Problem of granting permissions for a signed applet

Similar Messages

• Problem in Granting permissions for Signed Applet

  Hi,
  I have signed my applet with my self generated certificate. The client browser has imported this certificate in his cacerts keystore as trustcacerts. When I grant permission for my client(manually,in the client machine), I have peculiar errors.
  Case 1 : grant codeBase "http://***.XXX.***.XX/-" { permission java.security.AllPermission; };
  This permission works fine. But the client is able to download all applets from the granted machine, including unsigned applets.
  Case 2: grant SignedBy "dcard" codeBase "http://***.XXX.***.XX/-" { permission java.security.AllPermission; };
  If I add the signedBy tag, this particular grant section is completely omitted by the system. That is, the browsers does not recognize the signedBy tag( & its entire grant block) and throws SecurityExceptions for accessing the local machine.
  Please help me to grant permission for the applet coming from a particular source AND signed by a particulr person.
  Thanks in advance,
  Rajesh
  Note : Plug-in is java1.3.0_02. The public certificate is imported as trustcacerts in all cacerts files in system.

  This is the complete Error :
  WARNING: Attempting to use HTTP Firewall Proxy Server
  due to security restrictions: org.omg.CORBA.INTERNAL: Can not find GateKeeper: java.security.AccessControlException: access denied (java.net.SocketPermission localhost:15000 connect,resolve) minor code: 0 completed: No
  org.omg.CORBA.INTERNAL: Can not find GateKeeper: java.security.AccessControlException: access denied (java.net.SocketPermission localhost:15000 connect,resolve) minor code: 0 completed: No
       at com.visigenic.vbroker.gatekeeper.BridgeEx.login(BridgeEx.java:102)
       at com.visigenic.vbroker.gatekeeper.BridgeEx.loginHelper(BridgeEx.java:71)
       at com.visigenic.vbroker.gatekeeper.BridgeEx.bind(BridgeEx.java:200)
       at com.visigenic.vbroker.interceptor.ChainBindInterceptorImpl.bind(ChainBindInterceptorImpl.java:42)
       at com.visigenic.vbroker.orb.ORB.bind(ORB.java:1196)
       at com.visigenic.vbroker.orb.ORB.bind(ORB.java:1361)
       at com.visigenic.vbroker.orb.ORB.bind(ORB.java:1171)
       at com.platform7.persona.acceptor.GacHelper.bind(GacHelper.java:299)
       at com.platform7.persona.acceptor.GacHelper.bind(GacHelper.java:295)
       at GenericApplet.init(GenericApplet.java:40)
       at sun.applet.AppletPanel.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
  org.omg.CORBA.INTERNAL: Can not find GateKeeper: java.security.AccessControlException: access denied (java.net.SocketPermission localhost:15000 connect,resolve) minor code: 0 completed: No

• What are the default permissions for "self-signed" applets?

  Hello!
  I have a self-signed applet (=signed with a self made certificate) and under most plugin-enviroments java asks the user if it accepts this certificate as trustworth.
  On my linux-box I do not have any problems to write files to the local filesystem after I accepted this self-signed applet.
  However I've often read that users must grant some permissions even for signed applets, so is there a list of permissions that are denied by default?
  Are there differences between java releases starting with 1.2.2?
  Thanks in advance, lg Clemens

  Default settings are like you said, jre asks the user and everything will work.
  Unless.your applet uses classes that are not signed like with calls from javascript to your applet the plugin.jar is used and you'll get an exception when writing to files.
  When writing to files the OS might not allowe the user to write to a certain file or folder.
  Don't know what type of exception will be thrown if the OS doesn't allowe it but it has
  nothing to do with applet permissions.
  To change the default setting you can add the following line in the grant { bit of the
  java.policy
  permission java.lang.RuntimePermission "usePolicy";
  When this line is there all signatures will be ignored and an applet can only do extra
  things (like access to local files) if a policy is set up for this applet.
  To find out what's wrong at your clients site you should ask them to send a full trace
  and check that. I hope you did a .printStacktrace() on the exception in your code so
  you can see if any other classes are involved when the exception is thrown.
  To turn the full trace on (windows) you can start the java console, to be found here:
  C:\Program Files\Java\j2re1.4...\bin\jpicpl32.exe
  In the advanced tab you can fill in something for runtime parameters fill in this:
  -Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|security|ext|liveconnect
  if you cannot start the java console check here:
  C:\Documents and Settings\userName\Application Data\Sun\Java\Deployment\deployment.properties
  I think for linux this is somewhere in youruserdir/java (hidden directory)
  add or change the following line:
  javaplugin.jre.params=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
  for 1.5:
  deployment.javapi.jre.1.5.0.args=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
  The trace is here:
  C:\Documents and Settings\your user\Application Data\Sun\Java\Deployment\log\plugin...log
  I think for linux this is somewhere in youruserdir/java (hidden directory)

• Grant permission for a signed applet

  I have my jar file signed. Now, I hate to have the user to modify their .java.policy file, beside, I did not have my certificate verified by Verisign. Is there any other way to do it? I have read some posts which the user of the signed applet will see a pop up dialog while loading the signed applet, if they click on "grant all access", then the applet will have all the permission. Can anyone tell me how to do that?
  Thanks
  Andy

  nicoleman1 put together a "tutorial" on signing your applet (jar). The instructions will work for all browsers that support the Java Plugin.
  Here is a link to the thread:
  http://forum.java.sun.com/thread.jsp?forum=63&thread=174214
  Pete

• Grant permissions dynamically in a applet

  I am try to write a java applet and wants it can the access the local disk...
  I know one way is modify the Security policy files in the JRE ( this method can support signed or unsigned applet ), but this need user manually modification before run the applet.
  Can any method support grant permissions dynamically in java applet.
  e.g
  prompt a dialog to ask the user do they allow the applet grant the permissions

  Just try to sign your applet , it's easy to do . if you want to know the process of how to sign your applet , i can give you some advise , my email address is :[email protected] . Best wishes !

• For a signed applet am getting java.security.PrivilegedActionException:

  I have a signed applet,now for testing it's a self signed applet.
  It used for adding files using JFilechooser.
  It works fine in my machine with JRE version 1.5.0_12 .
  In other machines having jre version with 1.5 onwards it's working fine.
  But one problem am facing now is ,whenever we call a method in applet
  thorugh javascript it is giving security error . This problem comes only when the applet is running in some other machine having a diff jre (in that system the applet loads well,problem comes only when we access any applet method from a javascript).
  Is it due to the diff of java enabled in javascript (at client browser) and in applet (when complied and created the singed jar )
  bellow shows part of the error.
  java.security.PrivilegedActionException: java.lang.reflect.InvocationTargetException
  at java.security.AccessController.doPrivileged(Native Method)
  at sun.plugin.liveconnect.SecureInvocation$2.run(Unknown Source)
  at java.security.AccessController.doPrivileged(Native Method)
  at sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
  Caused by: java.lang.reflect.InvocationTargetException
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
  at java.lang.reflect.Method.invoke(Unknown Source)
  at sun.plugin.javascript.JSInvoke.invoke(Unknown Source)
  at sun.reflect.GeneratedMethodAccessor5.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
  at java.lang.reflect.Method.invoke(Unknown Source)
  at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
  at sun.plugin.liveconnect.PrivilegedCallMethodAction.run(Unknown Source)
  ... 4 more
  Caused by: java.security.AccessControlException: access denied (java.io.FilePermission C:\Documents and Settings\dnixon\My Documents\photos\astro1.jpg read)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkRead(Unknown Source)
  at java.io.File.exists(Unknown Source)
  Please any one help.
  thanks in advance
  It's very urgent

  [http://forums.sun.com/thread.jspa?forumID=421&threadID=5308353]

• Problem with granting permissions in the security policy file

  Hi,
  I have a security policy file. I am granting permissions to some files. Now even if I have given permissions explicitly it doesnt taking it and gives error. My code snippet is as follows:
  grant codeBase "file:${jboss.server.home.dir}/deploy/jboss-ws4ee.sar/-"{
       permission java.security.AllPermission;
  The stack-trace for the same is as follows:
  11:09:49,518 ERROR [MainDeployer] Could not initialise deployment: file:/C:/Java/jboss-4.0.2/server/all/deploy/jboss-ws4ee.sar/jboss-ws4ee.war
  java.security.AccessControlException: access denied (java.io.FilePermission C:\Java\jboss-4.0.2\server\all\tmp\deploy\tmp17221jboss-ws4ee.war read)
       at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
       at java.security.AccessController.checkPermission(AccessController.java:401)
       at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
       at java.lang.SecurityManager.checkRead(SecurityManager.java:863)
       at java.io.File.lastModified(File.java:771)
       at org.jboss.deployment.MainDeployer.init(MainDeployer.java:866)
       at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:765)
       at org.jboss.deployment.MainDeployer.addDeployer(MainDeployer.java:360)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
       at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:121)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:74)
       at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:127)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:74)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
       at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:177)
       at $Proxy37.addDeployer(Unknown Source)
       at org.jboss.deployment.SubDeployerSupport.startService(SubDeployerSupport.java:111)
       at org.jboss.web.AbstractWebContainer.startService(AbstractWebContainer.java:600)
       at org.jboss.web.tomcat.tc5.Tomcat5.startService(Tomcat5.java:409)
       at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:272)
       at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:222)
       at sun.reflect.GeneratedMethodAccessor11.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
       at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:897)
       at $Proxy0.start(Unknown Source)
       at org.jboss.system.ServiceController.start(ServiceController.java:418)
       at org.jboss.system.ServiceController.start(ServiceController.java:440)
       at sun.reflect.GeneratedMethodAccessor9.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
       at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:177)
       at $Proxy4.start(Unknown Source)
       at org.jboss.deployment.SARDeployer.start(SARDeployer.java:273)
       at org.jboss.deployment.MainDeployer.start(MainDeployer.java:964)
       at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:775)
       at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:738)
       at sun.reflect.GeneratedMethodAccessor19.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
       at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
       at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:121)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:74)
       at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:127)
       at org.jboss.mx.server.Invocation.invoke(Invocation.java:74)
       at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
       at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
       at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:177)
       at $Proxy8.deploy(Unknown Source)
       at org.jboss.deployment.scanner.URLDeploymentScanner.deploy
  Here I am giving all permission which in turn encapsulate FilePermission also. So this should work. But why it is bypassing this permission?
  Any clues?!
  Thanks.
  Jahnvi

  grant codeBase
  "file:${jboss.server.home.dir}/deploy/jboss-ws4ee.sar/-"{That's not a codebase, it's a specification for a FilePermission. A codebase is a list of one or more directories or JAR files expressed as URLs.

• Java.security.AccessControlException: access denied; for a signed applet

  Hi,
  I have a signed applet which is used to read local files. When I call the applet method which is reading the file, from javascript I am getting "java.security.AccessControlException: access denied ". Where as if the method gets called during applet load, file is read without errors? How can I get over this problem?
  If there is a way loading the applet based on a condition from Javascript, please let me know.
  Thanks,

  [http://forums.sun.com/thread.jspa?forumID=421&threadID=5308353]

• Granting permissions for JAVA STORED PROCS

  If I imported a java class file as user test and created a stored proc, how can I grant permissions to all the users in the DB? Do I have to grant permissions on JAVA CLASS itself when I load it or Do I have to grant permissions on the Stored proc or Both?
  Any help will be greatly appreciated.
  null

  Note: I can manually add the file with the command -
  loadjava -v -user user/password@sid sqljdbc.jar (pg 261 in Oracle Database Programming using Java and Web Services by Kuassi Mensah)
  Which is what I have done to get this to work. But the question still stands - How do I get the sqljdbc.jar file to be loaded when deployed using the deployment descriptor?
  Thanks, Ken

• SQL 2008 grant permissions for a specific user to query a specific DB DMV ?

  Hello is there a way to allow a user to query a particular DB's DMVs (DB-level but not on the entire SQL Server-level) ?
  Thanks in advance.

  The last three are catalog views, to which all users have access, but they are only to see information for objects they have permission to.
  What you can do is to package a particular query in a stored procedure which you sign with a certificate. Then you create a login from that certificate and you grant that login VIEW SERVER STATE. This article on my web site explains this technique in detail:
  http://www.sommarskog.se/grantperm.html
  Erland Sommarskog, SQL Server MVP, [email protected]

• Problem of security warning for self signed JARs

  Hello All
  I have made a jar file and self signed ( using keytool and jarsigner). Then having attached in a form, I put it in 10g rel 2 Oracle A/S. When accesing in a web browser in LINUX , security warning shows The application's digital signature is invalid. Do you want to continue ?

  Hi Kevin
  I have the exactly the same requirement as yours....
  (1. write a file into client file system, then
  2. launch an application to edit this file, then
  3. read the edited content from the file).
  Plz go thru the following. I signed my applet as follows:-
  makecert -sk exec -n "CN=Hemanth" exec.cer
  cert2spc exec.cer exec.spc
  javac ExecNP.java (ExecNP.java is the applet code. I have given the code of the applet)
  cabarc -s 6144 n exec.cab ExecNP.class
  setreg 1 true
  signcode -j javasign.dll -jp exec.ini -spc exec.spc -k exec exec.cab
  chkjava exec.cab
  Code of ExecNP.java :-
  import com.ms.security.*;
  import com.ms.security.permissions.*;
  import java.lang.Runtime.*;
  public class ExecNP extends java.applet.Applet
  public void init()
       try {
            PolicyEngine.assertPermission(PermissionID.EXEC);
            Runtime.getRuntime().exec("c:\\windows\\notepad.exe");
       } catch(Exception e) {
  Here is the html code :-
  <applet code=ExecNP width=800 height=200> <PARAM NAME='cabbase' VALUE='exec.cab'> </applet>
  When I try to open this html file I get the following exception in the Java Console
  java.lang.UnsatisfiedLinkError: initPolicyEngine
  Please tell me whats wrong.
  Hemanth.

• Problems with Disc Permissions for Java Virtual Machine

  hi,
  My machine (10.6.6) crashed. I had the spinning beach ball.
  Force Quit and On/Off did nothing.
  I needed to unplug and remove the battery to restart.
  After that, I did Repair Disk Permissions.
  It finds a bunch of things for Java Virtual Machine/1.6.0/jdk
  It says it fixes it.
  But if I reboot and and run Repair Disk Permissions again,
  it still finds the same problems.
  How do I get it fixed?

  Hi,
  these permission errors are normal. There's nothing to be worried about. If you search around (you did search around first, right?) you'll find that most, if not all, Snow Leopard users see these messages.
  HTH.
  S.

• [Solved] Problem with file permissions for a group

  I'm working on a simple Apache HTTP server just to get a small education in proper unix work.
  To save myself sudoing everything (and generally because it seems the proper way to use unix), I'm trying to give my user control over the /srv directory. So I ran:
  - `sudo groupadd srvadmin` to create a group called srvadmin
  - `sudo chown -R :srvadmin /srv` to change the group-owner of /srv to srvadmin (and all files inside it)
  - `sudo chmod -vR g+w /srv` to give /srv and all its files group write permission
  - `sudo gpasswd -a <me> srvadmin` to add my user to the srvadmin group
  But I still can't create or edit files in /srv
  "ls -l / | grep srv" gives:
  drwxrwxr-x 4 root srvadmin 4096 Dec 19 17:44 srv
  all the files and directories inside /srv also have group write permissions and are owned by user "root" and group "srvadmin"
  "cat /etc/group | grep srv" gives:
  srvadmin:x:1000:<me>
  However, possibly herein lies a clue:
  "id" gives:
  uid=1000(<me>) gid=100(users) groups=100(users),7(lp),10(wheel),50(games),91(video),92(audio),93(optical),95(storage),96(scanner),98(power)
  That is, "id" doesn't tell me I'm in the srvadmin group.
  It seems like there's an important concept about groups and permissions that I'm not getting, but reading several man and wiki pages hasn't enlightened me. Could anyone suggest what I'm missing?
  Thanks.
  Last edited by bjackman (2012-01-15 20:43:09)

  fsckd wrote:
  bjackman wrote:Edit: I'm guessing only mods can put [Solved] tags in a title?
  No, our job is to tell you to do it yourself: https://wiki.archlinux.org/index.php/Fo … ow_to_Post (second to last bullet)
  Ok, this is pretty embarrassing given the parallels with the topic of this thread, but I coudn't edit the title (which is the reason for my earlier remark; I assumed I didn't have permission)!
  The text box was un-editable (not "disabled", I just couldn't edit the text in it). I managed to change it in the end by deleting all the text and typing a new title. I think it may have been just because the title was at the exact character limit.

• JRE 1.4.x Plugin - Signed Applets and Weird Behaviour (Policy)

  Hello.
  I have recently experienced some strange behaviour related to signed applets and policy files in JRE 1.4.2-b28 ( a friend got the same behaviour in a flavour of 1.4.1-xx as well ). Both tests were on Windows 2000 Professional platforms.
  Initially my unsigned applet, which attempts socket connections to a server different from the download location, fails with security exceptions ( as expected ). Then I did the following to sign the applet jar and configure my environment
  Steps: 1) Import "trusted CA" certificate into ${java.home}/lib/security/cacerts. (JRE home outside the JDK)
  2) Signed the jar using jarsigner and a certificate generated from the "trusted CA" (Entrust CA and certificate).
  3) Imported the signing certificate into the Java plugin using import in the plugin control panel.
  4) Created a new keystore (keytool,jks) and imported the signing certificate into the keystore with alias "developer". The keystore is stored in the user home as .keystore.
  5) Created a .java.policy for the user and attaching the keystore in 4) to it. ( also stored in user home ).
  6) Used the policy tool to grant socketpermissions to the specific codebase ( testing with file:/C:/test/* initially ) signed by "developer"
  After this, when I ran the test page under IE 5.5SP2 and Netscape 7.1 it worked without any security exception. Ditto for using the appletviewer and the policy file I created for the user.
  The weird part occurred when I removed the policy entry from the user policy file. After doing this, Netscape and IE still allow the applet to execute - somehow remembering that it was granted permissions at some point. The appletviewer does not allow it to execute, generating security exceptions.
  It appears the old policy is being cached somewhere, but I cannot find where. If I replace the applet jar with an unsigned version it does fail in IE and Netscape. I tried cleaning the plugin cache and removing the "deployment.certs" files related to the users but still get the same behaviour.
  Does anyone know where the old policy information is being stored ? Does anyone know how to revoke the permissions so that I am restored to my original base environment ( no permissions for "designer" signed applets ) ? Would attempting to utilize the AccessController.doPriveleged( xxxx ) operations in JDK 1.4 avoid all of this confusion with policy files, keystores and certificate storage ? After all the messing about I would like a zero-footprint alternative ( or minimzed footprint anyway ).
  Any ideas would be most welcome.
  Regards,
  James.

  Hello Again.
  I am either enlightened or confused at this point. I found that as long as all of my related Jars are signed ( even by self-signed certificates ) I am granted SocketPermissions for calls outside of the originating server. Unsigned code is refused, but even when the Jars were signed using a self-signed certificate the Socket calls were allowed.
  Am I experiencing the appropriate behaviour in this case ( which would mean not having to utilize policy files to distribute an applet that uses calls to arbitrary servers - e.g. JavaMail ) or am I suffering from something damaged in my environment ?
  It has been a long time since I played with signed applets and I am having difficulty determining what operations require policy file entries/AccessController.doPrivileged() calls and which are granted when a user elects to trust a signed applet without policy.
  Any assistance in clearing up my confusion would be appreciated.
  Regards,
  James.

• Signed Applet Database Connection..

  it works in my Test HTML..
  <html>
  <head>
       <meta http-equiv="Content-Type" content="text/html;charset=utf-8" >
       <title>Java Applet</title>
  </head>
  <body>
       <p>Applet Test</p>
       <p>
            <applet code="Main.class" archive="flowchart.jar" width="90%" height="90%" alt="Sorry, you need Java to run this Applet">
                 <param name="Username" value="root" />
                 <param name="DatabaseType" value="MySQL" />
                 <param name="Database" value="OQMcontrolec30_validatie_mysql" />
                 <param name="Server" value="192.168.5.4" />
                 <param name="ProcesID" value="72" />
            </applet>
       </p>
  </body>
  </html>it doesn't work on the server..
  <body BOTTOMMARGIN=0 LEFTMARGIN=0 MARGINHEIGHT=0 MARGINWIDTH=0 SCROLL=no>
  <APPLET code="Main.class" codebase="./" height="100%" width="100%" archive="flowchart.jar">
  <param name="Username" value="root" />
  <param name="DatabaseType" value="MySQL" />
  <param name="Database" value="OQMcontrolec30_validatie_mysql" />
  <param name="Server" value="192.168.5.4" />
  <param name="ProcesID" value="<?=$_GET['id']?>" />
  <br>
  Sorry, your browser doesn't support Java.
  <br>
  </APPLET>I get this for an error in Java Console (using firefox)
  jdbc:mysql://192.168.5.4:3306/OQMcontrolec30_validatie_mysql
  com.mysql.jdbc.CommunicationsException: Communications link failure due to underlying exception:
  ** BEGIN NESTED EXCEPTION **
  java.net.SocketException
  MESSAGE: java.security.AccessControlException: access denied (java.net.SocketPermission 192.168.5.4:3306 connect,resolve)
  STACKTRACE:
  java.net.SocketException: java.security.AccessControlException: access denied (java.net.SocketPermission 192.168.5.4:3306 connect,resolve)
       at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156)
       at com.mysql.jdbc.MysqlIO.<init>(MysqlIO.java:277)
       at com.mysql.jdbc.Connection.createNewIO(Connection.java:2668)
       at com.mysql.jdbc.Connection.<init>(Connection.java:1531)
       at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266)
       at java.sql.DriverManager.getConnection(DriverManager.java:582)
       at java.sql.DriverManager.getConnection(DriverManager.java:185)
       at Main.init(Main.java:200)
       at sun.applet.AppletPanel.run(AppletPanel.java:419)
       at java.lang.Thread.run(Thread.java:619)
  ** END NESTED EXCEPTION **
  Last packet sent to the server was 157 ms ago.
       at com.mysql.jdbc.Connection.createNewIO(Connection.java:2741)
       at com.mysql.jdbc.Connection.<init>(Connection.java:1531)
       at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:266)
       at java.sql.DriverManager.getConnection(DriverManager.java:582)
       at java.sql.DriverManager.getConnection(DriverManager.java:185)
       at Main.init(Main.java:200)
       at sun.applet.AppletPanel.run(AppletPanel.java:419)
       at java.lang.Thread.run(Thread.java:619)and that sort of repeats itself on every query I do..
  now I've read around the forum that when calling an applet from javascript it isn't trusted.. even when it's signed
  this here is called with PHP.. and I think it isn't trusted either
  how do I make it trusted?
  Edited by: Nizzle on Nov 19, 2007 10:28 AM

  sabre150 wrote:
  Nizzle wrote:
  Yes =)
  I'm pretty sure it has something to do with the applet being "Self-Signed"I don't think so. I use "Self-Signing" without problems like this.it seems that I have a .java.policy file in my userfolder..
  which granted permissions for me on local applet test stuff..
  so now I've removed that the signed doesn't do anything.. anywhere =(
  I signed it like this:
  keytool -genkeypair -dname "cn=TAG Software, ou=TAG Software, o=TAG Software, c=NL" -alias business -keypass w8woord135 -keystore /home/niels/TAGkeystore -storepass w8woord -validity 365
  jarsigner -keystore TAGkeystore -storepass w8woord -keypass w8woord135 flowchart.jar business