How to setup security manager for applet at runtime?

hello everyone,
I am wonder if there is a way to setup security manager at runtime. This is what I am trying to do:
1. Create a Applet GUI and allow users to specify in an input dialog box of the URL they like make connection to.
I know there is two way of do this
1. Is modify java.policy file and specify the URL SocketPermission to connect to.
2. setup signed certificate applet.
But, I would to try to see if there is a way to have applet make connection at runtime when users specify the URL.
Anyone have any ideas.
Thanks.

Thanks, Peter
Going over some articles you and references that you pointed out was very useful on how the java security model work and a little bit history too.
So, I am assuming that I can make my own securitymanager class that defines the permission of the applet that I am working, using Permission, SecurityManager, ....etc class right? I just want to be clear on what I am going to be doing.
If you have any other thoughts, Thanks,

Similar Messages

  • How to setup IPV6 boundary for SCCM 2012 R2 Primary Site?

    How to setup IPV6 boundary for SCCM 2012 R2 Primary Site?
    I have Direct Access implemented in my environment. I have Windows 8.1 machine connecting through direct access.
    I want to manage the windows 8.1 through SCCM. How do I setup IPV6 boundary. Can someone guide me through?
    Below are the Windows 8.1 client IP Configuration
    C:\Windows\system32>ipconfig
    Windows IP Configuration
    Wireless LAN adapter Local Area Connection* 3:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
    Wireless LAN adapter Wi-Fi:
       Connection-specific DNS Suffix  . : home
       Link-local IPv6 Address . . . . . : fe80::7466:11a5:39ed:ffb0%4
       IPv4 Address. . . . . . . . . . . : 192.168.1.5
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 192.168.1.1
    Tunnel adapter isatap.home:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : home
    Tunnel adapter Teredo Tunneling Pseudo-Interface:
       Connection-specific DNS Suffix  . :
       IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1494:1339:93d6:439c
       Link-local IPv6 Address . . . . . : fe80::1494:1339:93d6:439c%9
       Default Gateway . . . . . . . . . :
    Tunnel adapter iphttpsinterface:
       Connection-specific DNS Suffix  . :
       IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000:e1a7:9cc8:c3c7:d819
       Temporary IPv6 Address. . . . . . : fd64:fc00:d17b:1000:206c:f857:ddbe:2f2b
       Link-local IPv6 Address . . . . . : fe80::e1a7:9cc8:c3c7:d819%10
       Default Gateway . . . . . . . . . :
    Below are the IPConfiguration details for Direct Access server
    C:\Windows\system32>PsExec.exe \\MURA01 ipconfig
    PsExec v1.98 - Execute processes remotely
    Copyright (C) 2001-2010 Mark Russinovich
    Sysinternals - www.sysinternals.com
    Windows IP Configuration
    Ethernet adapter Ethernet:
       Connection-specific DNS Suffix  . :
       IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:3333::1
       Link-local IPv6 Address . . . . . : fe80::b1ad:1c29:b4a:9125%15
       IPv4 Address. . . . . . . . . . . : 10.192.1.25
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 10.192.1.1
    Tunnel adapter Teredo Tunneling Pseudo-Interface:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
    Tunnel adapter isatap.{3D6A5E86-D85A-46C8-B69B-FFCF6D5D849C}:
       Connection-specific DNS Suffix  . :
       IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1:0:5efe:10.192.1.25
       Link-local IPv6 Address . . . . . : fe80::5efe:10.192.1.25%18
       Default Gateway . . . . . . . . . :
    Tunnel adapter 6TO4 Adapter:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
    Tunnel adapter IPHTTPSInterface:
       Connection-specific DNS Suffix  . :
       IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000::1
       IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000::2
       IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000:2552:e9f8:87d3:ed8e
       Link-local IPv6 Address . . . . . : fe80::2552:e9f8:87d3:ed8e%20
       Default Gateway . . . . . . . . . :
    ipconfig exited on MURA01 with error code 0.
    Below are the IPCONFIG Details for SCCM Server:
    C:\Windows\system32>PsExec.exe \\sccm01 ipconfig
    PsExec v1.98 - Execute processes remotely
    Copyright (C) 2001-2010 Mark Russinovich
    Sysinternals - www.sysinternals.com
    Windows IP Configuration
    Ethernet adapter Ethernet:
       Connection-specific DNS Suffix  . :
       Link-local IPv6 Address . . . . . : fe80::9f0:86f9:441d:bc07%12
       IPv4 Address. . . . . . . . . . . : 10.192.1.30
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 10.192.1.1
    Tunnel adapter isatap.{0749E47D-AE0A-4D47-9D37-BDDC848E56F6}:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
    ipconfig exited on sccm01 with error code 0.
    What will be the IPV6 values to configure boundary?

    Depending on how the clients connect use the IPv6 prefix of their 6to4, Teredo, and/ or IP-HTTPS tunnel. Just keep in mind that it could become a long list...
    My Blog: http://www.petervanderwoude.nl/
    Follow me on twitter: pvanderwoude

  • Security Manager for decryption is not set

    Hey,
    I am using the Livecycle virtual appliance in a test version to evaluate its features. When I decrypt an encrypted document with the java API I get an error message that says that the security manager is not set.
    Is the security Manager part of the appliance?
    How can I solve that problem?
    My Code:
            //Set connection properties required to invoke LiveCycle ES                               
            Properties connectionProps = new Properties();
            connectionProps.setProperty(ServiceClientFactoryProperties.DSC_DEFAULT_EJB_ENDPOINT, getConfig("lc.ejb-endpoint.url", "jnp://192.168.56.50:1099"));
            connectionProps.setProperty(ServiceClientFactoryProperties.DSC_TRANSPORT_PROTOCOL,Service ClientFactoryProperties.DSC_EJB_PROTOCOL);         
            connectionProps.setProperty(ServiceClientFactoryProperties.DSC_SERVER_TYPE, "JBoss");
            connectionProps.setProperty(ServiceClientFactoryProperties.DSC_CREDENTIAL_USERNAME, getConfig("lc.ejb-endpoint.username", "jjacobs"));
            connectionProps.setProperty(ServiceClientFactoryProperties.DSC_CREDENTIAL_PASSWORD, getConfig("lc.ejb-endpoint.password", "password"));
            //Create a ServiceClientFactory object
            ServiceClientFactory myFactory = ServiceClientFactory.createInstance(connectionProps);
            //Create an EncryptionServiceClient object
            EncryptionServiceClient encryptClient = new EncryptionServiceClient(myFactory);
            //Unlock the password-encrypted PDF document
            Document unlockedDoc = encryptClient.unlockPDFUsingPassword(pdf, pdfPassword);
            return unlockedDoc;
    Exceptions details:
    Caused by: com.adobe.internal.pdftoolkit.core.exceptions.PDFSecurityAuthorizationException: Security Manager for decryption is not set
        at com.adobe.internal.pdftoolkit.core.encryption.EncryptionImpl.getStreamEncryption(Encrypti onImpl.java:196)
        at com.adobe.internal.pdftoolkit.core.encryption.EncryptionImpl.getStreamDecryptionHandler(E ncryptionImpl.java:263)
        at com.adobe.internal.pdftoolkit.core.cos.CosEncryption.getStreamDecryptionStateHandler(CosE ncryption.java:675)
        at com.adobe.internal.pdftoolkit.core.cos.CosStream.getStreamForCopying(CosStream.java:377)
        at com.adobe.internal.pdftoolkit.core.cos.CosStream.copyStream(CosStream.java:310)
        at com.adobe.internal.pdftoolkit.core.cos.CosStream.getStream(CosStream.java:422)
        at com.adobe.internal.pdftoolkit.core.cos.CosObjectStream.getDataStream(CosObjectStream.java :130)
        at com.adobe.internal.pdftoolkit.core.cos.CosObjectStream.<init>(CosObjectStream.java:80)
        at com.adobe.internal.pdftoolkit.core.cos.CosToken.readObject(CosToken.java:576)
        at com.adobe.internal.pdftoolkit.core.cos.CosToken.readIndirectObject(CosToken.java:108)
        at com.adobe.internal.pdftoolkit.core.cos.XRefTable.getIndirectObject(XRefTable.java:607)
        at com.adobe.internal.pdftoolkit.core.cos.CosDocument.getIndirectObject(CosDocument.java:287 5)
        at com.adobe.internal.pdftoolkit.core.cos.XRefTable.getIndirectObject(XRefTable.java:599)
        at com.adobe.internal.pdftoolkit.core.cos.CosDocument.getIndirectObject(CosDocument.java:287 5)
        at com.adobe.internal.pdftoolkit.core.cos.CosDocument.resolveReference(CosDocument.java:1067 )
        at com.adobe.internal.pdftoolkit.core.cos.CosDictionary.get(CosDictionary.java:278)
        at com.adobe.internal.pdftoolkit.pdf.document.PDFCosDictionary.getDictionaryCosObjectValue(P DFCosDictionary.java:423)
        at com.adobe.internal.pdftoolkit.pdf.document.PDFCatalog.getInteractiveForm(PDFCatalog.java: 156)
        at com.adobe.internal.pdftoolkit.pdf.document.PDFDocument.getInteractiveForm(PDFDocument.jav a:521)
        at com.adobe.formServer.utils.CommonGibsonUtils.isForm(CommonGibsonUtils.java:153)
        at com.adobe.livecycle.formdataintegration.server.FormData.exportDataInternal(FormData.java: 338)
        at com.adobe.livecycle.formdataintegration.server.FormData.exportData2(FormData.java:217)
        ... 81 more

    I think you answered your own question - the PDF is password protected therefore LC can't open it to extract the data.
    You'll have to remove the security first.  You can do that in a process by using the Common.EncryptionService.Remove PDF Password Encryption operation.
    Note that you will need the document's password to remove the security.

  • Specifying system properties/security manager for OC4J

    I have a couple of related questions regarding OC4J/orion.jar:
    1. Generically, how can we specify system properties to orion.jar? Being an executable JAR, simply using -D does not work.
    2. Specifically, I need to launch the OC4J app server with a Java security manager (with associated security policies, etc.) Java's way of doing this is via -Djava.security.manager=... but this does not work with executable JARs it seems. I tried specifying these parameters via -D and I got a security exception:
    Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyP
    rmission java.protocol.handler.pkgs write)
    at java.security.AccessControlContext.checkPermission(Unknown Source)
    at java.security.AccessController.checkPermission(Unknown Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at java.lang.System.setProperty(Unknown Source)
    at com.evermind.server.ApplicationServer.initProtocolHandlers(ApplicationServer.java:652)
    at com.evermind.server.ApplicationServer.launchCommandline(ApplicationServer.java:319)
    at com.evermind.server.ApplicationServer.main(ApplicationServer.java:314)
    So, how do I install the Java security manager with orion.jar? Is there any other way to specify system properties to this, or is there any other way to install the Java security manager for OC4J?
    Any help much appreciated.
    ..Hrishi

    Thanks, that seemed to work. However it seems that spawned another little problem. I was using the -Xbootclasspath/a option while firing up orion.jar because I needed to append something to OC4J's default classpath (that is specified in orion.jar's Manifest). Now, when I start OC4J with the -D options for the security policy, it seems to ignore the -Xbootclasspath argument. I have not yet been able to confirm this fact, but based on the ClassNotFoundError I'm running into, that does seem to be the problem.
    So I guess my question is, could specifying the -D options to the executable JAR cause it to ignore any other options you may be passing to it (such as -Xbootclasspath)? Is there any sequence in which these args need to be passed?
    Thanks.
    ..Hrishi
    Hi,
    You can try this :
    - Check if you have a file java2.policy in <OC4J_HOME>\config\policy and check if the permission java.util.PropertyPermission "read,write" is granted to <OC4J_HOME>.
    if there is no file, you can create one based on <JAVA_HOME>\lib\security\java.policy and grant the approriate privileges.
    - Launch OC4J :
    java -Djava.security.manager -Djava.security.policy=<OC4J_HOME>/config/java2.policy -jar orion.jar
    OR java -Djava.security.manager -Djava.security.policy=<PATH_TO_FILE_POLICY>/<YOUR_FILE>.policy -jar orion.jar
    Maher

  • How to setup the RV120W for quickvpn

    Hello,
    The PPTP client from Windows 7 is not working with this router; therefore I would like to try the quickvpn.
    Is there any paper from Cisco explaining how to setup the RV120W for quickvpn ?
    Thanks for any help

    User Guides for thee rv120W are here:
    http://www.cisco.com/en/US/docs/routers/csbr/rv220w/quick_start/guide/rv220w_qsg.pdf
    http://www.cisco.com/en/US/docs/routers/csbr/rv120w/administration/guide/rv120w_admin.pdf
    and theres some more stuff over on my site:
    http://www.linksysinfo.org/index.php?forums/cisco-small-business-routers-and-vpn-solutions.49/

  • How to have Secure Connection for File Adapter.Pls help

    Hi All,
    For File to File Scenario
    How to have Secure Connection for File Adapter.
    Pls send links/blogs explaining this scenario.
    Regards

    hi rich
    go through these links
    FTPs connection failed - error ".. certificate rejected by ChainVerifier"
    Re: What is SFTP, FTI channels
    http://help.sap.com/saphelp_erp2005/helpdata/en/e3/94007075cae04f930cc4c034e411e1/frameset.htm
    http://help.sap.com/saphelp_erp2005/helpdata/en/bc/bb79d6061007419a081e58cbeaaf28/frameset.htm
    FTPS implementation question.
    http://help.sap.com/saphelp_nw04s/helpdata/en/43/0e16bfd7b021aee10000000a1553f6/frameset.htm
    Server certificate rejected by ChainVerifier:FTPS server(Points Guaranteed)
    /people/krishna.moorthyp/blog/2007/07/31/sftp-vs-ftps-in-sap-pi
    File adapter
    thanks
    Kunaal

  • How to provide security settings for the adobe form using livecycleDesigner

    Hello,
    I am very new to form designing,
    can any one please tell me how to provide security settings for the adobe forms at client side?
    Regards,
    Menaka

    Hi,
    that is a good topic for the ADFS forum.
    ADFS forum - http://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=Geneva
    But you could pass the user-agent as incoming claim type Client User agent. User-agents can be manipulated, so if that is an issue you can look into Device Registration and the Device OS type from there. That is also a incoming claim but requires DRS and
    DRS is not available for all plattforms.
    Hth,
    Lutz

  • How to setup SSL cert for SharePoint apps in a three tier farm with nlb

    I am having trouble understanding how to setup the SSL certificate on SharePoint apps or in general its configuration

    Please check the below thread..
    https://social.technet.microsoft.com/Forums/sharepoint/en-US/53465d30-10b2-48c9-9541-5ade738156b4/how-to-setup-ssl-cert-for-apps
    Don't forget to mark it as an Answer if it resolves your issue and Vote Me as helpful if it useful.
    Mahesh

  • How do the change management for the configuration of the adapters

    Hi all.
    How do the change management for the configuration of the adapters, when i transport the software version component from an development system to production system.
    For example, for to change the url parameters of adapters soap inside the production system. I will need type, the news values in this system?
    Thanks
    Best Regards.

    There is an option to pass all the paramters except those who changes from
    system to system.
    for example,
    if you are reading from a file from the directory: <SYS>\CREMAS_<TS>.XML
    when <SYS> is DEV or QAS or PROD, and <TS> is time stamp,
    you can create channel template that read file with file pattern CREMAS_*.XML,
    this can save you a lot of work, however, parameters that are diffrent in every system, (in this case the directory DEV,QAS,PROD) you must enter manually in every system.

  • How to setup Data guard for SAP database?

    Can someone please tell me how to setup data guard for SAP databases?
    Thanks,
    Abhi

    Hi Abhi,
    have a look at OSS 105047 - Support for Oracle functions in the SAP environment you find this under
    14
    Oracle Data Guard
    You can use "Physical Standby".
    You cannot use "Logical Standby".
    You are allowed to use Fast Start Failover (FSFO) but SAP Support is not provided.
    You can use Data Guard Broker.
    You can use Maximum Performance Mode, Maximum Availability Mode and Maximum Protection Mode.
    In the case of Maximum Availability and Maximum Protection, you must pay particular attention to a fast network connection in order to avoid performance problems.
    Maximum Protection causes the primary database to terminate if problems occur in the standby database.
    And here you find on Oracle white paper from 2010 http://www.oracle.com/us/solutions/sap/wp-ora4sap-dataguard11g-303811.pdf
    Perhaps some SAP user have answers for you http://scn.sap.com/community/oracle/content?query=guard
    regards
    Kay

  • SAP IDM 7.2: How to setup SSO functionality for WebUI of CRM and GRC?

    Hello IDM-experts,
    where can my customer find information about
    SAP IDM 7.2: How to setup SSO functionality for WebUI of CRM and GRC?
    Customer situation description:
    The situation is that we are using SAP IDM 7.2. We are using a functionality to allow our users to access a webpage from where they can gain
    SSO access to the Abap systems via the SAPGui. See screenshot as an example.
    Now what we want is to access the CRM and GRC WebUI also with the same SSO possibility. We cannot find any guide/best practice on how to do
    this or if it is possible via SAP IDM 7.2.
    You can see a weblink in the first screenshot but it does not work. It will ask you for a username and password, see second screenshot.
    Kind regards,
    Daniela

    Do you know how the SAP GUI SSO is setup ? Is it using SNC/Kerberos ?
    If it is (I suspect it is), then you will need to use similar method of authentication for the ICF Services. These cannot use SNC since they are accessed via browser, but what you want is possible.
    Thanks
    Tim

  • How to do delta management for fi module?

    how to do delta management for fi module?

    Hi,
    Take a look on the following help site,It has all most all information about FI extraction:
    http://help.sap.com/saphelp_bw32/helpdata/en/af/16533bbb15b762e10000000a114084/frameset.htm
    With rgds,
    Anil Kumar Sharma .P

  • FormDataIntegration Security Manager for decryption not set

    When trying to export or import from a specific PDF form, I am getting the error below.  I suspect it's the pdf b/c I can import and export from different pdf forms.  Any ideas or help in order to modify or resolve this problem?
    com.adobe.livecycle.formdataintegration.client.ImportFormDataException: Security Manager for decryption is not set
    [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at com.adobe.livecycle.formdataintegration.server.FormData.importData(FormData.java:98)
    [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
    [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at java.lang.reflect.Method.invoke(Method.java:615)
    [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.jav a:118)
    [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     a

    I think you answered your own question - the PDF is password protected therefore LC can't open it to extract the data.
    You'll have to remove the security first.  You can do that in a process by using the Common.EncryptionService.Remove PDF Password Encryption operation.
    Note that you will need the document's password to remove the security.

  • HT1918 How recalled the security question for account iTunes

    How recalled the security question for account iTunes

    Check the AppleCare number for your country here:
    http://support.apple.com/kb/HE57
    Call them up, and let them know you would like to be transferred to the Account Security Team.

  • How to recover security code for itunes store

    How to recover security code for itunes store

    From the link right at the bottom of this very page
    Contact Us

Maybe you are looking for

  • How to Mention Field Lenth

    Hi Experts, I am printing Orderknowlegdement form, in that i am printing Billing Schedule .. Stage  stage% stgAmt Date I want to format this in screen ... since it varies depending on the field length .. i tries wa-stage(40) ...but not working ?? nee

  • Safari acting up after Lion update

    After I updated to Lion... Safari is acting very strange. On each startup... all windows from last launch open. Also, even after setting homepage in preferences, Safari opens to last page in history. All new windows open very small . Any fixes for th

  • Restrict same user using same internet explorer session

    Hi, I encountered a problem here. Hope some one had deal with this problem can help me out. The application was written in BSP. The users are using Internet Explorer 6.0 and 7.0 to use the application. The problem I encountered here is after an user

  • How to install Firefox in English when in Greece?

    I download and install twice the english version of firefox from firefox's website, but when I start installing I don't get asked what is my prefered language and everything start in Greek and finally the greek version is installed again and again!!!

  • Exploiting RIA & RCA functionalities would entail changing in the ABAP code

    Dear All, Could someone please explain  to what extent exploiting the latest RCA & RIA functionalities available in SAP NetWeaver would lead to changing in the underlying ABAP code (SAP native & customized) of an ERP system, ABAP stack. Thank you in