Signed applet event bug for JTextFields

Similar Messages

• File read access denied for signed applet

  Hi:
  I have a signed applet with a certificate generated with the keytool. Yet, I keep getting this error:
  java.lang.Exception: java.security.AccessControlException:
      access denied (java.io.FilePermission C:\WINDOWS\system32\aetpkss1.dll read)The error is produced when the method loadKeyStore(pin) below is called.
      private KeyStore ks;
      private Provider provider;
      private static final String providerName    = "PKCS11";
      private static final String providerLibrary = "aetpkss1.dll";
      public void loadKeyStore(String pin) throws IOException,
       CertificateException, KeyStoreException, NoSuchAlgorithmException {
       if (provider == null)
           registerProvider(providerLibrary);
       try {
           ks = KeyStore.getInstance(providerName,provider);
       } catch (Exception e) {
           throw new KeyStoreException("Failed get keystore instance\n"
                           + e.getMessage());
       try {
           ks.load(null, pin.toCharArray());
       } catch (Exception e) {
           throw new KeyStoreException("Failed load keystore\n"
                           + e.getMessage());
      public void registerProvider(String library)
       throws FileNotFoundException, KeyStoreException {
       String fileName;
       if (new File(library).isAbsolute())
           fileName = library;
       else
           fileName = getAbsolutePath(library);
       if (!(new File(fileName).exists()))
           throw new FileNotFoundException("No such file: " + fileName);
       String config = "name = " + providerName + "\n"
           + "library = " + fileName;
       ByteArrayInputStream confStream =
           new ByteArrayInputStream(config.getBytes());
       try {
           provider = new sun.security.pkcs11.SunPKCS11(confStream);
           Security.addProvider(provider);
       } catch (Exception e) {
           throw new KeyStoreException("Can initialize " +
                           "Sun PKCS#11 provider. Reason: " +
                           e.getCause().getMessage());
      private String getAbsolutePath(String lib) throws FileNotFoundException {
       String[] searchPath;
       /* NOTE: This should be modified to suit different versions of   *
        *       Windows and not just Windows XP                         */
       if (System.getProperty("os.name").matches("^(?i)Windows.*")) {
           searchPath = new String[] { "C:\\WINDOWS\\system32" ,
                           "C:\\java" };
       } else {
           searchPath = new String[] { "/usr/local/lib/" };
       for (int i = 0; i < searchPath.length; i++) {
           if ((new File(searchPath[i] + File.separator + lib).exists()))
            return (searchPath[i] + File.separator + lib);
       throw new FileNotFoundException("Library not in search path " + lib);
      }The above code is called by a java script, the class' constructor is empty.
  The error appears not to be caught by my code. I have tried to insert try/catch statements everywhere to figure out where this error is produced.
  The code is write off of the applet for signing with a smart card by Svetlin Nakov - and his applet works!
  I have also made a CLI application that uses the above code and it works perfectly.
  So: Something is wrong either with my certificate, the signing method, signature verification or something completely different. Any hints?
  The certificate I generated with
  keytool -genkey -keystore mystore -alias me
  keytool -seflcert -keystore mystore -alias meI have tired both with and without the selfcert step.
  Thanks! Erik

  The problem has been identified: Placing registerProvider() in the constructor the error no longer occurs, instead an error is produced when the key store is loaded.
  It appears that the javascript code is not trusted and so, even though the applet is signed, access privileges are restricted to those of the java script.
  A solution to this problem is not clear, but possibly, serving the pages from a trusted server, the java script will be trusted, some documentation seem to indicate.

• Problems with signed Applet for File Download under JRE 1.4 (works with 1.3

  Dear all,
  i encountered a very strange behaviour with JRE 1.4x. A signed applet used for file download worked on all platforms (Windows NT, 2000 and XP wth/wthout SP...) until I installed JRE 1.4.x (1.4.1 or 1.4.2)
  I get an EOFException when downloading binary files (for ASCII it works fine) when trying to readByte() from a DataInputStream. But not immideately, but after x bytes in the while-loop. Security is fine (I know there have been changes to that in jre 1.4, the applet itself can be started an runs with ASCII files for transfer)
  Does anyone know, what has changed in jre1.4.
  As I said, it works fine under jre 1.3.x
  The relevant code is below: byte bt = dis.readByte(); causes the error
  try{
  // Get URL from Server
  URL uFile = new URL(sFilename);
  sThisURLFile = uFile.getFile();
  Integer inte = new Integer(i);
  //open input stream for the file on server
  DataInputStream dis = new DataInputStream(new BufferedInputStream
  (uFile.openConnection().getInputStream()));
  //open output stream for the file on local drive
  String sFilenameOnly = sThisURLFile.substring(sThisURLFile.lastIndexOf('/')+1);
  int iDotPos = sFilenameOnly.lastIndexOf(".");
  String sExt;
  if (iDotPos > 0) {
  sExt= sFilenameOnly.substring(iDotPos);
  } else {
  sExt = "";
  File fileOut = new File(sDownloadDir + sThisURLFile.substring(sThisURLFile.lastIndexOf('/')+1) );
  DataOutputStream dos = new DataOutputStream(new
  BufferedOutputStream(new FileOutputStream(fileOut)));
  //read one byte from input stream, and write that byte to output stream
  long nByte = 0;
  int iCnt = 0;
  iFilesizeDone ++;
  while (nByte < iFilesize){
  String sErrPs = new String();
  try{
  sErrPs = "00";
  byte bt = dis.readByte();
  sErrPs = "01";
  dos.writeByte(bt);
  } catch (EOFException ee)
  System.err.println("internal EOFException: " + ee.getMessage());
  System.out.println("Error Filesize is " nByte " of " iFilesize "---" + sErrPs);
  break;
  nByte++;
  iFilesizeDone ++;
  iCnt ++;
  if(iCnt >= 10240) {
  ShowProgress(nByte, iFilesize, iFilesizeDone, iFilesizeTotal); // repaint does not work during init-procedure
  iCnt = 0;
  line = "Progress: Total: " + ((iFilesizeDone*100)/iFilesizeTotal) + " perc, " + iFilesizeTotal/1024 +" kbytes" ;
  labLine.setText(line);
  //dos.flush(); // improves Client performance (Agent-Call!)
  dis.close();
  dos.close();
  }// End try
  catch (EOFException ee)
  System.err.println("EOFException: " + ee.getMessage()e);
  catch (SecurityException se)
  System.err.println("SecurityException: " + se.getMessage());
  catch (IOException ioe)
  System.err.println("IOException: " + ioe.getMessage());

  perhaps they've changed something with the file blocking.
  btw, you should try to use something like this
  DataInputStream dis = new DataInputStream(is);
  byte[] buffer=new byte[8192];
  int numBytesRead;
  while ( dis.available()>0 ) {
       numBytesRead = dis.read(buffer);
  }               

• Include many jars for a complex signed applet in html file??

  hello
  I'd like to know how it's possible to put a signed applet in an html file, that needs many jar files.
  I explain myself: I know that to create a signed applet and to put it in an html file, I need to create a Jar file that contains this applet, create a private key with keytool, sign the jar and include it in my html file with the tag <applet code="....." archive="......jar".... />
  This works fine if my applet is a simple program that only uses the clases present by default in the jdk.
  In my case, I have a big project, with many packages. In one of these packages, I have my applet that uses some classes of the other packages, which use classes from imported jars, such as BouncyCastle, and others...
  There is still no problem when I run the applet from the applet viewer.
  The problem appears when I put the JAR file with all these classes in the html file: there is a problem since it doesn't know anything of these classes imported from these jars.. It's quite obvious actually.
  My question is: how do I do to make the html file aware of these classes? Is there an html tag that allows us to include many jar files? Do I have to decompress all these jars, take all the directories, add them to the directories of my project and create a BIG jar (that's what I did, but it's really dirty, and heavy! (11M))??
  Does anyone have an idea about how I can do it?
  Thanks for your help
  Philippe

  11 MB is pretty big for an applet.
  Let's say your applet uses java 3d, normally a client would download and
  install this seporately, meaning the jars needed end up in lib/ext directory where
  any applet can find them.
  Check what applets need to be installed (put in lib/ext) and what can be
  downloaded:
  <object .....
  <param name="archive" value="myJar.jar, myOtherjar.jar" />

• Signing applets for a period

  hi all..
  I have an applet in my web site and it needs to access some system resources.
  I have signed it and it's working properly. But by default, is it valid for six months only? how can I sign an applet with a certificate which will be valid for ever or till a specified time period?
  I used jarsigner tool. is there any parameter that I can specify with this for a specifying time period
  plz help me
  thanx and regards
  sand...

  sanpops wrote:
  hi all..
  I have an applet in my web site and it needs to access some system resources.
  I have signed it and it's working properly. But by default, is it valid for six months only? how can I sign an applet with a certificate which will be valid for ever or till a specified time period?
  I used jarsigner tool. is there any parameter that I can specify with this for a specifying time period
  plz help me
  thanx and regards
  sand...The fact that the certificate expired means it cannot be used for signing anymore. The applet will still run,
  if the user reads carefully the message and allows it to run. If you click more info in the security dialog,
  you will see that it says "the applet was signed with a valid certificate". I have to admit that I am not
  comfortable with this answer and I blame Sun for a wrong (or paranoid) implementation of this security
  dialog. Contrast it with the Microsoft dialog for ActiveX controls, which is correct, IMHO. There should be
  nothing scarry if the signatured used a valid certificate and it was done 10 years ago. The certificate
  confirms the identity of the applet creator and the fact that the applet was not tempered with since creation.
  If the creator was honorable in 1997 and now he is in jail it does not matter at all, since I am running an
  applet created when he was a good citizen.
  Another problem with this dialog is that I sell a product that contains signed applets. My one year Verisign certificate expires and the clients start asking questions that I can answer only in one of two ways:
  - Blame Sun as above
  - Redo an otherwise unnecessary build and send it to them, which does not make them very happy either,
  as nobody like to upgrade something that works just fine.

• Grant permission for a signed applet

  I have my jar file signed. Now, I hate to have the user to modify their .java.policy file, beside, I did not have my certificate verified by Verisign. Is there any other way to do it? I have read some posts which the user of the signed applet will see a pop up dialog while loading the signed applet, if they click on "grant all access", then the applet will have all the permission. Can anyone tell me how to do that?
  Thanks
  Andy

  nicoleman1 put together a "tutorial" on signing your applet (jar). The instructions will work for all browsers that support the Java Plugin.
  Here is a link to the thread:
  http://forum.java.sun.com/thread.jsp?forum=63&thread=174214
  Pete

• 6 Step Signed Applet for IE

  last week I have the problem for Signed Applet,
  and I hope this will Help You.
  but, I am sorry
  for Netscape, it's not done yet.
  So, here are the Step for IE
  1. Create you java code (takepic.java)
       in your code write the securiy permission
       if(Class.forName("com.ms.security.PolicyEngine") != null)
  mlabel.setText("Done IE");
  PolicyEngine.assertPermission(PermissionID.UI);
       write your permission you want at the PermissionID target
  2. Create Cab File
       cabarc -p -r -s 6144 N takepic.cab takepic.class
  3. Create certificate
       makecert -sk private -n "cn=I Gusti Putu Anom" anom.cer
  4.create spc from certificate
       cert2spc anom.cer anom.spc
  5. create ini file contains permission you want (example perms.ini)
       [com.ms.security.permissions.PrintingPermission]
       [com.ms.security.permissions.PropertyPermission]
       Unrestricted=false
       IncludedProperties=java.vendor
       [com.ms.security.permissions.ThreadPermission]
       AllThreadGroups=true
       AllThreads=true
       [com.ms.security.permissions.UIPermission]
       ClipboardAccess=true
       TopLevelWindows=true
       NoWarningBanners=true
       FileDialogs=true
       EventQueueAccess=true
  6. signcode -j javasign.dll -jp perms.ini -spc anom.spc -k private takepic.cab
  for Netscape, you must use PrivilegeManager and you must create a jar file
       if(Class.forName("netscape.security.PrivilegeManager") != null)
  PrivilegeManager.enablePrivilege("SuperUser");
  you can find package for netscape at C:\Program Files\Netscape\Communicator\Program\java\classes\java40.jar
  for IE, you can find it at C:\WINNT\java\Packages\GI53BPN9.zip
  you can find the article at :
  http://www.ddj.com/articles/1999/9902/9902h/9902h.htm
  regards,
  I Gusti Putu Anom A
  Software Engineer
  Balicamp
  Bali - Indonesia

  I used the file from C:\WINNT\java\Packages\ folder.
  I used GI53BPN9.zip (My OS is Windows 2000)
  there are 8 files on this folders
  Windows 2000 and Windows NT has diferrent name for the package file.
  I think you should use all the zip file from "C:\WINNT\java\Packages\", Because I'm not sure which file contain com.ms.security on your computer.

• Loading problem for Signed applet on MAC OS

  Hi All
  I�m trying to test my application on MAC OS (For versions: 10.2.6 as well as 10.4.x)
  For MAC 10.2.6 OS Java version is 1.4.1_01 and
  For MAC 10.4.x OS Java version is 1.4.2_07
  The code is compiled on Windows machine having Java version 1.4.2_07
  There�s a functionality which is calling signed applet (signed JAR for applet) and when this functionality is called, following error encounters:
  Java(TM) Plug-in: Version 1.4.1_01
  Using JRE version 1.4.1_01 Java HotSpot(TM) Client VM
  java.io.IOException: Server returned HTTP response code: 403 for URL: http://myMachineName: port/appName/UploadDownloadAppletJava.jar
  at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:709)
  at sun.plugin.net.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:384)
  at sun.plugin.net.protocol.http.HttpUtils.followRedirects(HttpUtils.java:39)
  at sun.plugin.cache.CachedJarLoader.download(CachedJarLoader.java:302)
  at sun.plugin.cache.CachedJarLoader.load(CachedJarLoader.java:128)
  at sun.plugin.cache.JarCache.get(JarCache.java:172)
  at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(CachedJarURLConnection.java:93)
  at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(CachedJarURLConnection.java:78)
  at sun.misc.URLClassPath$JarLoader.getJarFile(URLClassPath.java:580)
  at sun.misc.URLClassPath$JarLoader.<init>(URLClassPath.java:541)
  at sun.misc.URLClassPath$3.run(URLClassPath.java:319)
  at java.security.AccessController.doPrivileged(Native Method)
  at sun.misc.URLClassPath.getLoader(URLClassPath.java:308)
  at sun.misc.URLClassPath.getLoader(URLClassPath.java:285)
  at sun.misc.URLClassPath.getResource(URLClassPath.java:155)
  at java.net.URLClassLoader$1.run(URLClassLoader.java:190)
  at java.security.AccessController.doPrivileged(Native Method)
  Due to which cannot access Applet class (which is inside UploadDownloadAppletJava.jar) and operation is failed.
  (It works perfectly fine on Windows XP with both IE 6 and Firefox browsers).
  On MAC I'm testing on FireFox.
  Code which calls to applet is:
  <applet
  name=UploadDownloadApplet
  code="UploadDownloadApplet.class"
  codebase=/appName/
  archive=UploadDownloadAppletJava.jar
  width=0 height=0>
  <PARAM NAME=cabbase VALUE=UploadDownloadApplet.cab>
  <PARAM NAME=action VALUE=<%= action %>>
  <PARAM NAME=workingAreaMac VALUE="<%= workingAreaMac %>">
  <PARAM NAME=workingAreaPC VALUE="<%= workingAreaPC %>">
  <PARAM NAME=processId VALUE=<%= processId %>>
  <PARAM NAME=downloadBaseProductInd VALUE=<%= downloadBaseProductInd %>>
  <PARAM NAME=initTime VALUE=<%= initTime %>>
  <PARAM NAME=httpSessionId VALUE="<%= httpSessionId %>">
  <PARAM NAME=userId VALUE="<%= userId %>">
  </applet>
  Please suggest some guidelines

  java.io.IOException: Server returned HTTP response code: 403 for URL:
  http://myMachineName: port/appName/UploadDownloadAppletJava.jar
  Have you tried entering the URL into a browser window and see what happens?
  Message was edited by:
  wangwj

• Default security context for signed applets using WinXP+IE8

  What is the default security context for signed applets from the internet zone using Java 6 and WinXP+IE8 combination? My guess is that all file and socket access available for the user's Windows account is provided to the applet as well. Is this correct and if so, is there a way to limit these access privileges for signed applets from the internet zone?
  This information is surprisingly difficult to find given how security concious people now are using the internet.

  AntonBoer wrote:
  Thank you for your swift reply.
  Unfortunately your answer reflects to my worst fears. Frankly I find this security model naiive. Anyone with euros can get their applet signed so that is no security control at all.The same naive security model applies to just about anything signed and downloaded; not just to Java Applets.
  >
  Working for a corporate IT how I am supposed to allow Java installations on any of our computers with internet access? That automatically means I am providing them as platforms to whoever wishes to run Java code on them (given that the user of course visits the web site). I would have expected Sun to put more effort into this but it appers nothig have changed in this regard for 10 years.I don't see this as a Sun problem; it is indicative of what I consider to be a general security weakness for all computer systems. For example, for Windows, Vista just added more user involvement in the trust process but it still allows programs to run pretty much unconstrained if the user agrees to them running.
  For some time I have advocated a more fine grained approach. I would like to see ALL programs run in a sandbox that a user can specify what and what cannot be done by each individual program. Unfortunately, this would annoy the hell out of most users so it has little chance of every of ever being accepted. The average user just wants a run-and-forget-about-security model.

• Restriction for signed applet

  Hi all,
  i signed applet which is trying to modify file tmp.txt on client machine. Is there any opportunity for client to forbid this action for signed applet?
  I tried use policy file but i was unlucky. It is ok for unsigned applet but what about signed one?
  Thank you for your response.
  benky

  you need to install the jre, and place the win32.dll at JavaSoft\JRE\1.3.1_06\bin, that properties file place at JavaSoft\JRE\1.3.1_06\lib, comm.jar at JavaSoft\JRE\1.3.1_06\lib\ext\
  and in ur code try to use it to open ur com port
  public String test() {
  String drivername = "com.sun.comm.Win32Driver";
  try
  CommDriver driver = (CommDriver) Class.forName(drivername).newInstance(); driver.initialize();
  catch (Throwable th)
  {* Discard it */}
  drivername = "javax.comm.*";
  try
  CommDriver driver = (CommDriver) Class.forName(drivername).newInstance(); driver.initialize();
  catch (Throwable th)
  {* Discard it */}
  portList = CommPortIdentifier.getPortIdentifiers();
  while (portList.hasMoreElements()) {
  portId = (CommPortIdentifier) portList.nextElement();
  if (portId.getPortType() == CommPortIdentifier.PORT_SERIAL) {
  if (portId.getName().equals("COM2")) {
  //if (portId.getName().equals("/dev/term/a")) {
  try {
  serialPort = (SerialPort)
  portId.open("SimpleWriteApp", 2000);
  } catch (PortInUseException e) {}
  try {
  outputStream = serialPort.getOutputStream();
  } catch (IOException e) {}
  try {
  serialPort.setSerialPortParams(9600,
  SerialPort.DATABITS_8,
  SerialPort.STOPBITS_1,
  SerialPort.PARITY_NONE);
  } catch (UnsupportedCommOperationException e) {}
  int i=0;
  while(true)
  try {
  messageString="hi";
  System.out.println(i++);
  outputStream.write(messageString.getBytes());
  } catch (IOException e)
  System.out.println(e);
  messageString=String.valueOf(e);
  return messageString;
  and yet u need to signed the applet
  1. Compile the applet
  2. Create a JAR file
  3. Generate Keys
  4. Sign the JAR file
  5. Export the Public Key Certificate
  6. Import the Certificate as a Trusted Certificate
  7. Create the policy file
  8. Run the applet
  Susan
  Susan bundles the applet executable in a JAR file, signs the JAR file, and exports the public key certificate.
  1. Compile the Applet
  In her working directory, Susan uses the javac command to compile the SignedAppletDemo.java class. The output from the javac command is the SignedAppletDemo.class.
  javac SignedAppletDemo.java
  2. Make a JAR File
  Susan then makes the compiled SignedAppletDemo.class file into a JAR file. The -cvf option to the jar command creates a new archive (c), using verbose mode (v), and specifies the archive file name (f). The archive file name is SignedApplet.jar.
  jar cvf SignedApplet.jar SignedAppletDemo.class
  3. Generate Keys
  Susan creates a keystore database named susanstore that has an entry for a newly generated public and private key pair with the public key in a certificate. A JAR file is signed with the private key of the creator of the JAR file and the signature is verified by the recipient of the JAR file with the public key in the pair. The certificate is a statement from the owner of the private key that the public key in the pair has a particular value so the person using the public key can be assured the public key is authentic. Public and private keys must already exist in the keystore database before jarsigner can be used to sign or verify the signature on a JAR file.
  In her working directory, Susan creates a keystore database and generates the keys:
  keytool -genkey -alias signFiles -keystore susanstore -keypass kpi135 -dname "cn=jones" -storepass ab987c
  This keytool -genkey command invocation generates a key pair that is identified by the alias signFiles. Subsequent keytool command invocations use this alias and the key password (-keypass kpi135) to access the private key in the generated pair.
  The generated key pair is stored in a keystore database called susanstore (-keystore susanstore) in the current directory, and accessed with the susanstore password (-storepass ab987c).
  The -dname "cn=jones" option specifies an X.500 Distinguished Name with a commonName (cn) value. X.500 Distinguished Names identify entities for X.509 certificates.
  You can view all keytool options and parameters by typing:
  keytool -help
  4. Sign the JAR File
  JAR Signer is a command line tool for signing and verifying the signature on JAR files. In her working directory, Susan uses jarsigner to make a signed copy of the SignedApplet.jar file.
  jarsigner -keystore susanstore -storepass ab987c -keypass kpi135 -signedjar SSignedApplet.jar SignedApplet.jar signFiles
  The -storepass ab987c and -keystore susanstore options specify the keystore database and password where the private key for signing the JAR file is stored. The -keypass kpi135 option is the password to the private key, SSignedApplet.jar is the name of the signed JAR file, and signFiles is the alias to the private key. jarsigner extracts the certificate from the keystore whose entry is signFiles and attaches it to the generated signature of the signed JAR file.
  5. Export the Public Key Certificate
  The public key certificate is sent with the JAR file to the whoever is going to use the applet. That person uses the certificate to authenticate the signature on the JAR file. To send a certificate, you have to first export it.
  The -storepass ab987c and -keystore susanstore options specify the keystore database and password where the private key for signing the JAR file is stored. The -keypass kpi135 option is the password to the private key, SSignedApplet.jar is the name of the signed JAR file, and signFiles is the alias to the private key. jarsigner extracts the certificate from the keystore whose entry is signFiles and attaches it to the generated signature of the signed JAR file.
  5: Export the Public Key Certificate
  The public key certificate is sent with the JAR file to the whoever is going to use the applet. That person uses the certificate to authenticate the signature on the JAR file. To send a certificate, you have to first export it.
  In her working directory, Susan uses keytool to copy the certificate from susanstore to a file named SusanJones.cer as follows:
  keytool -export -keystore susanstore -storepass ab987c -alias signFiles -file SusanJones.cer
  Ray
  Ray receives the JAR file from Susan, imports the certificate, creates a policy file granting the applet access, and runs the applet.
  6. Import Certificate as a Trusted Certificate
  Ray has received SSignedApplet.jar and SusanJones.cer from Susan. He puts them in his home directory. Ray must now create a keystore database (raystore) and import the certificate into it. Ray uses keytool in his home directory /home/ray to import the certificate:
  keytool -import -alias susan -file SusanJones.cer -keystore raystore -storepass abcdefgh
  7. Create the Policy File
  The policy file grants the SSignedApplet.jar file signed by the alias susan permission to create newfile (and no other file) in the user's home directory.
  Ray creates the policy file in his home directory using either policytool or an ASCII editor.
  keystore "/home/ray/raystore";
  // A sample policy file that lets a JavaTM program
  // create newfile in user's home directory
  // Satya N Dodda
  grant SignedBy "susan"
  permission java.security.AllPermission;
  8. Run the Applet in Applet Viewer
  Applet Viewer connects to the HTML documents and resources specified in the call to appletviewer, and displays the applet in its own window. To run the example, Ray copies the signed JAR file and HTML file to /home/aURL/public_html and invokes Applet viewer from his home directory as follows:
  Html code :
  </body>
  </html>
  <OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
  width="600" height="400" align="middle"
  codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,1,2">
  <PARAM NAME="code" VALUE="SignedAppletDemo.class">
  <PARAM NAME="archive" VALUE="SSignedApplet.jar">
  <PARAM NAME="type" VALUE="application/x-java-applet;version=1.3">
  </OBJECT>
  </body>
  </html>
  appletviewer -J-Djava.security.policy=Write.jp
  http://aURL.com/SignedApplet.html
  Note: Type everything on one line and put a space after Write.jp
  The -J-Djava.security.policy=Write.jp option tells Applet Viewer to run the applet referenced in the SignedApplet.html file with the Write.jp policy file.
  Note: The Policy file can be stored on a server and specified in the appletviewer invocation as a URL.
  9. Run the Applet in Browser
  Download JRE 1.3 from Javasoft
  good luck! [email protected]
  i already give u many tips, i use 2 weeks to try this to success, hopw that u understand that, a result of success is not important, the process of how to get things done is most usefull!

• FocusLost event for JTextField sometimes triggered, sometimes not

  Some background.
  A column in a table consists of a number of cells.
  Each cell can be a JTextField or a JComboBox.
  I have written a CellEditor who returns either a JTextField or a JComboBox depending on some conditions.
  The JTextField listens for a FocusLost event to update the database.
  When I leave the first cell the FocusLost event is always triggered.
  For the ther cells the FocusLost event is triggeed every now and then.
  In the mean time I have found a simple workaround by placing the update code in method getCellEditorValue() which is called always by the table when moving to the next cell.
  I am just curious if someone has an explanation for this inconsistent behaviour of the FocusLost event.
  Code is below:
  * QuoteProductPropertyValueEditor.java
  * Created on May 4, 2005
  package tsquote.gui;
  * @author johnz
  import java.awt.Component;
  import java.util.EventObject;
  import java.awt.event.*;
  import java.util.ArrayList;
  import java.util.HashMap;
  import java.util.List;
  import java.util.Map;
  import javax.swing.*;
  import javax.swing.event.*;
  import javax.swing.table.*;
  import tsquote.controller.QueryHandler;
  import tsquote.exception.FinderException;
  import tsquote.gui.control.GenericTableModel;
  import tsquote.gui.control.Table;
  import tsquote.util.Messager;
  public class QuoteProductPropertyValueEditor implements TableCellEditor {
        * We use EvetListenerList, because it is thread-safe
       protected EventListenerList listenerList = new EventListenerList();
       protected ChangeEvent changeEvent = new ChangeEvent(this);
       private List<Component> componentList = new ArrayList();
       private Map<Integer, Integer> indexMap = new HashMap(); // maps row to index
       private Table table;
       private int currentRow;
       private QueryHandler queryHandler = QueryHandler.getInstance();
       public QuoteProductPropertyValueEditor() {
            super();
       public Object getCellEditorValue() {
            Component component = componentList.get(indexMap.get(currentRow));
            if (component instanceof JComboBox) {
                 JComboBox comboBox = (JComboBox) component;
                 return comboBox.getSelectedItem();
            JTextField textField = (JTextField) component;
            return textField.getText();
       public Component getTableCellEditorComponent(
                 JTable jTable,
                 Object value,
                 boolean isSelected,
                 int row,
                 int column) {
            final int thisRow = row;
            System.out.println("getTableCellEditorComponent(): thisRow=" + thisRow);
            table = (Table) jTable;
            currentRow = thisRow;
            if (!indexMap.containsKey(thisRow)) {
                 System.out.println("Control added: thisRow=" + thisRow);
                 indexMap.put(thisRow, componentList.size());
                 // This is actually a tsquote.gui.control.Table
                 GenericTableModel genericTableModel = table.getGenericTableModel();
                 List<Map> list = genericTableModel.getList();
                 Map recordMap = list.get(thisRow);
                 Boolean hasList = (Boolean) recordMap.get("product_property.has_list");
                 if (hasList) {
                      JComboBox comboBox = new JComboBox();
                      componentList.add(comboBox);
                      comboBox.addActionListener(new ActionListener() {
                           public void actionPerformed(ActionEvent event) {
                                fireEditingStopped();
                      for (int i=0; i<=row +1; i++) {
                           comboBox.addItem("Item" + i);
                 } else {
                      JTextField textField = new JTextField();
                      componentList.add(textField);
                      textField.addFocusListener(new FocusAdapter() {
                           public void focusLost(FocusEvent e) {
                                System.out.println("textField: thisRow=" + thisRow);
                                JTextField textField = (JTextField) componentList.get(indexMap.get(thisRow));
                                String newValue = textField.getText();
                                fireEditingStopped();
                                updateQuoteProductProperty(thisRow, newValue);
                      String text = (String) recordMap.get("quote_product_property.value");
                      textField.setText(text);
            Component component = componentList.get(indexMap.get(thisRow));
            if (component instanceof JComboBox) {
                 JComboBox comboBox = (JComboBox) component;
                 if (value == null) {
                      comboBox.setSelectedIndex(0);
                 } else {
                      comboBox.setSelectedItem(value);
            } else {
                 JTextField textField = (JTextField) component;
                 textField.setText((String) value);
            return component;
       private void updateQuoteProductProperty(
                 int row,
                 String newValue) {
            // Get PK quote_prodcut_property from list
            GenericTableModel genericTableModel = table.getGenericTableModel();
            List<Map> list = genericTableModel.getList();
            Map modelRecordMap = list.get(row);
            String storedValue = (String) modelRecordMap.get("quote_product_property.value");
            // If nothing changed, ready
  //          if (storedValue == null) {
  //               if (newValue == null) {
  //                    return;
  //          } else {
  //               if (storedValue.equals(newValue)){
  //                    return;
            // Update model
            modelRecordMap.put ("quote_product_property.value", newValue);
            Integer quoteProductPropertyID = (Integer) modelRecordMap.get("quote_product_property.quote_product_property_id");
            try {
                 queryHandler.setTable("quote_product_property");
                 queryHandler.setWhere("quote_product_property_id=?", quoteProductPropertyID);
                 Map recordMap = queryHandler.getMap();
                 recordMap.put("value", newValue);
                 recordMap.get("quote_product_property.value");
                 queryHandler.updateRecord("quote_product_property", "quote_product_property_id", recordMap);
            } catch (FinderException fE) {
                 Messager.warning("Cannot find record in quote_product_property\n" + fE.getMessage());
       public void addCellEditorListener(CellEditorListener listener) {
            listenerList.add(CellEditorListener.class, listener);
       public void removeCellEditorListener(CellEditorListener listener) {
            listenerList.remove(CellEditorListener.class, listener);
       public void cancelCellEditing() {
            fireEditingCanceled();
       public boolean stopCellEditing() {
            fireEditingStopped();
            return true;
       public boolean isCellEditable(EventObject event) {
            return true;
       public boolean shouldSelectCell(EventObject event) {
            return true;
       protected void fireEditingStopped() {
            CellEditorListener listener;
            Object[] listeners = listenerList.getListenerList();
            for (int i = 0; i < listeners.length; i++) {
                 if (listeners[i] == CellEditorListener.class) {
                      listener = (CellEditorListener) listeners[i + 1];
                      listener.editingStopped(changeEvent);
       protected void fireEditingCanceled() {
            CellEditorListener listener;
            Object[] listeners = listenerList.getListenerList();
            for (int i = 0; i < listeners.length; i++) {
                 if (listeners[i] == CellEditorListener.class) {
                      listener = (CellEditorListener) listeners[i + 1];
                      listener.editingCanceled(changeEvent);
  }

  The JTextField listens for a FocusLost event to update the database.I don't recommend using a FocusListener. Wouldn't you get a FocusLost event even if the user cancels any changes made to the cell?
  Whenver I want to know if data has changed in the table I use a TableModelListener:
  http://forum.java.sun.com/thread.jspa?threadID=527578&messageID=2533071
  I'm not very good at writing cell editors so I don't. I just override the getCellEditor method to return an appropriate editor. Here's a simple example:
  import java.awt.*;
  import java.awt.event.*;
  import java.util.*;
  import javax.swing.*;
  import javax.swing.table.*;
  public class TableComboBoxByRow extends JFrame
       ArrayList editors = new ArrayList(3);
       public TableComboBoxByRow()
            // Create the editors to be used for each row
            String[] items1 = { "Red", "Blue", "Green" };
            JComboBox comboBox1 = new JComboBox( items1 );
            DefaultCellEditor dce1 = new DefaultCellEditor( comboBox1 );
            editors.add( dce1 );
            String[] items2 = { "Circle", "Square", "Triangle" };
            JComboBox comboBox2 = new JComboBox( items2 );
            DefaultCellEditor dce2 = new DefaultCellEditor( comboBox2 );
            editors.add( dce2 );
            String[] items3 = { "Apple", "Orange", "Banana" };
            JComboBox comboBox3 = new JComboBox( items3 );
            DefaultCellEditor dce3 = new DefaultCellEditor( comboBox3 );
            editors.add( dce3 );
            //  Create the table with default data
            Object[][] data =
                 {"Color", "Red"},
                 {"Shape", "Square"},
                 {"Fruit", "Banana"},
                 {"Plain", "Text"}
            String[] columnNames = {"Type","Value"};
            DefaultTableModel model = new DefaultTableModel(data, columnNames);
            JTable table = new JTable(model)
                 //  Determine editor to be used by row
                 public TableCellEditor getCellEditor(int row, int column)
                      int modelColumn = convertColumnIndexToModel( column );
                      if (modelColumn == 1 && row < 3)
                           return (TableCellEditor)editors.get(row);
                      else
                           return super.getCellEditor(row, column);
            JScrollPane scrollPane = new JScrollPane( table );
            getContentPane().add( scrollPane );
       public static void main(String[] args)
            TableComboBoxByRow frame = new TableComboBoxByRow();
            frame.setDefaultCloseOperation( EXIT_ON_CLOSE );
            frame.pack();
            frame.setVisible(true);
  }

• For a signed applet am getting java.security.PrivilegedActionException:

  I have a signed applet,now for testing it's a self signed applet.
  It used for adding files using JFilechooser.
  It works fine in my machine with JRE version 1.5.0_12 .
  In other machines having jre version with 1.5 onwards it's working fine.
  But one problem am facing now is ,whenever we call a method in applet
  thorugh javascript it is giving security error . This problem comes only when the applet is running in some other machine having a diff jre (in that system the applet loads well,problem comes only when we access any applet method from a javascript).
  Is it due to the diff of java enabled in javascript (at client browser) and in applet (when complied and created the singed jar )
  bellow shows part of the error.
  java.security.PrivilegedActionException: java.lang.reflect.InvocationTargetException
  at java.security.AccessController.doPrivileged(Native Method)
  at sun.plugin.liveconnect.SecureInvocation$2.run(Unknown Source)
  at java.security.AccessController.doPrivileged(Native Method)
  at sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
  Caused by: java.lang.reflect.InvocationTargetException
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
  at java.lang.reflect.Method.invoke(Unknown Source)
  at sun.plugin.javascript.JSInvoke.invoke(Unknown Source)
  at sun.reflect.GeneratedMethodAccessor5.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
  at java.lang.reflect.Method.invoke(Unknown Source)
  at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
  at sun.plugin.liveconnect.PrivilegedCallMethodAction.run(Unknown Source)
  ... 4 more
  Caused by: java.security.AccessControlException: access denied (java.io.FilePermission C:\Documents and Settings\dnixon\My Documents\photos\astro1.jpg read)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkRead(Unknown Source)
  at java.io.File.exists(Unknown Source)
  Please any one help.
  thanks in advance
  It's very urgent

  [http://forums.sun.com/thread.jspa?forumID=421&threadID=5308353]

• Problem on runtime enviorment for signed applet

  I am using the Java Media Framework for video capturing .Problem which i am facing is i have to configure the client machine so i wanted to download few of the class files which will execute on the client side and then stream the video back to the server .For this i have dezigned a java applet.This applet is signed by myself without any external agency so when ever the application is executed where it was signed this application gives no problem but when a different machine access the applet the user is asked for the verification of the applet but the error is thrown stating that the class not found exception .So please guide me that while making a signed applet which all packages need to be signed and what is the procedure .Do i have to sign the jmf packages also .

  I have signed applets but not with jmf. Your best bet is to put the applet in a jar and sign the jar. Most java runtimes with a self signed applet will prompt the user and ask the user if they want to grant permission. You probably have to use the java html converter to code your html to force the use of suns plugin. I am not sure if you have to sign the jmf jars or they may already be signed.

• What are the default permissions for "self-signed" applets?

  Hello!
  I have a self-signed applet (=signed with a self made certificate) and under most plugin-enviroments java asks the user if it accepts this certificate as trustworth.
  On my linux-box I do not have any problems to write files to the local filesystem after I accepted this self-signed applet.
  However I've often read that users must grant some permissions even for signed applets, so is there a list of permissions that are denied by default?
  Are there differences between java releases starting with 1.2.2?
  Thanks in advance, lg Clemens

  Default settings are like you said, jre asks the user and everything will work.
  Unless.your applet uses classes that are not signed like with calls from javascript to your applet the plugin.jar is used and you'll get an exception when writing to files.
  When writing to files the OS might not allowe the user to write to a certain file or folder.
  Don't know what type of exception will be thrown if the OS doesn't allowe it but it has
  nothing to do with applet permissions.
  To change the default setting you can add the following line in the grant { bit of the
  java.policy
  permission java.lang.RuntimePermission "usePolicy";
  When this line is there all signatures will be ignored and an applet can only do extra
  things (like access to local files) if a policy is set up for this applet.
  To find out what's wrong at your clients site you should ask them to send a full trace
  and check that. I hope you did a .printStacktrace() on the exception in your code so
  you can see if any other classes are involved when the exception is thrown.
  To turn the full trace on (windows) you can start the java console, to be found here:
  C:\Program Files\Java\j2re1.4...\bin\jpicpl32.exe
  In the advanced tab you can fill in something for runtime parameters fill in this:
  -Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|security|ext|liveconnect
  if you cannot start the java console check here:
  C:\Documents and Settings\userName\Application Data\Sun\Java\Deployment\deployment.properties
  I think for linux this is somewhere in youruserdir/java (hidden directory)
  add or change the following line:
  javaplugin.jre.params=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
  for 1.5:
  deployment.javapi.jre.1.5.0.args=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
  The trace is here:
  C:\Documents and Settings\your user\Application Data\Sun\Java\Deployment\log\plugin...log
  I think for linux this is somewhere in youruserdir/java (hidden directory)

• Signed applet for file download?

  Hello folks,
  I have a signed applet through which i can upload multiple files to a servlet. I wish to create another applet or enhance this one to enable it to download multiple files from the server to the client m/c. Any idea, how to go about it?
  I will appreciate your helpful replies.
  Thank you,
  Coreli

  which part? You apparently already know how to sign an applet... and use a file chooser... and create servlets that can take files.... seems you need to do the opposite and use input streams where you used output streams before and vice versa...