Applets et Java.policy
I need some help to undestand the permissions associated to applets.
My applet, created from a servlet app, needs data files, xml files in input and temporary xml files in output / input.
When running it, I have the message :
Error : Java.lang.exception : java.security.AccessControlException : access denied (java.io.FilePermission c:\myDirectory\DataFiles\MyFile.csv read)
How is it possible to pass this step ? I do not only need to make it running on my computer (by modifying by myself the default java.policy file ); I need to be able to distribute my app to users and finding the simplest way to have it running correctly.
Thanks for the link. This is really helpfull.
A question : I performed the 1 to 5 steps ( Suzan in the doc, the applet provider ). This is enough to have the applet geting the rights to read files but not enough to be able to write. When loading, a window opens and presents the certificate elements asking the user to accept the execution. This is fine.
What about the 6 to 8 ( Ray in the doc ). We can't ask the end-user to enter such a command !
Similar Messages
-
Hi.
We are developing an applet that need to access to the file systems and anothers properties, like user.home. To do this and don't modify the java.policy of the jre, we create a .java.policy file into user home. The content is:
grant {
permission java.util.PropertyPermission "user.name", "read";
permission java.util.PropertyPermission "user.home", "read, write";
permission java.util.PropertyPermission "java.library.path", "read, write";
permission java.lang.RuntimePermission "accessClassInPackage.org.mozilla.jss.*";
permission java.io.FilePermission "${user.home}/", "read";
permission java.io.FilePermission "${user.home}/-", "read, write";
With this configuration it works fine in Linux with Iceweasel, but in windows it's not work (firefox nor internet explorer)!.
The error is:
[SignApplet]: M�dulo iniciado.
[SignApplet]: Cliente de firma iniciado.
[ESignatureFormatFactory]: Buscando formato 'CMS'... encontrado!
[SignManager]: Firmando digitalmente...
java.lang.NullPointerException
at java.util.Properties$LineReader.readLine(Unknown Source)
at java.util.Properties.load(Unknown Source)
at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.<init>(MimeTypeHelper.java:23)
at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.getInstance(MimeTypeHelper.java:32)
at com.telventi.afirma.cliente.actions.ACommonAction.<clinit>(ACommonAction.java:59)
at com.telventi.afirma.cliente.signatureformat.signaturemanager.ASignManager.warn(ASignManager.java:405)
at com.telventi.afirma.cliente.signatureformat.signaturemanager.SignManagerMSIEWin32.signDigitally(SignManagerMSIEWin32.java:63)
at com.telventi.afirma.cliente.signatureformat.CMSSignatureFormat.createSignedInfo(CMSSignatureFormat.java:1562)
at com.telventi.afirma.cliente.signatureformat.CMSSignatureFormat.signExplicitHash(CMSSignatureFormat.java:265)
at com.telventi.afirma.cliente.signatureformat.signaturemanager.ASignManager.signHashElectronically(ASignManager.java:139)
at com.tsol.afirma5.util.impl.AppletServiceImpl.generarFirma(AppletServiceImpl.java:60)
at com.tsol.validacionCertificado.applet.TSolApplet.obtenerFirmaGenerada(TSolApplet.java:105)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.invoke.JSInvoke.invoke(Unknown Source)
at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
java.lang.ExceptionInInitializerError
at com.telventi.afirma.cliente.signatureformat.signaturemanager.ASignManager.warn(ASignManager.java:405)
at com.telventi.afirma.cliente.signatureformat.signaturemanager.SignManagerMSIEWin32.signDigitally(SignManagerMSIEWin32.java:63)
at com.telventi.afirma.cliente.signatureformat.CMSSignatureFormat.createSignedInfo(CMSSignatureFormat.java:1562)
at com.telventi.afirma.cliente.signatureformat.CMSSignatureFormat.signExplicitHash(CMSSignatureFormat.java:265)
at com.telventi.afirma.cliente.signatureformat.signaturemanager.ASignManager.signHashElectronically(ASignManager.java:139)
at com.tsol.afirma5.util.impl.AppletServiceImpl.generarFirma(AppletServiceImpl.java:60)
at com.tsol.validacionCertificado.applet.TSolApplet.obtenerFirmaGenerada(TSolApplet.java:105)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.invoke.JSInvoke.invoke(Unknown Source)
at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
Caused by: com.telventi.afirma.cliente.exceptions.ClienteFirmaRuntimeException: Error al mapear el archivo de tipos.
at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.<init>(MimeTypeHelper.java:26)
at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.getInstance(MimeTypeHelper.java:32)
at com.telventi.afirma.cliente.actions.ACommonAction.<clinit>(ACommonAction.java:59)
... 21 more
Caused by: java.lang.NullPointerException
at java.util.Properties$LineReader.readLine(Unknown Source)
at java.util.Properties.load(Unknown Source)
at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.<init>(MimeTypeHelper.java:23)
... 23 more
java.lang.Exception: java.lang.ExceptionInInitializerError
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
[SignApplet]: Invocando isInitialized.
Code where it fail is:
TYPES.load((com.telventi.afirma.cliente.utilidades.MimeTypeHelper.class).getResourceAsStream("mimetypes.properties"));
TYPES is Properties object.
When we modify the .java.policy file with permission java.security.AllPermission it work fine too, and this make to us think that this is a permission problem!.
Somebody has an idea???
Sorry for my english!Having to modify the policy file defeats the whole point of using applets in the first place. If you have to install anything (such as a new policy file) on the client machine, you may as well install a GUI program.
Either get yourself a digital certificate and sign the applet, or use an independent program instead. -
File Access with unsigned Applet through editing the java.policy file
I'am starting to lose my hair on this...
I am trying to get an applet to run so that it can access the file system to move files on my local maschin. Because this applet is only running on my VM i can change the java.policy to avoid the signing of the applet.
first of all, if i wrote in the java.policy file
grant {
permission java.security.AllPermission;
};everything is working perfekt.
But I have not the intention to open the gates for any applet out there, so i want to limit the access to my applet. With every of the following versions I get at best an
java.security.AccessControlException: access denied (java.io.FilePermission...
My Setup
My Java Version: jre1.6.0_02
My applet is located unter the url
http://admin.mydomain.com/applet.jar
In Html i tryed the following different versions of loading the applet - none worked
<applet codebase="http://admin.mydomain.com/" name="shortcut" code="start.class" archive="applet.jar" width="0" height="0"></applet>
<applet codebase="http://admin.mydomain.com" name="shortcut" code="start.class" archive="applet.jar" width="0" height="0"></applet>
<applet name="shortcut" code="start.class" archive="http://admin.mydomain.com/applet.jar" width="0" height="0"></applet>in java.policy i tryed following versions with every html applet load version
grant codeBase "http://admin.x-press.de/-" {
permission java.security.AllPermission;
grant codeBase "http://admin.x-press.de/+" {
permission java.security.AllPermission;
grant codeBase "http://admin.x-press.de/applet.jar" {
permission java.security.AllPermission;
};why is it with
grant {
permission java.security.AllPermission;
};working, and not with the other versions?
i am almost bold now, please try to save my last hair from falling down.
any suggestion would be nice
thanks, feyyaz
Message was edited by:
feyyazdoguI read the mentioned documentation and your right, some of my versions were wrong, but after reading the doumentation again i came to following result which should had worked but didn't.
java.policy
grant codeBase "http://admin.mydomain.com/*" {
permission java.security.AllPermission;
HTML File
<applet codebase="http://admin.mydomain.com/" name="shortcut" code="start.class" archive="applet.jar" height="0" width="0"></applet>if I am entering http://admin.mydomain.com/applet.jar i can download the jar, so the archive lays in the correct directory.
what i am doing wrong? do i have to change an additional file somewhere else? -
Please Help java.policy signedBy can't access file local
i create keystore and signjar in web applet
run tomcat access file in local but not acess file denied
i goto edit file java.policy
grant {
permission java.security.AllPermission;
can access file
but put SignedBy cannot access file
grant SignedBy fuangchai{
permission java.security.AllPermission;
Please help me example file keystore,applet.jar,java.policy
to signedby access file local in webapplet
env JDE 1.5 ,javascript yui 2.8 ,prototype js,tomcat6
File html
<object classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
codebase="http://java.sun.com/update/1.5.0/jinstall-1_5-windows-i586.cab#Version=5,0,0,5"
width="1" height="1" >
<param name=code value="com.arg.aes.test.FileDirectoryBS.class" >
<param name=archive value="app.jar">
<param name=codebase value="." >
<param name="type" value="application/x-java-applet;version=1.5">
<param name="scriptable" value="true">
<param name="mayscript" value="true">
<param name="debug" value="false">
<comment>
<embed name="myApplet" id="myApplet"
type="application/x-java-applet;version=1.5"
code="com.arg.aes.test.FileDirectoryBS.class"
archive="app.jar"
java_codebase="."
width="1"
height="1"
scriptable="true"
mayscript="true"
pluginspage="http://java.sun.com/products/plugin/index.html#download">
<noembed>
</noembed>
</embed>
</comment>
</object>
<applet
code="com.arg.aes.test.FileDirectoryBS"
width="1"
height="1"
archive="app.jar"
name="myApplet"
codebase="."
MAYSCRIPT="true"
>
</applet>
javascript
initlistfile : function() {
try
var list = $("myApplet").initlistfileInDir();
var jsondata = list.evalJSON();
/*alert(jsondata.dirname);
alert(jsondata.dirpath);
alert(jsondata.listfile.length);*/
initTableLeft(jsondata.listfile);
catch(e)
alert("Exception : access denied.");
return;
import java.applet.Applet;
import java.io.File;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
import java.security.ProtectionDomain;
import java.text.DecimalFormat;
import java.text.NumberFormat;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
* @author fuangchai
public class FileDirectoryBS extends Applet{
public static File[] ROOTS = File.listRoots();
public static String HOME = System.getProperty("user.home");
public String listDir()
return JsonObj.makeTopDir((ROOTS.length > 0)?ROOTS : new Object[]{HOME});
public String initlistfileInDir()
return listfileInDir(null);
public String listfileInDir(String dirName)
if(null == dirName || dirName.equals(""))
System.out.println("root = " + ROOTS.length);
try {
dirName = (ROOTS.length > 0)?ROOTS[0].getPath():HOME;
catch (Exception e) {
e.printStackTrace();
return "";
System.out.println("#########################");
DirectoryDescImp obj = makeObjDir(dirName);
return (null == obj)?null:JsonObj.makeDir(obj);
public String listlinkInDir(String dirName)
if(null == dirName || dirName.equals(""))
System.out.println("root = " + ROOTS.length);
try {
dirName = (ROOTS.length > 0)?ROOTS[0].getPath():HOME;
catch (Exception e) {
e.printStackTrace();
return "";
System.out.println("#listlinkInDir#");
try {
File obj = new File(dirName);
return (null == obj)?null:JsonObj.makelinkDir(obj.getName(),obj.getPath());
} catch (Exception e) {
System.out.println("I can't access a file here! Access Denied!");
e.printStackTrace();
return null;
public boolean isEnc(File f)
//TODO
return false;
public DirectoryDescImp makeObjDir(String dirName)
System.out.println("dirName = " + dirName);
try{
File dir = new File(dirName);
String[] entries = dir.list();
if(null == dir || null == entries || entries.length <= 0)
System.out.println("Data is null or not obj." );
return null;
System.out.println("Dir List = " + dir.list().length);
System.out.println("Dir Name = " + dir.getName());
System.out.println("Dir Path = " + dir.getPath());
DirectoryDescImp dirDesc = new DirectoryDescImp();
dirDesc.setDirName(dir.getName());
dirDesc.setDirPath(dir.getPath());
List<FileDescImp> list = new ArrayList<FileDescImp>();
for(int i=0; i < entries.length; i++) {
File f = new File(dir, entries);
FileDescImp fDesc = new FileDescImp();
fDesc.setFile(f);
fDesc.setFileEncrept(isEnc(f));
list.add(fDesc);
dirDesc.setListfile(list);
return dirDesc;
catch(Exception e){
System.out.println("I can't access a file here! Access Denied!");
e.printStackTrace();
return null;
Thank you
Fuangchai Jum
Mail [email protected]
Edited by: prositron on Jan 13, 2010 7:35 AMOK,
Let's say I have to intialize Environment, and call method initEnvironment() in Applet's init(). Environment class:
class Environment
private KeyStore keyStore;
private Enumeration<String> aliases;
public void initEnvironment() {
Security.addProvider(new sun.security.mscapi.SunMSCAPI());
keyStore = KeyStore.getInstance("Windows-MY");
keyStore.load(null);
aliases = keyStore.aliases();
}Applet is signed, I trust signer.
Since Applet is signed I'm able to overwrite existing .java.policy under user.home.
This doesn't work if I don't have .java.policy:
grant {
permission java.security.SecurityPermission "insertProvider.SunMSCAPI";
permission java.security.SecurityPermission "authProvider.SunMSCAPI";
permission java.util.PropertyPermission "jsr105Provider", "read";
permission java.util.PropertyPermission "com.sun.xml.internal.ws.api.pipe.Fiber.serialize", "read";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.util.PropertyPermission "com.sun.xml.internal.ws.api.streaming.XMLStreamWriterFactory.noPool", "read";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.lang.RuntimePermission "accessClassInPackage.com.sun.xml.internal.ws.fault";
permission java.util.PropertyPermission "com.sun.xml.internal.ws.api.streaming.XMLStreamWriterFactory.woodstox", "read";
};P.S.
Does it make sense to be able to make changes to file system and not be able to make actions from above policy?!?! -
How to handle the java.policy file ?
Can somebody tell me how to handle the java.policy file?
I always get java.net.SocketExceptions and java.security.AccessControlExceptions while connecting to an appserver from an applet.
What do I have to write in the java.policy file, where do I have to place it and do I have to call it in some way form my applet?
Thanks in advance.
don callThe java.policy file goes in your jre installation directory in .../jre/lib/security (there should be one there already).
I used it to allow otherwise restricted permissions for an applet using javax.comm. Add something like the following to the file:
grant codeBase "URL:http://yourDomainName/rootDirectoryOfYourApp/*" {
permission java.security.AllPermission;
This will give the applet downloaded from your site all permissions. You might want to give only certain permissions, I don't know.
Teri -
How add grant permission in java.policy
hi master
sir serch in my system
C:\Program Files\j2sdk_nb\j2sdk1.4.2\jre\lib\security
C:\Program Files\j2sdk_nb\_jvm\lib\security
C:\Program Files\Java\j2re1.4.1_03\lib\security
C:\Program Files\Java\jre1.5.0_10\lib\security
sir i have many java.policy file which one is default java.policy file
how i add the code
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission "java.vm.specification.version", "read";
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
and this code
grant codeBase "C:\Program Files\j2sdk_nb\j2sdk1.4.2\jre\lib\security
permission java.security.AllPermission;
give me idea how i add my code in java.policy file of using the oracle database in applete
thank
aamirin the control panel see what runtime is used by ur applet, mostly the lastest one u installed.
C:\Program Files\Java\jre1.5.0_10\lib\security
in this folder grant permission for the codebase where ur database is located. -
Hi ,
I am facing problem with the following code.
ClassLoader loaderPrev = Thread.currentThread().getContextClassLoader();
ClassLoader loader = URLClassLoader.newInstance(new URL[]{new URL(CodeBase)} , loaderPrev );
ClassLoader loader = new URLClassLoader(urlList);
Thread.currentThread().setContextClassLoader(loader) ;
result = Thread.currentThread().getContextClassLoader().loadClass(className);
This loads class successfully if I give "AllPermision" in my java.policy. But in real project I cann't do this. If I give only the http port in the java.policy file, it doesn't work . It gives socket permission denied exception.
I appreciate if somebody can give some input on this.
Thanks
Surendratry to sign applets
please check documents
or search in the forums
http://java.sun.com/security/signExample12/
http://java.sun.com/j2se/1.4/docs/guide/plugin/developer_guide/rsa_signing.html
renjith. -
Can distribution of a .java.policy file be eliminated
Sorry for the stupid question, but I'm fairly new to the realm of dealing with Java security...
I have an applet that I want to deploy worldwide as part of an upgrade to an existing website, but I've run into the following error:
"Error getting connection to: jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.0.101)(PORT=1521)))(CONNECT_DATA=(SID=EKB)(SERVER=DEDICATED))) using oracle.jdbc.driver.OracleDriver
access denied (java.util.PropertyPermission oracle.jserver.version read)"
I have managed to figure out that I can eliminate this problem by placing a .java.policy file on all client machines that contain the following:
"grant {
permission java.util.PropertyPermission "oracle.jserver.version", "read";
However, is there any way to eliminate the need to distribute the policy file to those wanting to use the web site's applet? Can it be done somehow within the SSL certificate that I seemingly also have to distribute?
Any help for this newbee would be appreciated!In contrast to what many people say in this forum, it is possible to have an unsigned applet access a database. You don't even have to manipulate the client's policy-file. The requirement is that the database is located on the same machine as the applet is downloaded from.There are however other things that can break this possibility. One is the database-driver itself.
In the case of Oracle we have tried using different versions of the driver. When using version 8.1.7 or 9.0.1 things work nicely, but when switching to version 9.2 it stops working. There is a question on OTN [1]. Let's see what Oracle has to say about it.
[1] Problem connecting using Oracle JDBC drivers -
Does Java Plug-in Ignore java.policy Permissions?
I am running Firefox 3.6.12 on Ubuntu Karmic with Java plug-in 1.6.0_22. I'm trying to run an Aventail OnDemand applet, and I keep getting I/O file-reading permissions exceptions in the Java console. I tried granting the permission in /usr/lib/jvm/java-6-sun-1.6.0.22/jre/lib/security/java.policy, but that was apparently ignored. Any help would be greatly appreciated.
I think the java plugin uses C:\Program Files\Java\j2re1.4.2_04\lib\security\cacerts as a store to get keys.
The password of this file is changeit and you can use keytool to import keys.
I found contradicting information about what can be imported but if you have a p12 file (Mozilla convention for PKCS12) you can import it with java control panel:
C:\Program Files\Java\j2re1.4.2_04\bin\jpicpl32.exe
After imported a cert with control panel it was put in a file located here
C:\Documents and Settings\sbaker\Application Data\Sun\Java\Deployment\security\
Importing with the control panel makes a user specific import and importing with keytool in C:\Program Files\Java\j2re1.4.2_04\lib\security\cacerts (password is changeit) makes it machine specific. -
Hi,
I am writing an web based application using applets nadn eed to contact a MYSql database.
I am getting Access Denied exception.
In my java.policy file I added the following two lines :
grant codeBase "http://mywebpage/"{
permission java.security.AllPermission;
I am still getting the following exception : Any help will be greatly appreciated since I have a demo tomorrow. (Is there anyway to confugure the java.policy or java.security file to allow the jar that contains my applet(dvt.jar) to access the underlying database.)
Is there some place I need to specify explicitly where to find this java.policy file.
Platform is UNIX.
Thx
Karthik
Thx
Karthik
Unable to connect to any hosts due to exception: java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:3306 connect,resolve)** BEGIN NESTED EXCEPTION ** java.security.AccessControlExceptionMESSAGE: access denied (java.net.SocketPermission 127.0.0.1:3306 connect,resolve)STACKTRACE:java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:3306 connect,resolve)at java.security.AccessControlContext.checkPermission(Unknown Source)at java.security.AccessController.checkPermission(Unknown Source)at java.lang.SecurityManager.checkPermission(Unknown Source)at java.lang.SecurityManager.checkConnect(Unknown Source)at java.net.Socket.connect(Unknown Source)at java.net.Socket.connect(Unknown Source)at java.net.Socket.<init>(Unknown Source)at java.net.Socket.<init>(Unknown Source)at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:124)at com.mysql.jdbc.MysqlIO.<init>(MysqlIO.java:225)at com.mysql.jdbc.Connection.createNewIO(Connection.java:1783)at com.mysql.jdbc.Connection.<init>(Connection.java:450)at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:411)at java.sql.DriverManager.getConnection(Unknown Source)at java.sql.DriverManager.getConnection(Unknown Source)at vdt.VdtModuleApplet.getConnection(VdtModuleApplet.java:444)at vdt.VdtModuleApplet.init(VdtModuleApplet.java:105)at sun.applet.AppletPanel.run(Unknown Source)at java.lang.Thread.run(Unknown Source)** END NESTED EXCEPTION ** System = Inited, gotParameters, init propertiesGetting Connection Posts: 30 | Registered: Feb 2005 | IP: LoggedHi Folks, I am also facing the same kind of
problem...when I am trying to open notepad by
clicking on New option of my Frame's menu.. I am
getting the message Access Denied...some permission
problem is there...Please help me in directing about
setting the policies...https://www.support.storagetek.com/LibraryAdminHelp/lsa/setting_up_java_policy_permissions.htm
http://www.exciton.cs.rice.edu/JavaResources/security/policy.htm -
I've recently been trying to allow an applet on a local webpage to write to a file in the same folder. I've been using the following .java.policy file:
grant codeBase "file:${user.home}/My Documents/folder/*" {
permission java.io.FilePermission "${user.home}${/}My Documents${/}folder${/}*", "read,write";
};The HTML is in the folder called "folder" as above. So is the JAR file for the applet. In the HTML is:
<applet code="foo.class" archive="foo.jar"></applet>The applet implements a "load" function and a "save" function, which are called like:
data=document.applets[0].load(filename);
document.applets[0].save(filename,data);Everything works perfectly using Opera, but fails in IE and Firefox unless I remove the codebase from the grant, leaving just a universal "grant {".
I'm using 1.5.0_06. I've tried other codeBase values such as "file:C:/-", "file:///C:/-", "file:C:/Documents%20and%20Settings/-", and similar variations (too many to list). I've also tried adding a codebase attribute to the applet tag with the value "file:///C:/Documents%20and%20Settings/username/My%20Documents/folder/" (value derived from document.location).
Is there some way to limit granting of permissions to applets in a particular folder that works in all browsers? I know Opera bypasses the Java plugin to access the runtime directly, hence my feeling this is a plugin bug.
Thanks in advance for any help.Use doprivileged for signed code called by javascript
Signing applets:
http://forum.java.sun.com/thread.jsp?forum=63&thread=524815
second post and last post for the java class file using doprivileged
Still problems?
A Full trace might help us out:
http://forum.java.sun.com/thread.jspa?threadID=656028 -
Auto upgrade jre and auto retain java.policy
Hello,
I need to automatically update clients with jre 1.4.2_07 and also retain the existing java.policy from the previous version (1.4.2_04). I have the jre installation kicking off correctly (with IE and XP) using
codebase = "http://myserver/jinstall-1_4_2_07-windows-i586.cab#Version=1,4,2,70"
but I also need to use my existing java.policy before the rest of the applet loads.
I am not familiar with cab files, but is it possible to add a subsequent step to the jre install which would replace the generic java.policy with my specific java.policy? or any other way ??
Thanks, Sari851004 wrote:
..It has been re-written from spec="1.0" to spec="1.5" ..Who changed it, and why?
..Does anybody else have an answer, solution, or suggestion ..?I suggest:
<ul>
<li>Change the spec. number back to something that 1.4 JWS claims to understand (i.e. "1.0").
<li>Checking the launch file using JaNeLA
</ul>
Edited by: Andrew Thompson on Apr 9, 2011 7:54 AM -
Signed Applet In Java Web Server
I have created signed applet signed by myself. It works fine with appletviewer as well as web browsers. Now I want to place this signed applet in Java webserver.
My queries are
1.Where to place this signed applet(Is it in publichtml Folder ????)
2.Where to place my certificate and policy files in server.
3 If I access this applet from any other machines(client)how to avoid Grant Permission Dialog box coming everytime.
Thankshi
i would like to ask you about the applet that you've signed, heve you uses the java.securitu
classes in it's code?? and how did u signed it. because i'm trying to sign an applet where i didn't use security classes, it runs with ie but it doesn't run with netscape even if i uses the netscape signing tool.
thanks for help -
Essential question concerning java.policy file
I have been searching this forum for an answer to this question:
Is there a way to run a signed applet on an intranet (via the Plugin) with out having to go around to each user's workstation and change their java.policy file?
So far, I have seen this question asked several times but with no concrete answer.
Thanks for any help!You can create your own Policy implementation as shown in the following link :
http://www.javageeks.com/Papers/JavaPolicy/index.html
This has some drawbacks.
I overcame your problem by writing my own Security Manager. -
I'm profiling an applet during the code/compile cycle, and I don't want to sign it every time, so I've modified my java.policy file.
I've tried many different settings in my java.policy file and they seem to always be ignored. Finally I tried the following "catch all"
grant codeBase "file:/-" {
permission java.security.AllPermission;
and my applet still gets an AccessControlException.
WTF?
Doesn't that line mean that anything on my hard drive can do whatever it wants?
My applet is not being served on a webserver, my profiler runs it with javaw ... sun.applet.AppletViewer file:/.../page.html.
I'm using 1.4.1_01.This is far fetched, but it couldn't be that somehow the
Appletviewer class doesn't install a security manager, could it?At least on 1.4.1_01, it does, and I would assume it always has. You could check by calling System.getSecurityManager() (q.v.), or by running this simple applet:
public class Appy extends Applet {
String name = "none";
public void start() {
SecurityManager sm = System.getSecurityManager();
if (sm != null) name = sm.getClass().getName();
public void paint(Graphics g) {
FontMetrics fm = getFontMetrics(getFont());
int x = (getSize().width - fm.stringWidth(name)) / 2;
int y = (getSize().height - fm.getHeight()) / 2;
g.drawString(name, x, y + fm.getAscent());
}On my system (JDK 1.4.1_01, Win XP) it diplays: sun.applet.AppletSecurity
Good luck,
David R. Conrad
Maybe you are looking for
-
How do make the mouse wheel scroll in my Flex app/component instead of the browser?
Let's say I have a DataGrid or Tree or List component which has hundreds of rows. When I place my mouse over the component and scroll the mouse wheel, I notice that [most of the time] it scrolls the component a little, then starts scrolling the brows
-
Windows 8.1 Pro fails to receive WSUS patches with 8024500C error
Hi I have just added my first Windows 8.1 Pro to the domain. The WSUS server is running SP2 and has the KB2720211 and kb2734608 patches installed. The WSUS server has sync'ed with microsoft.com several times, SQLCMD has been run and the cleanup wizrd
-
How do I get rid of error message, "iTunes could not back up the iPad because an error occurred."
During a recent syncing of my iPad and iTunes, I cancelled a sync during the backup step of the process. Since then I whenever I sync the ipad I know get, "iTunes could not back up the iPad because an error occurred." I have reset my iPad and turned
-
will my ipad 2 wi-fi+3g at&t worked with most african net work provider were im soon heading to?
-
Can you confirm for me please? - jdbc to pl/sql record types
Hi, I was hoping somebody could confirm the following please? I've been researching this in the Oracle JDBC docs and the Internet, but would feel more comfortable if somebody would confirm my findings. I have a 10g database pl/sql procedure that take