Inter Applet Communication Security Issues

Similar Messages

• Inter Applet Communication across frames - Help Needed

  I am trying inter applet communication across frames. For this to happen I am using an intermidiate
  class which registers two applets and whenever any applet needs reference of other applet it gets it
  through this class.
  The page is an important part of a navigation link. So it is loaded many times while traversing through
  the site.
  Every time I load this page the applet does not paint itself (shows grey or background) and the browser
  stops responding. The machine needs to be restarted. This also happens when we keep that page idle for
  a long time (say 2 hours - session does not time out but applet hangs). I have used another thread object
  which is for utility and accesses the applet in the other frame every 10 seconds or so.
  When the applet hangs it does ot throw any exception or JVM error. This happens on certain machines
  evrytime and never on some machines. The applet hangs only in Microsoft IE 5 & 5.5 and never in Netscape
  4.x.
  What could be the problem?
  Can anyone help me with this problem? Its a deadline project and I can't get through.
  Thanks & Regards,
  Rahul

  Try making the register and getter methods of the intermediate class static synchronized. Then register the applets in their start() methods and unregister them in their stop() methods. Call the getter method of the intermediate class wherever you need access to another applet and never cache the instance you get. You may have to also synchronize all your start() and stop() methods to the intermediate class, as well as all methods that perform interapplet communication.
  Tell me what happenned ...

• On inter-applet communication...

  I have two applets, and I would like one to send a message to the other telling it to update itself. The second applet - the one receiving the request - I've named "statDisplayer" in the <APPLET> tag.
  This is the code I'm using to try to send said request:
  Applet statDisplayer = getAppletContext().getApplet("statDisplayer");
  statDisplayer.displayCharacter(CharacterID);
  When I try to compile it, though, I get a meaningless "cannot resolve symbol error" at the call to the displayCharacter() method. Any thoughts as to what's going wrong?

  Hmm, I seem to be getting the same error. Here's a little more detail, in case it makes a difference...
  Both applets are in the same directory. They're named MUDemo and StatBox, respectively. MUDemo needs to send a call to StatBox asking it to update itself when something changes.
  StatBox has the following method:
  public void displayStats(int CharacterID) {
  Here's the call I'm attempting to make:
  Applet statDisplayer = getAppletContext().getApplet("statDisplayer");
  statDisplayer = (StatBox)statDisplayer;
  statDisplayer.displayStats(CharacterID);
  When I try to compile the MUDemo.java file, I get:
  cannot resolve symbol
  method: displayStats(int)
  location: class java.applet.Applet
  statDisplayer.displayStats(CharacterID);
  ^
  This says to me that it still thinks its a generic applet class, despite the explicit cast. Yes/no? Any thoughts on how to fix it?

• Inter Applet Communication

  Can one applet pass some parameter to another applet which is not on the same webpage?
  Please reply soon.Thanx in advance
  Tarun

  Not directly. If they're on the same site, you can get them both to open connections to the server and communicate via that.

• Applet to Applet communication in one browser process with 2 windows

  Applet to Applet communication in Same IE process bu in different IE windows
  I have two IE windows
  (1) base window
  (2) child window (created through wondow.open() and hence share the same IE process and same JVM)
  Now I have two applets in one in base window and other is in child window and I want to do applet to applet communication. Since both applets are in different windows so AppletContext will not work and I tried to use custom AppletRegistory class to keep each Applet in static Hashtable. Now here comes the problem, Each applet gets different copy of this static Hashtable. i have tried hard to find the reason why a static varible has multiple copies running in the same JVM. Then my friend told me about something called class loader which is according to him is different for each window. I have tried this with two different iframes but in same window and it works fine and the reason being is that they share the same JVM. But why this fails for different windows althougt they also have same JVM?
  I am using JRE v5 update 7 and IE6 on WIN XP SP2.
  Thanks in advance..

  Try this example :
  Files used :
  1). AppletCom.html
  2). First.java
  3). Second.java
  1).AppletCom.html
  <HTML>
  <BODY bgcolor="#FFFFFF" link="#0000A0" vlink="#000080">
  <LI><H2><I>Inter applet communication Applet</I></H2>
  <applet code=First.class name="theFirst" width=250 height=100></applet>
  <applet code=Second.class width=350 height=100></applet>
  <BR>
  Source First.java Second.java
  <P>
  <HR>
  <i>Last updated 8/5/97 Martin Eggenberger</i>
  <HR>
  </BODY>
  </HTML>
  2). First.java
  import java.awt.*;
  <applet code="First" width="200" height="200">
  </applet>
  public class First extends java.applet.Applet {
  //Variables for UI
  Label lblOutput;
  public void init() {
  //Create the UI
  add(new Label("The First applet."));
  lblOutput = new Label("Click on a button in the Second applet.");
  add(lblOutput);
  public Color getcc()
  return Color.pink;
  public String getnm(int a,int b)
  int cnt=a+b;
  String str;
  str="Sum is :_________"+cnt;
  return str;
  public boolean handleEvent(Event event) {
  if ("One".equals(event.arg)) {
  lblOutput.setText("You clicked: One");
  return true;
  } else if ("Two".equals(event.arg)) {
  lblOutput.setText("You clicked: Two");
  return true;
  } else if ("Three".equals(event.arg)) {
  lblOutput.setText("You clicked: Three");
  return true;
  return super.handleEvent(event); }
  3). Second.java
  import java.awt.*;
  import java.applet.*;
  <applet code="Second.java" width="200" height="200">
  </applet>
  public class Second extends java.applet.Applet {
  //Declare the UI variables
  Button btnOne;
  Button btnTwo;
  Button btnThree;
       Applet f;
  Label lb;
  public void init() {
  //Build the UI
  btnOne = new Button("One");
  add(btnOne);
  btnTwo = new Button("Two");
  add(btnTwo);
  btnThree = new Button("Three");
  add(btnThree);
  lb=new Label("SUNO RE KAHANI TERI MERI SHHHHHHH");
  add(lb);
  setLayout(new FlowLayout());
  // lb.setSize(100,100);
  public boolean handleEvent(Event event) {
  if (event.id == Event.ACTION_EVENT && event.target == btnOne) {
       f = getAppletContext().getApplet(new String("theFirst"));
  First applet1=(First)f;
  // int cnt=applet1.givenum(22,25);
  // String str="Sum is:"+cnt+" Fine";
  String str=applet1.getnm(22,25);
  lb.setText(str);
  Color cl=applet1.getcc();
  setBackground(cl);
  return f.handleEvent(event);
  } else if (event.id == Event.ACTION_EVENT && event.target == btnTwo) {
  f = getAppletContext().getApplet(new String("theFirst"));
  return f.handleEvent(event);
  } else if (event.id == Event.ACTION_EVENT && event.target == btnThree) {
  f = getAppletContext().getApplet(new String("theFirst"));
  return f.handleEvent(event);
  return super.handleEvent(event);
  I had this example, so i am sharing it as it is.. instead of giving you any link for tutorial... hope this helps.
  Regards,
  Hiten

• Secure inter-session communication

  How to pass data from one session to another session of same user?
  I mean how to pass it a way that nobody else can intercept?
  Oracle's DBMS_PIPE private pipes are not secure enough, SYSDBA can read/write from/to anybody's private pipe. :(.
  Any ideas?

  Why use DBMS_PIPE ?this was first that came to me for inter-session communication.
  What is the actual requirement that needs to be met? Actual requirement is to provide a session with crypto-key(s) from outside of Oracle, transparently to applications, and so that even SYSDBA could not get the keys.
  The session should use crypto-key in a same manner as VPD does to encrypt/decrypt some sensitive columns transparently to applications and adhoc reports (via layer of views that use the key).
  What is the purpose of those sessions communicating with one another? My first idea was to create a crypto-function that initially (when key is null) listens from pipe to get a key value from it.
  Another session of same user should send the key entered by the user into this pipe.
  Then, after the key received, the first main session proceeds having key in its package memory (or context).
  The problem here is that SYSDBA can mount a man-in-the-middle attack, quickly reading the key from pipe and writing it back.
  Why does that need to be secure? What data will be send? Is this peer-to-peer or client-server?SYSDBA should not know values from sensitive columns. Only users that have a key should.
  DBMS_PIPE is a solution. Not really.
  So it is difficult to comment on your view that DBMS_PIPE is insecure, when not knowing what the actual requirement is. I thought that the fact that SYSDBA can access any pipe is enough to see it is not 100% secure.
  Currently I am looking into externally or globally initialized contexts. Without that supplemental session where user enters a key.
  I am not sure yet if it is a right direction.

• Security issues with cached applets

  Question: Can anyone tell me where there is a summary or discussion of security issues relating to applets cached by the Java Plug-in?
  I'd like to use the Plug-in to cache applets on client boxes, but I'm wondering if that opens a security hole for hostile/attack applets. Most of the write-ups on applet security I've seen only deal with security on the client side. Does Sun or anyone else address "cached-applet security" as it relates to the server from which it was downloaded?

  The cached applets are treated as same as those downloaded from the net - permissions will be granted based on the original codebase - nothing more, nothing less.

• Security issues with Applets

  I have a web server that has access to a database server as i am able to create web pages with ASP and connect to the database fine using a DSN, i have created a web page that contains an applet, the applet attempts to connect to the database but i get a security error, how do i overcome this security issue, the sucurity error looks like this:
  Exception: java.security.AccessControlException: accessdenied(java.lang.RuntimePermission accessClassInPackage.sun.jdbc.odbc)
  Can anyone help??

  There is a java.policy file in
  C:\Program Files\JavaSoft\JRE\1.3.1\lib\security\java.policy
  And a tool you can use in
  C:\Program Files\JavaSoft\JRE\1.3.1\bin\policytool.exe
  You might have to tell the policytool.exe where to open the java.policy file.
  You can also just modify it in a text editor and save it as plain text when you are done.
  I don't know which permission you should look for, but you can try with
  grant {
  permission java.security.AllPermission;
  and remove or comment out the other lines. Make a backup of the policy file before you try it. Restart the browser.
  Note that you have to do this on all client machines that wants to run your applet.

• Why are security issues at bottom of security page

  When first using firefox noticed at bottom of security page several security issues.

  I'm pretty sure you want the iTunes support forum here:
  https://discussions.apple.com/community/itunes
  This is for iTunes U (iTunes for Universities).

• Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery

  HI,
  We are getting following error message for all users while sending mail to external but we able to receive mail from internet.
  Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may
  be preventing delivery.

  Hi,
  Please follow Luke and Shelly’s suggestion to check your SPF record and Send Connector configuration. Also you can post the complete NDR message(with NDR status code) here for further analysis.
  If there is any updates, please feel free to let us know.
  Thanks,
  Winnie Liang
  TechNet Community Support

• Powerview Cannot connect to the server due to a security issue. The server may not have been able to match the host for silverlight

  Hello,
  I have a sharepoint 2010 sp1 CU Dec 2011 server with a SQL Server 2012 SP1 CU4 reporting services instance.  I am able to open Power View and use it normally when bypassing the ISA Reverse Proxy server.  However when going thru ISA I receive the
  following Error.
  Power View  Cannot connect to the server due to a security issue.  The server may not have been able to match the host for Silverlight.  This error appears after I click yes on an Internet Explorer Display Mixed Mode prompt.
  I've seen a couple references to this issue but not much.  This one mentions a clientaccesspolicy.xml file but I haven't had any luck with that.  http://connect.microsoft.com/SQLServer/feedback/details/716433/cannot-connect-to-the-server-due-to-a-security-issue-the-server-may-not-have-been-able-to-match-the-host-for-silverlight
  Any Ideas?  Thanks.
  Ryan

  Hi Ryan,
  Based on my research, the issue should occur due to a by design behavior in Threat Management Gateway (TMG). To work around this issue, you can use SSL between the TMG and the SharePoint Web Server.
  Hope this helps.
  Regards,
  Mike Yin
  TechNet Community Support

• Security issue with connecting to Microsoft Live

  I currently use StudioCloud for my studio management software. However, I'm unable to use the email features of the software as they state "**Adobe Air has a security issue connecting to Windows Live and, as such, StudioCloud can not work with Windows Live/Hotmail at this time.**" (http://app1.studiocloud.com/support/index.php?/article/AA-00265/0).
  Are there any plans on resolving this issue?
  As a small business owner, I need to streamline my processes.  If there is a possibilty of this being fixed in the near future, then I won't look at other options, but if it isn't, then I need to determine if I will be moving my email to another host, or using a different studio managment software, or finding a different method of handing my email communications with my clients which is efficient and meets my needs. 
  Thank you.
  Catherine Bowser

  Reported via a live chat.  I must say that the guy was very helpful and said he'd reported the issue together with the tracert data I had provided.
  Afraid I lose the will when trying to speak to BT by phone!

• Access to Word ODBC security issue maybe

  Hi I have a vba process in an access application that creates a word document and then saves it, automatically to a specific folder and name. This works as expected in windows xp and windows 7. However in windows 8/8.1 the process is halted and a saveas
  dialog is opened to the users library folder with the default name of document1.
  I am wondering whether this is because of some security setting? I have unsuccessfully tried setting UAC to the lowest setting.
  Could this be a security issue? If yes any suggestions?
  Many thanks,
  Jonathan

  Hi,
  As I known, the using of Document.save() is no different in Windows 7 and Windows 8.
  Based on your description, this issue can be caused by configuration environment, please post back your Office version, VBA code and the information about environment here, so that we can determine which cause this issue.
  Kate Li
  TechNet Community Support

• Are you aware about bash security issue CVE-2014-6271 ? Do you have a patch for that? The problem may exist in all Solaris versions.

  Are you aware about bash security issue CVE-2014-6271 ? Do you have a patch for that? The problem may exist in all Solaris versions.

  The official communication is now posted to
      https://blogs.oracle.com/security/entry/security_alert_cve_2014_7169

• CMI adapter and Vista security issues

  Hi,
  We have recently noticed that most of our vista users are complaining that they are unable to run courses despite downloading the latest JRE. On investigating we found that unless we lower the security in IE on Vista CMI adapter aplet is blocked by Vista.
  We run iLearn5.0 - any solutions?
  Kg

  See if using the signed applet resolves the security issue.
  Add the following parameter at the end of the CMI Adapter URL:
  ?lms_signed=on