Client is up to your application. From SSL's point of view, you just have two machines with Sockets on either side that are connected. You can use SSLSocket.setClientMode(boolean) to choose which of those socket will act as the "server" for the purpose of the authentication handsake. -
Signed applet using ssl connection Problem!
Hi all.
The problem is that when I sign my applet and try to connect trough SSL the IAIK throughs ClassCastException when trying to load the client certificate.
1. I added client certificate ( DER format ) to the applet jar.
2. I signed an applet with another certificate so it whould have all permissions.
3. My applet tried to create SSL connection and failed throwing
java.lang.ClassCastException: iaik.asn1.structures.NameI have found a solution for a similar problem. Check out http://java.sun.com/j2se/1.4.1/docs/guide/security/jsse/JSSERefGuide.html#Troubleshooting
-
hi,
i use rmi using ssl-sockets. the server rebinds to the
rmiregistry -> it works fine but
when i try to connect from client (browser ie) -> the needed classes (RMISSLCLientSocketFactory...)
could not loaded
whats the problem??
mikehi,
i use following code to test rmi with ssl-sockets:
interface:
import java.rmi.*;
public interface StringTag extends java.rmi.Remote
public String appendX(String s) throws RemoteException;
server:
import java.rmi.*;
import java.rmi.server.UnicastRemoteObject;
import java.rmi.registry.*;
public class StringTagImpl extends UnicastRemoteObject implements StringTag
public StringTagImpl() throws RemoteException
super(0, new RMISSLClientSocketFactory(), new RMISSLServerSocketFactory());
public String appendX(String s) throws RemoteException
return (s + "xxx");
public static void main(String[] arg)
System.setProperty("java.security.policy", "F:\\rmi\\security.policy");
System.setSecurityManager(new RMISecurityManager());
try{
Registry reg = LocateRegistry.createRegistry(Registry.REGISTRY_PORT);
StringTagImpl so = new StringTagImpl();
reg.rebind("StringTag", so);
System.out.println("StringTag bound in registry");
catch(Exception e){
System.out.println("StringTagImpl: \n" + e);
applet:
import java.awt.*;
import java.rmi.*;
public class StringTagApplet extends java.applet.Applet
String tagged;
public void init()
try
String host = "127.0.0.1";
int port = 1099;
StringTag st = (StringTag)Naming.lookup("//" + host + ":" + port + "/" + "StringTag");
tagged = st.appendX("The String: ");
catch(Exception e)
System.out.println(e);
e.printStackTrace();
public void paint(Graphics g)
g.drawString(tagged,25,30);
clientsocket:
import java.rmi.server.*;
import javax.net.ssl.*;
import java.io.*;
import java.net.*;
public class RMISSLClientSocketFactory implements RMIClientSocketFactory, Serializable{
public Socket createSocket(String host, int port) throws IOException{
SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
return factory.createSocket(host, port);
serversocket:
import java.rmi.server.*;
import javax.net.ssl.*;
import java.io.*;
import java.net.*;
public class RMISSLServerSocketFactory implements RMIServerSocketFactory, Serializable{
public ServerSocket createServerSocket(int port) throws IOException{
SSLServerSocketFactory factory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
return factory.createServerSocket(port);
the html-file:
<HTML>
<title>String appending</title>
<center><h2>Append X and Y</h2></center>
The result of appending to the Strings is:
<p>
<applet codebase="." code="StringTagApplet" width=500 height=120>
</applet>
</html>
policy:
grant
permission java.security.AllPermission;
all files are in the same folder.
the class-file(RMISSLClientSocketFactory) could not loaded from client!
when i make a new instance from RMISSLClientSocketFactory before line:
StringTag st = (StringTag)Naming.lookup("//" + host + ":" + port + "/" + "StringTag");
--> the client could not loaded class StringTag ...and so on
i dont know why it not work!!
i were very happy to solve this problem!! -
Is server authentication mandatory for using SSL?
Is server authentication mandatory for using SSL sockets, or is there a way around it?
In other words, how can I take advantage of SSL sockets without dealing with any kind of certificates? Do I have any other options?Ok folks, I found my answer.Here�s the deal.
Here are some helpful sites: I hope they will also help you understand this topic better and make your life little easier.
//====================================
http://www.onjava.com/pub/a/onjava/2001/05/03/java_security.html
http://www-105.ibm.com/developerworks/education.nsf/java-onlinecourse-bytitle/96B42A25DD270CA886256BAA006351B4?OpenDocument
http://www.ddj.com/documents/s=870/ddj0102a/rl1
//====================================
Neither Server nor Client authentication is mandatory. However, if you don�t use proper ciphersuite (that doesn�t require any authentication), the connection will die so to avoid this problem, you need to enable those ciphersuites manually. Read on.
In most modes, SSL encrypts data being sent between client and server and also provides (optional) peer authentication.
These kinds of protection are specified by a "cipher suite", which is a combination of cryptographic algorithms used by a given SSL connection. During the negotiation process, the two endpoints must agree on a ciphersuite that is available in both environments. If there is no such suite in common, no SSL connection can be established, and no data can be exchanged.
The cipher suite used is established by a negotiation process called "handshaking".
There are two groups of cipher suites which you will need to know about when managing cipher suites:
� Supported cipher suites: all the suites which are supported by the SSL implementation. This list is reported using getSupportedCipherSuites.
� Enabled cipher suites, which may be fewer than the full set of supported suites.
This group is set using the setEnabledCipherSuites method, and queried using the getEnabledCipherSuites method. Initially, a default set of cipher suites will be enabled on a new socket that represents the minimum suggested configuration.
Implementation defaults require that only cipher suites which authenticate servers and provide confidentiality be enabled by default. Only if both sides explicitly agree to unauthenticated and/or non-private (unencrypted) communications will such a ciphersuite be selected.
When SSLSockets are first created, no handshaking is done so that applications may first set their communication preferences: what cipher suites to use, whether the socket should be in client or server mode, etc. However, security is always provided by the time that application data is sent over the connection.
The suite is chosen based upon the credentials that each side possesses and suites that each side supports. For example, a server can�t support an RSA cipher suite unless it has an available RSA private key.
The client and server must support at least one common cipher suite in order to communicate; if they both support multiple ciphers, the strongest available suite will be chosen.
The strings are part of the SSL specification and are defined as:
SSL_<key exchange algorithm>with<encryption algorithm>_<hash algorithm>
When a number appears in the encryption algorithm, it refers to the key strength of the encryption: higher numbers are more secure.
setEnabledCipherSuites(String[] suites) method controls which particular cipher suites are enabled for use on this connection.
� The cipher suites must have been listed by getSupportedCipherSuites() as being supported.
� Even if a suite has been enabled, it might never be used if no peer supports it, or the requisite certificates (and private keys) are not available.
getSupportedProtocols(): Returns the names of the protocols which could be enabled for use on an SSL connection.
setEnabledCipherSuites(String[] suites): Controls which particular cipher suites are enabled for use on this connection.
Let me give you some code that will help you understand little better.
One is Client.java for the client and the other one is Server.java for the server.
Compile and run them in two separate consoles.
( By the way, I assume that you have properly installed JSSE on your system.)
//===== Client.java: ===================================================
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
public class Client
public static void main(String[] args)
(new Client()).doIt();
}//end main
private void doIt()
int port = 3333;
String host = "localhost";
/* String[] enable = {"SSL_DH_anon_WITH_RC4_128_MD5",
"SSL_DH_anon_WITH_DES_CBC_SHA",
"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"};
*/ try
SSLSocketFactory sslFact =
(SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket s =
(SSLSocket)sslFact.createSocket(host, port);
//String[] suites;
//Get all the default CipherSuites
System.out.println("\n*** Default CipherSuites ***\n");
String [] defaultSuites=sslFact.getDefaultCipherSuites();
for(int i = 0; i<defaultSuites.length; i++)
System.out.println("["+i+"] Default CipherSuite ="+defaultSuites);
//Get all the supported CipherSuites
System.out.println("*** ================= ***");
System.out.println("\n*** CipherSuites Enabled by default ***\n");
String [] enabledSuites=s.getEnabledCipherSuites();
for(int i = 0; i<enabledSuites.length; i++)
System.out.println("["+i+"] Enabled CipherSuite="+enabledSuites[i]);
System.out.println("*** ================= ***\n");
System.out.println("***\n Supported CipherSuites ***\n");
String [] supportedSuites=sslFact.getSupportedCipherSuites();
for(int i = 0; i<supportedSuites.length; i++)
System.out.println("["+i+"]Enabled Supported CipherSuite ="+supportedSuites[i]);
//Get all enabled CipherSuites
System.out.println("*** ================= ***\n");
System.out.println("\n*** Old and Newly enabled Anonymous CipherSuites ***\n");
//s.setEnabledCipherSuites(enable);
//Enable all supported CipherSuites
s.setEnabledCipherSuites(supportedSuites);
String [] suites=s.getEnabledCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println("["+i+"] Newly enabled Anonymous CipherSuites="+suites[i]);
System.out.println("*** ================= ***\n");
System.out.println(" The strongest available CipherSuite is chosen by the System.");
System.out.println(" But it has to be enabled first, otherwise it ignores it. ");
System.out.println("Currently Selected CipherSuite = "+s.getSession().getCipherSuite()+"\n");
System.out.println("*** ================= ***");
// Send messages to the server through
// the OutputStream
// Receive messages from the server
// through the InputStream
OutputStream out = s.getOutputStream();
InputStream in = s.getInputStream();
PrintWriter p = new PrintWriter(out);
p.println("Hi Buddy!");
p.println("Wanna have a beer?");
p.println("All right, let's have some.");
p.flush();
out.close();
in.close();
s.close();
catch (IOException e)
System.out.println(""+e);
}//end class
//===== Here's Server.java ==============================================
import java.io.*;
import java.net.*;
import javax.net.ssl.*;
public class Server
public static void main(String[] args)
(new Server()).doIt();
}//end main
private void doIt()
int port = 3333;
SSLServerSocket ss;
String[] enable = {"SSL_DH_anon_WITH_RC4_128_MD5",
"SSL_DH_anon_WITH_DES_CBC_SHA",
"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"};
try
SSLServerSocketFactory sslSrvFact =
(SSLServerSocketFactory)
SSLServerSocketFactory.getDefault();
//Get all the default CipherSuites
String [] suites=sslSrvFact.getDefaultCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println(""+i+". DEFAULT CIPHER SUITE="+suites[i]);
suites=sslSrvFact.getSupportedCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println(""+i+". SUPPORTED CIPHER SUITE="+suites[i]);
System.out.println("*** ================= ***");
ss =(SSLServerSocket)sslSrvFact.createServerSocket(port);
suites=ss.getEnabledCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println(""+i+". ENABLED CIPHER SUITE="+suites[i]);
ss.setEnabledCipherSuites(enable);
suites=ss.getEnabledCipherSuites();
for(int i = 0; i<suites.length; i++)
System.out.println(""+i+". NEW ENABLED CIPHER SUITE="+suites[i]);
System.out.println("*** ================= ***");
SSLSocket c = (SSLSocket)ss.accept();
// ServerSocket ss = new ServerSocket(port);
// Socket c = ss.accept();
OutputStream out = c.getOutputStream();
InputStream in = c.getInputStream();
BufferedReader br = new BufferedReader(new InputStreamReader(in));
// Send messages to the client through
// the OutputStream
// Receive messages from the client
// through the InputStream
while(true)
// int i = in.read();
String inputString = br.readLine();
if(inputString != null)
System.out.println(inputString);
else
out.close();
in.close();
c.close();
ss.close();
catch (IOException e)
System.out.println(""+e);
}//end class
//========= Good Luck! =================== -
Overview: I need to make an Applet communicate with a server using an SSLSocket and I can't figure out how to include a truststore when running the applet in a web browser.
Background:
The applet communicates perfectly using regular non-secure sockets. I am now porting it to use secure sockets (SSLSocket, SSLServerSocket from JSSE).
The applet communicates perfectly using secure sockets when run in appletviewer with the truststore file in the classpath. I have specified the appropriate truststore properties in the Applet as follows:
System.setProperty("javax.net.ssl.trustStore", "truststore");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
This works when run using appletviewer when the "truststore" file is in the classpath, and now I need to make it work in a web browser.
Problem: How do I include the "truststore" file with an Applet?
I have tried including it in the .jar file, which seems conceptually similar to including it in the classpath, which worked with appletviewer. However, including it with the .jar file doesn't work. The exception I get is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
Any ideas on how I can include the truststore file or suggestions on another approach that will accomplish the same thing?
Thanks a lot!
-Jeff DyckHi,
I'm in the same boat.
Thought I had a solution. I'm running an applet that opens an SSL socket back to the web server it came from
URL url = new URL("https://" + baseUrl);
URLConnection connection = url.openConnection();
connection.setDoOutput(true);
connection.setDoInput(true);
-then just open streams. Info related to this at
http://java.sun.com/products/plugin/1.3/docs/https.html
Essentially, I'm taking advantage of the SSL connection made during the initial web page/applet load ([SSL_RSA_WITH_RC4_128_MD5 is what my HTTPS server wanted )
The down side is that GET/POST are the only actions supported (refer to the link).
I'm looking for a solution that specifies HOW I ACCESS my local browser's security so I don't get
j'avax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found'.
Hope someone replies...
-
Updating Applet in chat application in browser
iam developing a chat application in browser using
1.Http connection and no sockets
2.Using applet iam sending messages to servlet in server and servlet handles the client request
My problem
how to update every clients connected to the server.
(ie i want to pump the data that is recieved from one client to every one)If no socket connections is totally necessary then you could accomplish this task with this process using javascript as well as java.
1. In your html web page that will contain the chat window. Create an html "Form" set the "Name" attribute for it. The chat window will be of input type "TEXTAREA" it will also have to have a "NAME" attribute set for it. Next create a new "Form" set the "Name" attribute.
In the same new form add another input type of "TEXTFIELD" set the "Name" attribute and the "MAXSIZE" attribute if you want to limit the number of letters the text field will accept. Next in the same form add another input type of "SUBMIT" and add
your servlet as an attribute.
2. Construct your servlet in a manner that will receive
the forms text field data by accessing "getParamater"
method also create a "Cookie" object. As requests are sent to the servlet append the new text to the cookie object and send the new web page with the old cookie
out to all sessions.
3. Set the refresh time for your web page with the chat
window to a reasonable amount of time.
4. Add javascript to the web page. In the BODY tag of the html page add the javascript function onLoad="someFunction()". You will also have to add
someFunction to the HEAD tag of the web page
by doing something like this.
<HEAD>
<SCRIPT Language="javascript">
function someFunction() {
document.forms.<form name>.<text area name>.setText(document.cookie.cookieName.getValue())
</SCRIPT>
</HEAD>
There may be some inconsistencies in these instructions,
but its functionality is sound. Good luck. -
Attempting to use SSL over RMI from a web application to a RMI server
Hi,
I am attempting to use SSL over RMI to a server. The client is the web
application that is hosted on WebLogic and that attempts to connect to the
server. There is no client or server verification at either the client or
the server end. The code works outside of WebLogic 7/8 but has the following
issues when running the web application inside weblogic:
java.rmi.ConnectException: Connection refused to host: gkhanna1; nested
exception is:
java.net.ConnectException: Connection refused: connect
java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:350)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:137)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:124)
at java.net.Socket.<init>(Socket.java:268)
at java.net.Socket.<init>(Socket.java:95)
at
sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketF
actory.java:20)
at
sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketF
actory.java:115)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:494)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:185)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:169)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:313)
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at java.rmi.Naming.lookup(Naming.java:79)
at
com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.initConnection(NTLMConne
ctionClient.java:59)
at
com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.getUsers(NTLMConnectionC
lient.java:197)
at com.hyperion.css.CSSAPIImpl.getUsers(Unknown Source)
at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
at jsp_servlet._jsp._app1.__app1signin._jspService(__app1signin.java:133)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
at
weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(Servle
tStubImpl.java:1058)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
:401)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
:445)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
:306)
at
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(W
ebAppServletContext.java:5445)
at
weblogic.security.service.SecurityServiceManager.runAs(SecurityServiceManage
r.java:780)
at
weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
ntext.java:3105)
at
weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
:2588)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:213)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:189)
The code at the client that initiates the connection:
socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket) socketFactory.createSocket(host, port);
socket.setEnabledCipherSuites(CIPHERS);
socket.setEnableSessionCreation(true);
Any ideas?
ThanksI don't see anything that indicates SSL was directly a factor in the
failure.
From the exception stack it looks like a more basic connectivity issue,
maybe the URL for the
RMI server is incorrect for some reason or the server was down.
It looks like you are doing something like this:
SSL client -> WLS server with servletA, servletA RMI client
(com.hyperion.css) -> RMI server
The connection failure appears to be the connection from servletA RMI client
to the RMI server.
Is that a correct picture?
Tony
"Gaurav Khanna" <[email protected]> wrote in message
news:[email protected]...
Hi,
I am attempting to use SSL over RMI to a server. The client is the web
application that is hosted on WebLogic and that attempts to connect to the
server. There is no client or server verification at either the client or
the server end. The code works outside of WebLogic 7/8 but has thefollowing
issues when running the web application inside weblogic:
java.rmi.ConnectException: Connection refused to host: gkhanna1; nested
exception is:
java.net.ConnectException: Connection refused: connect
java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:350)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:137)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:124)
at java.net.Socket.<init>(Socket.java:268)
at java.net.Socket.<init>(Socket.java:95)
at
sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketF
actory.java:20)
at
sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketF
actory.java:115)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:494)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:185)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:169)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:313)
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at java.rmi.Naming.lookup(Naming.java:79)
at
com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.initConnection(NTLMConne
ctionClient.java:59)
at
com.hyperion.css.spi.impl.ntlm.NTLMConnectionClient.getUsers(NTLMConnectionC
lient.java:197)
at com.hyperion.css.CSSAPIImpl.getUsers(Unknown Source)
at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
at com.hyperion.css.CSSAPIImpl.initialize(Unknown Source)
at jsp_servlet._jsp._app1.__app1signin._jspService(__app1signin.java:133)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
at
weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(Servle
tStubImpl.java:1058)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
:401)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
:445)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
:306)
at
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(W
ebAppServletContext.java:5445)
at
weblogic.security.service.SecurityServiceManager.runAs(SecurityServiceManage
r.java:780)
at
weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
ntext.java:3105)
at
weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
:2588)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:213)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:189)
The code at the client that initiates the connection:
socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket) socketFactory.createSocket(host, port);
socket.setEnabledCipherSuites(CIPHERS);
socket.setEnableSessionCreation(true);
Any ideas?
Thanks -
Should i use secure sockets for my whole client/server application?
Hi,
I have a client server application, and I want to ensure that the login process is secure (i.e. use secure sockets). but I dont know how to switch back to a normal socket once that is done.
So I am left thinking that i should just use SSL for my whole application, which can last pretty long. But I would rather not. Is there any other way of doing this?
or should I just encrypt the login info using MD5 or something like that, then send it over an unsecure socket?
thanks!Hey,
Are you sure you haven't confused JGSS for JSSE?
Imagine you have a client-server system and you sometimes want data sent over the wire to be encrypted... JGSS offers you this flexibility; if you a encrypted transmission, run ift through JGSS before transmitting it; if you don't want an encrypted transmission, bypass JGSS and just send the transmission.
The benefit is the security (encryption) isn't hard-wired into you communications protocol i.e. TLS. JGSS has nothing to do with connections it is just protocol for securing messages, not sending them.
You would need to establish the secure context but this could be done at startup and persist for the duration of you applicaiton invocation. You perhaps might need to implement a mechanism to identify encrypted messages on the receiving peer (so it knows to attempt decryption).
Admittedly, kerberos seems like one of those 'inside-joke' things. I've come to realise if you don't have some sort of kerberos realm/server against which to authenticate - you need to swap it out as the underlying mechanism. How this is done I'm not sure yet, but I intend to find out today....further down the rabbit hole I go!
If I discover anything helpful, I will let you know.
Warm regards,
D -
Chat Applet using RMI .... trouble running the Applet using the IE browser.
Hi,
I'm trying to run a chat application using RMI technology. Actually, this wasn't created from the scratch. I got this one from from the cd that comes with the book I bought and I did some refinements on it to suit what I wanted to:
These are the components of the chat application:
1. RApplet.html - invokes the applet
html>
<head>
<title>Sample Applet Using Dialog Box (1.0.2) - example 1</title>
</head>
<body>
<h1>The Sample Applet</h1>
<applet code="RApplet.class" width=460 height=160>
</applet>
</body>
</html>
2. RApplet.java - Chat session client applet.
import java.rmi.*;
import java.applet.*;
import java.awt.event.*;
import java.awt.*;
import java.io.*;
import java.rmi.server.*;
//import ajp.rmi.*;
public class RApplet extends Applet implements ActionListener {
// The buttons
Button sendButton;
Button quitButton;
Button startButton;
Button clearButton;
// The Text fields
TextField nameField;
TextArea typeArea;
// The dialog for entering your name
Dialog nameDialog;
// The name the server knows us as
String privateName;
// The name we want to be known as in the chat session
String publicName;
// The remote chats erver
ChatServer chatServer;
// The ChatCallback
ChatCallbackImplementation cCallback;
// The main Chat window and its panels
Frame mainFrame;
Panel center;
Panel south;
public void init() {
// Create class that implements ChatCallback.
cCallback = new ChatCallbackImplementation();
// Create the main Chat frame.
mainFrame = new Frame("Chat Server on : " +
getCodeBase().getHost());
mainFrame.setSize(new Dimension(600, 600));
cCallback.displayArea = new TextArea();
cCallback.displayArea.setEditable(false);
typeArea = new TextArea();
sendButton = new Button("Send");
quitButton = new Button("Quit");
clearButton = new Button("Clear");
// Add the applet as a listener to the button events.
clearButton.addActionListener(this);
sendButton.addActionListener(this);
quitButton.addActionListener(this);
center = new Panel();
center.setLayout(new GridLayout(2, 1));
center.add(cCallback.displayArea);
center.add(typeArea);
south = new Panel();
south.setLayout(new GridLayout(1, 3));
south.add(sendButton);
south.add(quitButton);
south.add(clearButton);
mainFrame.add("Center", center);
mainFrame.add("South", south);
center.setEnabled(false);
south.setEnabled(false);
mainFrame.show();
// Create the login dialog.
nameDialog = new Dialog(mainFrame, "Enter Name to Logon: ");
startButton = new Button("Logon");
startButton.addActionListener(this);
nameField = new TextField();
nameDialog.add("Center", nameField);
nameDialog.add("South", startButton);
try {
// Export ourselves as a ChatCallback to the server.
UnicastRemoteObject.exportObject(cCallback);
// Get the remote handle to the server.
chatServer = (ChatServer)Naming.lookup("//" + "WW7203052W2K" +
"/ChatServer");
catch(Exception e) {
e.printStackTrace();
nameDialog.setSize(new Dimension(200, 200));
nameDialog.show();
* Handle the button events.
public void actionPerformed(ActionEvent e) {
if (e.getSource().equals(startButton)) {
try {
nameDialog.setVisible(false);;
publicName = nameField.getText();
privateName = chatServer.register(cCallback, publicName);
center.setEnabled(true);
south.setEnabled(true);
cCallback.displayArea.setText("Connected to chat server as: " +
publicName);
chatServer.sendMessage(privateName, publicName +
" just connected to server");
catch(Exception ex) {
ex.printStackTrace();
else if (e.getSource().equals(quitButton)) {
try {
cCallback.displayArea.setText("");
typeArea.setText("");
center.setEnabled(false);
south.setEnabled(false);
chatServer.unregister(privateName);
nameDialog.show();
catch(Exception ex) {
ex.printStackTrace();
else if (e.getSource().equals(sendButton)) {
try{
chatServer.sendMessage(privateName, typeArea.getText());
typeArea.setText("");
catch(Exception ex) {
ex.printStackTrace();
else if (e.getSource().equals(clearButton)) {
cCallback.displayArea.setText("");
public void destroy() {
try {
super.destroy();
mainFrame.setVisible(false);;
mainFrame.dispose();
chatServer.unregister(privateName);
catch(Exception e) {
e.printStackTrace();
3. Chatcallback.java - interface used by clients to connect to the server.
import java.rmi.*;
public interface ChatCallback extends Remote {
public void addMessage(String publicName,
String message) throws RemoteException;
4. ChatcallbackImplementation.java - implements Chatcallback interface.
import java.rmi.*;
import java.io.*;
import java.awt.event.*;
import java.awt.*;
public class ChatCallbackImplementation implements ChatCallback {
// The buttons
// The Text fields
TextArea displayArea;
public void addMessage(String publicName,
String message) throws RemoteException {
displayArea.append("\n" + "[" + publicName + "]: " + message);
5. Chatserver.java - interface for the chat server.
import java.rmi.*;
import java.io.*;
public interface ChatServer extends Remote {
public String register(ChatCallback object,
String publicName) throws RemoteException;
* Remove the client associated with the specified registration string.
* @param registeredString the string returned to the client upon registration.
public void unregister(String registeredString) throws RemoteException;
* The client is sending new data to the server.
* @param assignedName the string returned to the client upon registration.
* @param data the chat data.
public void sendMessage(String registeredString, String message) throws RemoteException;
6. ChatServerImplementation.java - implements Chatserver interface.
import java.rmi.*;
import java.util.*;
import java.rmi.server.*;
import java.io.*;
* A class that bundles the ChatCallback reference with a public name used
* by the client.
class ChatClient {
private ChatCallback callback;
private String publicName;
ChatClient(ChatCallback cbk, String name) {
callback = cbk;
publicName = name;
// returns the name.
String getName() {
return publicName;
// returns a reference to the callback object.
ChatCallback getCallback() {
return callback;
public class ChatServerImplementation extends UnicastRemoteObject
implements ChatServer {
// The table of clients connected to the server.
Hashtable clients;
// Tne number of current connections to the server.
private int currentConnections;
// The maximum number of connections to the server.
private int maxConnections;
// The output stream to write messages to.
PrintWriter writer;
* Create a ChatServer.
* @param maxConnections the total number if connections allowed.
public ChatServerImplementation(int maxConnections) throws RemoteException {
clients = new Hashtable(maxConnections);
this.maxConnections = maxConnections;
* Increment the counter keeping track of the number of connections.
synchronized boolean incrementConnections() {
boolean ret = false;
if (currentConnections < maxConnections) {
currentConnections++;
ret = true;
return ret;
* Decrement the counter keeping track of the number of connections.
synchronized void decrementConnections() {
if (currentConnections > 0) {
currentConnections--;
* Register with the ChatServer, with a String that publicly identifies
* the chat client. A String that acts as a "magic cookie" is returned
* and is sent by the client on future remote method calls as a way of
* authenticating the client request.
* @param object The ChatCallback object to be used for updates.
* @param publicName The String the object would like to be known as.
* @return The actual String assigned to the object for removing, etc. or
* null if the client could not register.
public synchronized String register(ChatCallback object, String publicString) throws RemoteException {
String assignedName = null;
if (incrementConnections()) {
ChatClient client = new ChatClient(object, publicString);
assignedName = "" + client.hashCode();
clients.put(assignedName, client);
out("Added callback for: " + client.getName());
return assignedName;
* Remove the client associated with the specified registration string.
* @param registeredString the string returned to the client upon registration.
public synchronized void unregister(String registeredString) throws RemoteException {
ChatCallback cbk;
ChatClient sender;
if (clients.containsKey(registeredString)) {
ChatClient c = (ChatClient)clients.remove(registeredString);
decrementConnections();
out("Removed callback for: " + c.getName());
for (Enumeration e = clients.elements(); e.hasMoreElements(); ) {
cbk = ((ChatClient)e.nextElement()).getCallback();
cbk.addMessage("ChatServer",
c.getName() + " has left the building...");
else {
out("Illegal attempt at removing callback (" + registeredString + ")");
* Sets the logging stream.
* @param out the stream to log messages to.
protected void setLogStream(Writer out) throws RemoteException {
writer = new PrintWriter(out);
* The client is sending new message to the server.
* @param assignedName the string returned to the client upon registration.
* @param data the chat data.
public synchronized void sendMessage(String registeredString, String message) throws RemoteException {
ChatCallback cbk;
ChatClient sender;
try {
out("Recieved from " + registeredString);
out("Message: " + message);
if (clients.containsKey(registeredString)) {
sender = (ChatClient)clients.get(registeredString);
for (Enumeration e = clients.elements(); e.hasMoreElements(); ) {
cbk = ((ChatClient)e.nextElement()).getCallback();
cbk.addMessage(sender.getName(), message);
else {
out("Client " + registeredString+ " not registered");
catch(Exception ex){
out("Exception thrown in newData: " + ex);
ex.printStackTrace(writer);
writer.flush();
* Write s string to the current logging stream.
* @param message the string to log.
protected void out(String message){
if(writer != null){
writer.println(message);
writer.flush();
* Start up the Chat server.
public static void main(String args[]) throws Exception {
try {
// Create the security manager
System.setSecurityManager(new RMISecurityManager());
// Instantiate a server
ChatServerImplementation c = new ChatServerImplementation(10);
// Set the output stream of the server to System.out
c.setLogStream(new OutputStreamWriter(System.out));
// Bind the server's name in the registry
Naming.rebind("//" + args[0] + "/ChatServer", c);
c.out("Bound in registry.");
catch (Exception e) {
System.out.println("ChatServerImplementation error:" +
e.getMessage());
e.printStackTrace();
Using my own machine (connected to a network), I tried to test this one out by setting mine as the server and also the client. I did the following:
1. Compile the source code.
2. Use rmic to generate the skeletons and/or stubs from the ChatCallbackImplementation and ChatServerImplementation.
3. Start the rmiregistry with no CLASSPATH
4. Start the server successfully.
5. Start the applet using the AppletViewer command.
It worked fined.
The problem is when I ran the applet using the browser, IE explorer, the dialog boxes, frame and buttons did appear. I was able to do the part of logging on. But after that, the applet seemed to have hang. No message appeared that says I'm connected (which appeared using the appletviewer). I clicked the send button. No response.
I double-checked my classpath. I did have my classpath set correctly. I'm still trying to figure out the problem. Up to now, I don't have any clue what it is.
I will appreciate much if someone can help me figure what's could have possibly been wrong ....
Thanks a lot ...Hi Domingo,
I had a similar problem running applet/rmi with IE.
Looking in IE..view..JavaConsole error messages my applet was unable to find java.rmi.* classes.
I checked over java classes in msJVM, they're not present.
( WinZip C:\WINDOWS\JAVA\Packages\9rl3f9ft.zip and others from msVM installed )
( do not contain the java.rmi.* packages )
I have downloaded and installed the latest msJVM for IE5. ( I think its included in later versions)
@http://www.objectweb.org/rmijdbc/RJfaq.html I found ref to rmi.zip download to provide
these classes. I couldn't get the classes from the site but I managed to find a ref to IBM
site @http://alphaworks.ibm.com/aw.nsf/download/rmi which had similar download.
The download however didn't solve my problems. I was unable to install rmi.zip with
RmiPatch.exe install.
I solved this by extracting the class files from rmi.zip and installing them at C:\WINDOWS\JAVA\trustlib ( msJVM installation trusted classes lib defined in
registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Java VM\TrustedLibsDirectory )
This solved the problem. My rmi/applet worked.
Hope this helps you.
Chris
([email protected]) -
Applet servlet communication using SSL
Hi
I am using an applet to talk to a servlet which is behind Wwebsphere application server
Code is all working fine till i had to use SSL
Do I need to write special code in my applet ??
I think i need to change my URL string to use https instead of http URLConnection and the port which websphere understands ??
What change do I make in the servlet code ??
Do I need to use JSSE classes and install JSSE provided by sun ??
How do I configure my IBM Http server and the Websphere application server is what i am unable to follow
Please clear doubts
ThanksI am also using JDK 1.3
-
Why use Applet when display Form Application?What is the benefits using it?
Hi All,
I still don't know what is the benefits using Java Applet when displaying Form Applications.
What is other ways to display Form?
Thanks!http://en.wikipedia.org/wiki/Applet
It depdends what you mean by "non applet" - you could mean an application or a "thin" browser UI that does not require a JVM
THe thing is, you don't really have a choice if using Forms -
Crash connection over Internet using TCP/IP SSL sockets
I'm doing a file Transfer WEB Client/server Application using TCP/IP SSL Sockets?
In an internal LAN the file Transfer work pretty well but in Internet this Crash (downturn the file transfer).
the code in Client to connect to server is:
SSLSocketFactory sslFact = (SSLSocketFactory)SSLSocketFactory.getDefault();
socket = (SSLSocket)sslFact.createSocket(c.site, c.PORT);
String [] enabledCipher = socket.getSupportedCipherSuites ();
socket.setEnabledCipherSuites (enabledCipher);
out = new ObjectOutputStream(socket.getOutputStream());
in = new ObjectInputStream(socket.getInputStream());
The code in Server to wait client connections is:
Runtime.getRuntime().addShutdownHook(new ShutdownThread(this));
try {
SSLServerSocketFactory factory = (ServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslIncoming =
(SSLServerSocket) factory.createServerSocket (PORT);
String [] enabledCipher = sslIncoming.getSupportedCipherSuites ();
sslIncoming.setEnabledCipherSuites (enabledCipher);
while(running) {
SSLSocket s = (SSLSocket)sslIncoming.accept();
newUser(s, pauseSyn);
} catch (IOException e) { System.out.println("Error: " + e); }
Some help with this topic, show me the ligth? what is bad?Hi,
Can you show us the stacktrace?
/Kaj -
How to use IE proxy with an applet and a socket ???
Hello!
I need to make an applet running with Internet Explorer.
This applet uses socket and sends http request to a server (the server where the
applet is).
It's ok but it doesn't work when my IE uses a proxy.
My question is: how my applet can makes a socket using the IE proxy ?
My applet can be used by many users, so it has to work with or without proxy, and has
no need no configuration.
Thanks for your help.Check for the system environment variable for "ie.proxy" in your applet code, if it returns something then use the proxy server, if not then ignore it.
However, as a rule of thumb unless your IE Security settings enable applets to access URLs, then it won't work. Next, speaking in general java - applets can only access resources (URLs) from the applet's originating server (i.e. the server where the applet exists).
If IE uses a proxy, then your applet should automatically use it, unless as I metioned before, your IE Security does not allow permission for the applet to do so. Check Tools - Internet Options - Security - Java - Advanced options. -
On certain web sites(with java applets embedded or rich content),sometimes browser hotkeys are beeing used with other functionality (eg.: youtube uses ctrl + tab for sliding between player controls).How can I prevent this ?
Thanks for posting this!
I would only mention that your definition is incomplete for this -
Contextual selector A type of Style Sheet Selector that
and that it's most often referred to now as a Descendent selector, not a contextual selector. It's basically the same as the Compound selector that you have already defined....
Maybe you are looking for
-
I am using MP4Converter to convert some music video from a DVD to put in iPod but video and audio doesn't sync. Anyone has the same problem?
-
Useful View Options in Time Machine: Changed Files?
I set up time machine and a day later I can browse around. Very cool graphics. But it seems to be missing something useful (essential?) -- a way to look at what changed from backup to backup. Looking at the Info on a particular file on a particular b
-
Adobe Reader could not open 'Aeron_Chairs_adjustment_guide.pdf' because it is either not a supported file type or because the file has been damaged (for example, it was sent as an email attachment and wasn't correctly decoded). This happens very ofte
-
I have a problem about the syntax package and import . If i create a class file that call "Play.java" and keep it at directory call "test". Now , i create the main file that call the "Play" class and this current file keep at directory that call "dem
-
Instant messaging in workspaces
In my user profile I see that Instant Messaging is enabled. Am I able to use this to communicate with members of my workspaces? I'd like to be able to IM another workspace member if they were online, but I can't see if/how to do this.