Security permissions question about Applets

Similar Messages

• Question about Applet Securities / Permissions

  Hi,
  I'm about to begin work on a program that will utilize GData API to communicate with Google Calendars. I was wondering if this is going to be allowed in an applet, or if I would have to create it as a Java Application.
  I was looking at: http://java.sun.com/docs/books/tutorial/deployment/applet/security.html
  where it says "It cannot make network connections except to the host that it came from."
  I was wondering if that means I wouldn't be able to use to GData API to retrieve/create events in a Google Calendar.
  Thank you,
  Christopher

  Welcome to the Sun forums.
  elwell.christopher wrote:
  I was wondering if that means I wouldn't be able to use to GData API to retrieve/create events in a Google Calendar.Cool. Be sure to report the results of your experiment to test that. I'm sure others will be interested. And of course, feel free to drop back by if you have a question.

• Three questions about applets

  First I double click the html file, and then it opens up Internet Explorer but the information bar says:
  To help protect your security, Internet Explorer has restricted this file from showing active content that could access your computer. Click here for options... so I click it and have to allow the blocked content.
  Question 1: Is there anything I can do so that it doesn't block my applet?
  Now on the Internet Explorer page my applet shows, but it doesn't have a background.
  Question 2: Why isn't the background showing?
  If there is a problem, it would probably be in here:
  public void actionPerformed (ActionEvent e)
       processButton(e.getActionCommand());
  void processButton(String command)
       if(!command.equals("a"))
              setNumSqFt();
           setAllLabels();
           repaint();
      public void init()
     try
       setLayout(new GridLayout(1, 0));
            WorkOK().setOpaque(false);
              WorkOK().setSize(new Dimension(600, 400));
           JScrollPane sp = new JScrollPane(WorkOK());
            sp.getViewport().setOpaque(false);
       add(sp);
           sp.setOpaque(false);
           String url = "http://i93.photobucket.com/albums/l45/dazednconfused101/tile.gif";
           setSize(800,500);
           setVisible(true);
           Border bckgrnd = new CentredBackgroundBorder(ImageIO.read(new URL(url)));
            sp.setViewportBorder(bckgrnd);
              sp.repaint();
       catch (MalformedURLException e)
                System.err.println("FileNotFoundException: " + e.getMessage());
       catch (IOException e)
                System.err.println("Caught IOException: " + e.getMessage());
  public void start(){
       System.out.println("Applet starting.");
    public void stop(){
       System.out.println("Applet stopping.");
    public void destroy(){
       System.out.println("Destroy method called.");
    }Now for Question 3: How do I fix this?
  Thanks in advance

  For Question 1 ,
  Question 1: Is there anything I can do so that it doesn't block my applet?If you want to run active content/applet in all files on your hard disk, then you need to open menu Tools / Internet Options / Advanced tab / Security section and make sure that "Allow active content to run in files on My Computer" is checked.

• General question about Applets!

  Hi,
  I have a Win program I need to upgrade as a Web one.
  So, I'm not sure whether I should use an applet whetther do it with JSPs...
  I've used Java applets 4 years ago and I met some printings, (very)long downloading, security, ...problems.
  Obviously, the graphic result would be much better for me with an applet but could you please tell me if Java applets for Java 1.4.1 is more reliable that it used to be. Otherwise, I would finally choose JSP technology :-)
  Thx in advance,
  -G-

  the graphic result will probably not be better with applets at all. They exist to make it far easier to port java programs to the net, but they are pretty horrible to use as a result (as you have experienced). Problem is, users don't care about what makes it tick, they just see them as slow and generally rubbish. I would use JSPs or servlets, which are a far better use of Java's power. However, you will need to do more work. They can both call out to external classes and beans, so you can reuse that way, but obviously you will need to have a think about how to restructure the I/O. You just have to look at skills demands to see whats good and whats not... just about every java job now asks for J2EE (servlet, JSP and other stuff) skills, but when was the last time you saw a job ask for applet skills?!

• Security scanning - question about Windows service

  Hello,
  As part of our internal security requirements all new servers are being scanned by a Nessus engine before being released to production.  My two new Lync FE servers have been tagged with having a high-level vulnerability.  See below.  It calls
  out the Windows Identity Foundation service as having an 'unquoted service path' in the registry.  
  Before I comply with trying to 'fix' this 'vulnerability', I was wondering if anyone else runs similar internal security...and if so, have you successfully 'fixed' something like this.  I'm a little reluctant to go mucking about in the registry to modify
  this 'service path' to include quotes.
  Thanks in advance for any advice/replies.  vulnerability data below:
  445/tcp 63155 - Microsoft Windows Unquoted Service Path Enumeration [-/+] Synopsis The remote Windows host has at least one service installed that uses an unquoted service
  path.
  Description
  The remote Windows host has at least one service installed that uses an unquoted service path, which contains at least one whitespace. A local attacker could gain elevated
  privileges by inserting an executable file in the path of the affected service.
  See Also
  http://isc.sans.edu/diary.html?storyid=14464
  http://cwe.mitre.org/data/definitions/428.html
  http://www.commonexploits.com/?p=658
  Solution Ensure that any services that contain a space in the path enclose the path in quotes.
  Risk Factor High CVSS Base Score 7.2 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
  CVSS Temporal Score 6.5 (CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
  Exploitable with Metasploit (true) Plugin Information:
  Publication date: 2012/12/05, Modification date: 2012/12/17 Ports tcp/445
  Nessus found the following service with an untrusted path: c2wts : C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe 

  Hi,
  Thanks for posting in Microsoft TechNet forums.
  This can be a false alarm from the Nessus product. We can reinstall WIF 3.5 to see if the issue can be fixed. We can also try contacting the manufacturer/support of the Nessus product regarding this issue.
  Regards
  Kevin
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback
  on our support quality, please send your feedback here.
   

• Some question about applet

  how to close the IE window which contain the applet when the user click some button on the applet?
  and how to modify the IE window's size, position and title?
  thx very much

  I would add some JavaScript or VBScript to the page
  and have your java applet call the javascript
  function.
  JavaScript has acces to close the browser and to
  change the windows size, location, attributes (ie make
  it full screen, etc)
  You can use the JSObject from netscape...
  to allow your Applet to interact with javascript...thx very much

• Basic question about applets

  Hi,
  Can someone tell me when you run an applet on a web page where does it run??.. Does it run from the server or does the client browser download a copy a run it from there. Is there a good web site that explains all of this..
  Thanks
  Joolz

  the client browser download the applet from the server and run the applet on the client side (this is why you need a JVM to run the applet)

• Strange question: about Applet

  My applet only import:
  import java.applet.*;
  Why it said "class not found" when loaded it in browser?

  I have tried in IE6 and IE5.5,they can't load the class file too,
  and if I use the java plugin,it works ok.
  But my program import nothing not include in jdk1.1,
  so it's too strange.
  I am sure the file in that directory and
  no error or warning when compilation.
  what browser are you using?
  some possible reasons:
  1.the browser is using lower version of vm than the
  development enviroment
  2.the applet files are not in that directory
  3.something wrong in your html file
  by the way, did your applet work in IE?

• Security permissions question

  Can anyone tell me what the following permission in my java.policy file does?
  java.util.PropertyPermission "file.encoding", "read";
  Thanks in advance,
  Liam.

  file.encoding is a property that defines the default character encoding for the current system. The line that you mentioned allows resources to retrieve the value of that property: String encd = System.getProperty("file.encoding")

• Question about firefox permissions for sites

  i have a question about sites permissions
  in google chrom it is easy to set permission for each site like (java, flash plugin, image , ...)
  http://i58.tinypic.com/nl66v9.png
  but i prefer to use firefox
  is there any addon or something else to have this options in firefox ?

  You can inspect and manage the permissions for the domain in the currently selected tab via these steps:
  *Click the "[[Site Identity Button|Site Identity Button]]" (globe/padlock) on the location/address bar
  *Click "More Information" to open "Tools > Page Info" with the Security tab selected
  *Go to the Permissions tab (Tools > Page Info > Permissions) to check the permissions for the domain in the currently selected tab
  You can inspect and manage the permissions for all domains on the <b>about:permissions</b> page.
  *https://support.mozilla.org/kb/how-do-i-manage-website-permissions

• Question about permissions in portal content

  Hi all,
  I'd like to ask you guys a question about permissions given to pages in the portal content (EP 6.0).
  When a user accesses a page that contains an iView (for example one for a Web Dynpro, or for a BSP), and the page permissions are correctly set for the user (or a group the user is member of), everything works fine and the user can see and use the application contained in the iView.
  If the Page has no permissions set and the user tries to access this page, an empty page appears instead and the "Detailed Navigation" column appears on the left.
  I know I should not let the user see the link to the page he is not authorized to use (this is done managing the roles given to the user), but I'd like to know from you if it is possible to show a message like "unauthorized user" instead of the empty page that appears.
  Can you also tell me how to keep the "Detailed Navigation" column hidden on the extreme left?
  Thank you for any hint you can give to me.
  Lorenzo

  Hi Lorenzo,
  a way how you might go ahead and hide or show content for specific user groups is via roles merging (see documentation <a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/53/89503ede925441e10000000a114084/content.htm">http://help.sap.com/saphelp_nw2004s/helpdata/en/53/89503ede925441e10000000a114084/content.htm</a>
  In essence, this means that you create for example 2 roles (A and B): A contains some content everyone can see, B more secure content for another group. You merge those 2 roles via a merge ID - and if a user has both roles, he sees the content in this workset with all the navigation options. If somebody only has role A, he will only see this content.
  Maybe this is someting that could help with you considerations (always depending on the number of items that are affected, this might be a useful way, or leading to too much confusion, because you have too much different roles).
  Best regards
  Jana

• HT201303 hi just got my new apple ipod touch i need to update my security information other wise it wont let me download apps it says to enter three questions about myself and i get to the third question and it wont let me enter the third question

  hi just got my new apple ipod touch and to download apps it wants to add questions about myself for more sercurity information. i get up to question 3 and it wont let me select a question but it will let me write an answer so i just pressed done and then it says i cant carry on because ive mised out information when it wont let me do a question!

  Welcome to the Apple community.
  You might try to see if you can change your security questions. Start here, change your country if necessary and go to manage your account > Password and Security.
  I'm able to do this, others say they need to input answers to their current security questions in order to make changes, I'm inclined to think its worth a try, you don't have anything to lose.
  If that doesn't help you might try contacting Apple through Express Lane (select your country, navigate to iCloud help and enter the serial number of one of your devices)

• Question about internet security...please help!

  Hi everyone,
  I have a question about the macbook's internet security.
  A few days ago I became aware that my sibling was using a laptop for internet use at my house which he got from a person that I do not trust. He is very computer-savy and we're worried that he may have installed some form of spy ware on that laptop and in turn, may have tried (or succeeded) in accessing my Macbook through some form of spyware. My house is hooked up with a D-Link wireless router, and at the time, it had no internet/access-password.
  So my question is, could this person have accessed my computer and personal information remotely by and through the laptop that my sibling got from him. I was under the impression that Mac's have very strong firewalls, but I have also heard that as long as he knew what he was doing, he could have accessed my computer. I don't have a wireless "network" set up at my house, I just simply use the router for internet. But my sibling told me that this guy was his "network administrator" which leads me to believe that he must have had remote access to the laptop.
  Can anyone with knowledge on this problem please weigh in and let me know what I need to do to confirm that no one has accessed anything from my macbook.
  Thanks!

  One option if you want to be extra safe is turning on FileVault (System Preferences -> Security), which will encrypt everything on your computer so that if somehow someone does gain access to your computer they will have a next to zero chance of being able to read anything they get from your computer. You have to have a lot of extra hard drive space on your computer to turn it on though.
  Also, a "network" is just a connection between computers, regardless of the internet is involved or not. So when you connect your computer to the router which gives you the internet, you are putting your computer on a network. Now I believe that in order for this person whom you don't trust to gain remote access to your computer, they would have to have more information such as an IP address for your computer, through the router in order to get to it.
  One thing I think is very important to consider that isn't on the technical side of things is something called "Social Engineering" which is a form of cracking, or hacking. You can do your own research, but in a nutshell Social Engineering is getting people that have access to something I'm trying to hack to give me information. For instance, this person you don't trust could be giving your brother the computer in the hopes that he will download something through your router to that laptop which could give him IP addresses and other information. And then when he gets that laptop back he could scan it for useful information and your brother wouldn't know he did anything wrong at all. The best way to avoid this is purely education and communication. Even if your brother doesn't share the same suspicions about this person, surely he will understand the need to be careful and smart when it comes to sharing personal information in the digital world.

• TS2446 I forgot the security question about what was my first car and what is my favorite car! What is the solution to change that? please help me, thank you in advance Leo

  I forgot the security question about what was my first car and what is my favorite car! What is the solution to change that? please help me, thank you in advance Leo

  If you have a rescue email address set up on your account then you can try going to https://appleid.apple.com/ and click 'Manage your Apple ID' on the right-hand side of that page and log into your account. Then click on 'Password and Security' on the left-hand side of that page and on the right-hand side you might see an option to send security question reset info to your rescue email address.
  If you don't have a rescue email address set up then go to Express Lane  and select 'iTunes' from the list of 'products' in the middle of the screen.
  Then select 'iTunes Store', and on the next screen select 'Account Management'
  Next choose 'iTunes Store Account Questions' or 'iTunes Store account security' (it appears to vary by country) and fill in that you'd like your security questions/answers reset.
  You should get an email reply within about 24 hours (and check your Spam folder as well as your Inbox)

• HT5312 HOW TO KNOW THE SECURITY QUESTIONS ABOUT APPLE ID?

  HOW TO KNOW THE SECURITY QUESTIONS ABOUT APPLE ID?HOW TO KNOW THE SECURITY QUESTIONS ABOUT APPLE ID?

  If you have a rescue email address (which is not the same thing as an alternate email address) set up on your account then steps 1 to 5 on the page that you posted from should let you reset them : go to https://appleid.apple.com/ and click 'Manage your Apple ID' on the right-hand side of that page and log into your account, then click on 'Password and Security' on the left-hand side of that page and on the right-hand side you should see an option to send security question reset info to your rescue email address.
  If you don't have a rescue email address (you won't be able to add one until you can answer 2 of your questions) then you won't get the reset option - you will need to contact iTunes Support / Apple to get the questions reset.
  Contacting Apple about account security : http://support.apple.com/kb/HT5699
  When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down the page that you posted from to add a rescue email address for potential future use
  For future info typing all in capitals is considered shouting and makes posts difficult to read, and may mean that people don't reply