Signed applet in Intranet site

Similar Messages

• IIS, Javascript, Signed Applet and ASP Blank Page Problem

  Hi,
  I'm having a problem using a Signed Applet in a site that runs in a IIS (Windows Server 2003).
  My aspx web page uses the applet to read my smart card and get information from it.
  This applet uses an auxiliar dll (stored in a second Signed Jar file) in order to read the information from my smart card.
  The way the solution is design:
  1) Aspx page is asked from server
  2) Internet Explorer recieve the page and asks the server for it content (images, applet, javascripts, etc)
  3) After this the JVM runs (console opens)
  4) After the Aspx page render fully a javascript register onload fires and call an applet method
  5) Applet receive the call and run the logic of the method:
       - reads the smart card;
       - calls Javascript function in order to fill aspx fields with information from smart card
       - calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
  5) The server makes some logic with the information receive and responds to client registering in aspx page a call to another Javascrit function
  6) The client received the asnwer from server and runs the Javascript function registered on step 5)
       This Javascript calls another method from applet and runs the following logic:
       - reads more information from smart card;
       - call javascript function in order to fill more fields of aspx page with the information readed
       - calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
  7) The server makes some logic and call another pages with no Applets
  8) Client asks for a second page with the same applet and we start with another logic express on steps 1);2);3),4);5) and then 7).
  This is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
  When this happens the server just responds with a blank page.
       - with fiddler I can seer the request for the aspx page (that uses the applet)
       - but server responds with a blank html page
  The JVM doesn't fire.
  The IIS log don't show errors.
  The eventviewer doesn't show errors.
  The problem is solved with an IIS reset or a Application Pool reset.
  After a while the problem returns.
  This problem occours for other user in another machine, the server just stops responding correcly to request regarding pages with applets, the other pages still continue to work.
  If we disable Java Control Panel->Advanced->Java Plug-in->Enable the next-generation Java Plug-in the problem seend to stop, but we can't force all clients to disable this option right?
  Or there is a way to force the Applet to run with this option disabled?
  As anyone experience similar problem?
  Regards,
  OF

  This is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
  When this happens the server just responds with a blank page.
  - with fiddler I can seer the request for the aspx page (that uses the applet)
  - but server responds with a blank html pageWell, if http requests look identical in case of success and failure (pay attention to cookies, etc) then it has to be something on the server side.
  It could be that server gets into this wrong state because of previous requests made by applet but it is hard to tell.
  I am not clear how old/new plugin can make a difference unless your applets run in the legacy mode (i.e. you are actually trying to reuse SAME instance of the applet when
  it is loaded next time).
  I'd start with
  1) carefully comparing good/bad sessions
  2) checking whether server will serve correct response to another client when it serves "bad" page for current client
  3) add debug statements to aspx - it is scripted page, may be some condition is not met and then it returns blank?
  4) record all http requests in one session until you get to "error" state and then use any http server testing tool to "replay" this set of requests.
  You should be able to get server into the same state without use of applet. Then you can try to tweak set of requests to see what makes a difference.

• Issue with Internet facing site and Intranet sites

  Hello All,
  I have migrated the SP2013 environment using database attach method for our intranet site. We also working on the
  SP2013 Internet facing site using the same content database as Internet site.
  When I extended the web application for Internet facing site, zone to
  Internet and these are the URLs: The Intranet website URL is
  https://intranet.contoso.com/SitePages/home.aspx (Root Site) and
  SP2013 Internet facing site http://contoso.com (not a root site and publishing site template)
  However, I found on the http://contoso.com users can still access the
  http://contoso.com/SitePages/home with same content as Intranet.
  After done some Google search, bloggers mentioned to have move  https://intranet.contoso.com/SitePages/home.aspx to another site collection so that Internet facing site can exist root site.
  Can 2 we have to two root sites in same web application? I need the content database to be same so that managers can check
  Internet facing site and after signing into SP2013, redirects to
  Internet site.  
  Which is the best option to achieve this with same content database.   
  Please advice.
  Regards,
  Aroh 
  Aroh Shukla

  Business Requirement:
  Content Managers want to control internal Internet site (https://intranet.contoso.com) (with default zone, port 443, Root site) and also want to have SP2013 Internet site (with Internet zone
  http://www.contoso.com (not a root site and publishing site template)), Anonymous access at Web Application level. I configured the site architecture
  to have intranet zone as default zone and extended Web Application for Internet facing site with Anonymous site. This the current site architecture
  Because content managers do not want to duplicate public site (Internet facing site) with will be shared with some lists that are stored in intranet site.
  For e.g. a sub site named “News and Events” will be shared with Public site as well as Internet users. Therefore, if a manger wants to update a list in the public site, it should reflect in intranet site as well. Thus, managers
  don’t want to have separate database but same content database.
  Problem:
  I have extended web application to have different Internet zone, the site URL looks this: http://www.contoso.com/sites/public with publishing template and Anonymous access. Managers want to have public site URL to be just
  http://www.contoso.com and not   http://www.contoso.com/SitePages/Home.aspx. As I am using path based site collection for extending site collection, I am
  getting this URL http://www.contoso.com/SitePages/Home.aspx
  We also tried host named site collection, but it does not provide anonymous access and keep on asking for user credentials.
  Q1: We want to have Intranet and Public site with same content database as per business requirements, Shall I following link       http://sharepoint.stackexchange.com/questions/81172/moving-content-db-for-a-site-collection-to-another-db-server?
  Q2: Because I am constrained that I don’t want to have separate web application, (I know, its not regular requirement), how could achieve this requirements?
  Q3: Do have to completely re-design web site architecture, with
  www.contoso.com as main web application, then copy Intranet site collection and move this to
  www.contoso.com/intranet using
  Move-SPSite command 
  Any kind of pointer and help will be highly appreciated as I am struggling for 2 weeks to solve this.
  Regards,
  Aroh  
  Aroh Shukla

• Signed Applet not loading on Mac OS X if using HTTPS protocol

  Hi All,
  I need to open a trusted applet on Mac OS 10.2. The applet works fine if using HTTP protocol. But if the protocol used is HTTPS the the applet does not loads and "javax.net.ssl.SSLException - untrusted server cert chain" exception comes on the console.
  The error comes for both - Verisign and javakey - signed applet.
  On seaching for possible solution on the net, i came across following link: http://www.macosxhints.com/article.php?story=20020525101202503&query=Workaround+for+secure+Java+applet+problems
  It says that this is Mac's known bug and gives the workaround as:
  1. Access the problematic site with Internet Explorer on Windows. Click on the padlock item and export the certificate to a file.
  2. Copy the certificate to your Mac.
  3. Use the command
  sudo keytool -import -trustcacerts -keystore /Library/Java/Home/lib/security/cacerts -file mycert.cer
  to import the certificate file to your keystore (substitute mycert.cer with the name of the file containing the certificate). The keystore is password protected - the default password is "changeit".
  4. Restart your browser
  But the client cannot be asked to do all this to run the applet.
  Is this problem being solved by Mac in their java implementation or is there any other possible solution?
  Thanx in advance.
  Regards,
  Charu

  I am experiencing the same problem - I notice it does not happen on OS9.2 using IE but appears a problem on all browsers on OSX
  Apple gave me the following reply.....
  Re: Bug ID# 3268633: cannot load applet class under https connection
  Hello Andrew,
  Thank you for bringing this problem to our attention. We have received feedback
  from engineering on your
  reported issue.
  Please know that to get Java to recognize the certificate you will need to do
  one of two things, depending
  on which VM you are using. Since you want it to work with Internet Explorer, we
  will assume Java 1.3.1.
  In Java 1.3.1 you'll need to add the certificate to
  /Library/Java/Home/lib/security/cacerts using
  /usr/bin/keytool to import the certificate into the certificate database.
  In Java 1.4.1 you should be able to just add the certificate to the keychain
  using certtool. For more
  details on how to do this, please refer to the information found at
  <http://java.sun.com/j2se/1.4.1/docs/tooldocs/solaris/keytool.html>. After
  doing so, if you should require
  further help from Apple in resolving this issue, we recommend that you request
  assistance from Developer
  Technical Support. This must be done by filing a Technical Support Incident.
  So I am supposed to tell every Mac user to do the above am I?!!!

• Change language on the security warning popup when using signed applets

  Hi
  Today when we use a signed applet the user get a security warning popup box where the langauge is English.
  Is it possible to change the language to other that English and if possible how can this be done ?
  Thanks in Advance,
  Henrik Rasmussen
  Denmark

  The Microsoft one is especially annoying because they should know better than to submit from secure to insecure.
  Let's say you are currently logged in to a Microsoft account and you click Sign in on MSDN. The site redirects to login.live.com, which recognizes that you are logged in, and generates a page with a hidden form and submits it back to MSDN using a script. This is where the problem is, because the hidden form action URL is not secure, yet it is on a secure page. (See Screen shots)
  The workaround (hack, whatever) is to modify the form to a secure address before it is submitted. How can you do that? Since it is impractical to do by hand, you can use an add-on.
  In an earlier thread, user thx1200 posted a link to a userscript that fixes this issue on login.live.com. The userscripts''.''org site has seemingly died, but there is a copy on a mirror of that site.
  * Earlier thread (long): [https://support.mozilla.org/questions/964250 How do disable this Warning? Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection]
  * You need Greasemonkey to run user scripts: https://addons.mozilla.org/firefox/addon/greasemonkey/
  * User script install page: [http://userscripts-mirror.org/scripts/show/173384.html Fix security warning for Microsoft Live login]

• Signed applet does not grant AudioPermission "record"

  From what I gather, if I have a trusted signed applet sitting on a webpage and
  the visitor accepts (runs) the applet, then they should not need to have:
  grant {
  permission javax.sound.sampled.AudioPermission "record";
  in their java policy file. Well I have done all this (with a certificate from
  Thawte) and posted a thorough example at:
  http://www.livesite.net/JavaSoundTest
  At the bottom of that page there is a "Check permissions" link which will alert
  true/false if we have record permission. Clicking any "Record" link will
  attempt to open a TargetDataLine.
  My experience (and problem) is: record permission must be granted even though
  the applet is signed by a trusted CA.
  I would very much appreciate any help.
  Are you able to record/playback (without granting record permission in your
  java policy files) with the JavaSoundTest applet webpage?
  Is there something I am missing?
  ------ More information ------
  Java Control Panel -> Advance -> Security
  'allow user to grant permissions to signed content' is checked
  Reproducable on:
  MS NT4 w/ IE6
  MS Windows 2000 w/ Firefox 1.5
  MS Windows XP w/ Firefox 1.5
  MS Windows XP w/ IE6
  Fedora FC6 w/ Firefox 2.0
  Also, this happens with a commented-out record permission in the user
  .java.policy file, or when the policy file does not exist.
  ------ Source code: opening the target data line ------
  Using the JavaSoundTest applet page without granted permission, clicking a
  record link will yield this exception in the java console:
  java.security.AccessControlException: access denied (javax.sound.sampled.AudioPermission record)
  at java.security.AccessControlContext.checkPermission
  at java.security.AccessController.checkPermission
  at java.lang.SecurityManager.checkPermission
  at com.sun.media.sound.JSSecurityManager.checkRecordPermission
  at com.sun.media.sound.DirectAudioDevice$DirectDL.implOpen
  at com.sun.media.sound.AbstractDataLine.open
  at net.livesite.jsound.Recorder.run(Recorder.java:161)
  while opening a TargetDataLine as:
  23 private static TargetDataLine line;
  157 line = (TargetDataLine) AudioSystem.getLine( lineInfo );
  158
  159 try
  160 {
  161 line.open( format, (int) format.getSampleRate() );
  162 }
  ------ Source code: Using the security manager ------
  The "Check permissions" link on the TestJavaSound applet page calls this method:
  191 public boolean hasSoundRecPriv()
  192 {
  193 boolean ret = false;
  194
  195 try
  196 {
  197 SecurityManager sm = System.getSecurityManager();
  198 if (sm != null)
  199 {
  200 sm.checkPermission(new AudioPermission("record"));
  201 }
  202 ret = true;
  203 }
  204 catch(SecurityException e)
  205 {
  206 ret = false;
  207 }
  208
  209 return ret;
  210 }
  (This is a continued post from JAVASOUND-INTEREST at SUN.COM)

  Is there something I am missing?1) Applets are not well supported by Sun,
  and are inherently problematic as a reult
  of that.
  2) My experience suggests that the diagnotics
  applet is not reliable for detecting JMF.
  3) I guess the JMF applet is doing checks of
  policy files, despite the signed code.
  You might circumvent most of these problems,
  by using web-start to launch an application.
  Here are some of my tests at launching
  JMF using web-start.
  http://www.javasaver.com/testjs/jmf/

• How to resolve problems in policy file of signed Applet

  Hi to All,
  I want to connect the web site through my Signed Applet which is working as a Proxy server. but i m facing certain problems in my policy file:
  this is my policy file :-
  grant {
  permission java.security.AllPermission "", "";
  permission java.net.SocketPermission "http://www.google.com:4321", "connect, accept,resolve";
  permission java.security.UnresolvedPermission;
  n i got such type of exceptions n my Applet prompt applet not initialized.
  Got connection Socket[addr=/192.168.1.232,port=1200,localport=4321]
  Reading request...
  URI is: http://www.google.com/
  Host to contact is: www.google.com at port 80
  Got request...
  java.security.AccessControlException: access denied (java.net.SocketPermission www.google.com resolve)
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
  at java.security.AccessController.checkPermission(AccessController.java:427)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
  at java.lang.SecurityManager.checkConnect(SecurityManager.java:1031)
  at java.net.InetAddress.getAllByName0(InetAddress.java:1117)
  at java.net.InetAddress.getAllByName0(InetAddress.java:1098)
  at java.net.InetAddress.getAllByName(InetAddress.java:1061)
  at java.net.InetAddress.getByName(InetAddress.java:958)
  at java.net.InetSocketAddress.<init>(InetSocketAddress.java:124)
  at java.net.Socket.<init>(Socket.java:179)
  at ProxyApplet.handle(ProxyApplet.java:75)
  at ProxyApplet.<init>(ProxyApplet.java:132)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
  at java.lang.Class.newInstance0(Class.java:350)
  at java.lang.Class.newInstance(Class.java:303)
  at sun.applet.AppletPanel.createApplet(AppletPanel.java:721)
  at sun.applet.AppletPanel.runLoader(AppletPanel.java:650)
  at sun.applet.AppletPanel.run(AppletPanel.java:324)
  at java.lang.Thread.run(Thread.java:595)
  here 4321 is Port no. which i've as a random port no.
  plz Help
  thnx in advance
  with regards
  pank_naini

  Please, if you can't help me, could you tell me who can I contact ?

• Signed applet stopped working in 1.4.2_04

  We have a signed applet that accesses the file system. After installing 1.4.2_04 it produces this exception
  java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkExec(Unknown Source)
       at java.lang.Runtime.exec(Unknown Source)
       at java.lang.Runtime.exec(Unknown Source)
       at java.lang.Runtime.exec(Unknown Source)
       at java.lang.Runtime.exec(Unknown Source)
       at edu.nebraska.foundation.applets.AccessApplet.openNewSession(AccessApplet.java:35)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       at java.lang.reflect.Method.invoke(Unknown Source)
       at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
       at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
       at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
  java.lang.Exception: java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)
       at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
       at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
  .This was working in 1.4.2 and 1.3.1_08. Anyone else have this problem?

  Sorry, copied and pasted the following, hope it helpes.
  The following examples are for a win 2000 machine, for linux
  you have to use alternative paths but I think the commands
  are about the same.
  The SUN jre doesn't care about IE settings, if an applet is signed it will ask the user "do you trust", if
  the user chooses yes or always the applet can do pretty much anything.
  Because anybody can sign an applet so it will pop up the do
  you trust dialog I prevent this dialog from popping up by
  adding the following to the
  C:\Program Files\Java\j2re****\lib\security\java.policy
  under grant { [/b]
  [color red]
  permission java.lang.RuntimePermission "usePolicy";
  [color]
  You now need to set up special permissions for sites that
  need it, signed applets get no special treatment since you
  specified in the java.policy that policy should allways be
  used.
  When your applet needs to do something it normally could
  not do (applet security) [b]and it needs to do this
  when a user clicks on a html button (applet method called
  from javascript), than all the signing and policy settings
  in the world wouldn't work Unless you grant all permission
  to all code.
  This is because the Java Plug-in executes methods with
  applet sandbox security restrictions.
  http://archives.java.sun.com/cgi-bin/wa?A2=ind0404&L=java-security&F=&S=&P=4012
  To solve this you can start a new thread that checks ...
  times a second if a variable meets certain conditions.
  These conditions are changed with public methods called
  from JavaScript. When a variable meets certain Conditions
  this thread will start the method that will perform
  normally restricted tasks.
  Here is an example where the applet doesn't work
  (the batchfile, html file are OK)
  Note that running this code with Mozilla on my w2k machine
  crashes Mozilla (not on my Fedora machine)
  Batch file to sign the applet: (please note this will
  delete some files)
  del *.cer
  del *.com
  del *.jar
  del *.class
  javac -classpath ".;C:\Program Files\Java\j2re1.4.2_04\lib\plugin.jar" test.java
  keytool -genkey -keystore harm.com -keyalg rsa -dname "CN=Harm Meijer, OU=Technology, O=org, L=Amsterdam, ST=, C=NL" -alias harm -validity 3600 -keypass pass -storepass pass
  jar cf0 test.jar test.class
  jarsigner -keystore harm.com -storepass pass -keypass pass -signedjar sTest.jar test.jar harm
  del *.classThe html page:
  <DIV id="dvObjectHolder">  </DIV>
  <br><br>
  <script>
  if(window.navigator.appName.toLowerCase().indexOf("netscape")!=-1){ // set object for Netscape:
       document.getElementById('dvObjectHolder').innerHTML = "        <object ID='appletTest1' classid=\"java:test.class\"" +
                  "height=\"0\" width=\"0\" onError=\"changeObject();\"" +
            ">" +
                  "<param name=\"mayscript\" value=\"Y\">" +
                  "<param name=\"archive\" value=\"sTest.jar\">" +
          "</object>";
  }else if(window.navigator.appName.toLowerCase().indexOf('internet explorer')!=-1){ //set object for IE
       document.getElementById('dvObjectHolder').innerHTML =      "<object ID='appletTest1' classid=\"clsid:8AD9C840-044E-11D1-B3E9-00805F499D93\"" +
                 "         height=\"0\" width=\"0\" >" +
                 "   <param name=\"code\" value=\"test.class\" />" +
                    "<param name=\"archive\" value=\"sTest.jar\">" +
                 " </object>"
  </script>
  <LABEL id="lblOutputText">This text will be replaced by the applet</LABEL>
  <BR>
  <input value="Javascript to java" type=button onClick="document.appletTest1.fromJavaScript()"><br>The applet:
  // new class for jsObject!!!! since 1.4.2 compile this:
  // javac -classpath "C:\Program Files\Java\j2re1.4.2_01\lib\plugin.jar" test.java
  // since jaws.jar does not exsist anymore
  // to compile with jaws: javac -classpath "C:\j2sdk1.4.0_03\jre\lib\jaws.jar" test.java
  import netscape.javascript.*;
  public class test extends java.applet.Applet {
      JSObject win;
      JSObject outputLabel;
      public void init() {
           try{
               win = JSObject.getWindow(this);
               outputLabel = (JSObject) win.eval("document.getElementById('lblOutputText')");
            outputLabel.setMember("innerHTML", "<center><h1>From Init<br>Your homedir " + System.getProperty("user.home") + "</h1></center>");
          }catch(Exception e){
               e.printStackTrace();
      public void fromJavaScript(){
           try{
                   outputLabel.setMember("innerHTML", "<center><h1>From javascript<br>Your homedir: "+ System.getProperty("user.home") + "</h1></center>");
          }catch(Exception e){
               e.printStackTrace();
  }When you put the files in c:\temp, run the batch file to
  compile and sign the applet and then open the html file you
  will be asked if you trust ... you can say yes and from
  init the applet can read user.home. Click on the button and
  you will get the following stack trace:
  java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
       at java.lang.System.getProperty(Unknown Source)
       at test.fromJavaScript(test.java:20)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       at java.lang.reflect.Method.invoke(Unknown Source)
       at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
       at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
       at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.plugin.com.DispatchImpl.invoke(Unknown Source)Conclusion: the applet can read user.home but not from
  JavaScript.
  Here is the applet that does work because a method called
  from javaScript doesn't perform a restricted task.
  // new class for jsObject!!!! since 1.4.2 compile this:
  // javac -classpath "C:\Program Files\Java\j2re1.4.2_01\lib\plugin.jar" test.java
  // since jaws.jar does not exsist anymore
  // to compile with jaws: javac -classpath "C:\j2sdk1.4.0_03\jre\lib\jaws.jar" test.java
  import netscape.javascript.*;
  public class test extends java.applet.Applet {
       JSObject win;
       JSObject outputLabel;
       boolean buttonFromJavaClicked = false;
       checkJavaScriptEvent evt = new checkJavaScriptEvent();
       public void init() {
            try {
                 evt.start();
                 win = JSObject.getWindow(this);
                 outputLabel =
                      (JSObject) win.eval("document.getElementById('lblOutputText')");
                 outputLabel.setMember(
                      "innerHTML",
                      "<center><h1>From Init<br>Your homedir "
                           + System.getProperty("user.home")
                           + "</h1></center>");
            } catch (Exception e) {
                 e.printStackTrace();
       public void fromJavaScript() {
            buttonFromJavaClicked = true;
       private void fromJavaScript2() {
            System.out.println("fromjavascript2 is started");
            try {
                 String strLbl =
                      "<center><h1>From javascript<br>Your homedir: "
                           + System.getProperty("user.home")
                           + "</h1></center>";
                 outputLabel.setMember("innerHTML", strLbl);
            } catch (Exception e) {
                 e.printStackTrace();
       class checkJavaScriptEvent extends Thread {
            public void run() {
                 while (true) {
                      if (test.this.buttonFromJavaClicked) {
                           System.out.println("OK buttonfromjava is true");
                           test.this.buttonFromJavaClicked = false;
                           test.this.fromJavaScript2();
                      try {
                           Thread.sleep(300);
                      } catch (Exception e) {
                           System.out.println("exception in sleep");
                           e.printStackTrace();
                           System.exit(1);
  }

• Accessing Signed Applet Method From Javascript

  Hi All,
  In my intranet application i have to retrive the mac addres of the client using the applet. I have to capture the MAC Address and set it as a hidden value in the jsp page.
  I have used the signed applet and able to retrive the mac address of the client using IE but I am not able to do the same on NN 7.1
  Below is my javascript and the applet tag syntax, please help me if i am wrong anywhere
  function mac()
  var mval=document.myApplet.getWinMACAddress()
  alert("addres" +mval)                         
  document.loginform.js_value.value=mval
  and the applet tag in my jsp page is
  <applet code ="SignedAppletDemo.class" codebase="http://mysouthasia/AcadResource/jsp/" archive="SSignedApplet.jar" width=1 height=1 align=center name="myApplet" >
  </applet>
  Thanks in Advance

  Since getWinMACAddress( ) seems to work just fine for IE, is there an equivalent for NN7.1?
  What happens if I run Opera instead, and on a Linux system? Or Safari on OS X? Obviously getWinMACAddress( ) isn't going to work for that.
  I really don't understand why so many Asian programmers get "Find the MAC address of..." as a homework assignment. There are many reasons why it isn't really practical to do so, and for examples, just search this forum for MAC addresses. Lots and lots of examples and counter examples.

• Getting the certificate has an invalid signature error on one of my company's intranet sites.

  Immediately after upgrading to FF35, I've lost the ability to access key parts of our intranet. I understand from other related forum questions that FF reps don't believe that typical users will encounter the problem of needing to access self-signed certificates over https. Here to tell you we do. The same issue keeps being posted on your forums regarding upgrades from FF31 onward (which at least allowed some user override). It looks like rather a lot of users have intranets that behave in the same way and would like to be able to use FF to access their own intranet sites. My company is highly unlikely to institute a massive security overhaul just to satisfy FF's sensitivities over the importance of this issue, especially when they have many other layers to protect themselves, so it's back to Chrome for me I guess.
  Way to go.

  ''philipp [[#answer-677759|said]]''
  <blockquote>
  there will be some fixes regarding this error code in firefox 36, but without access to the site in question it will be difficult to assess the problem and to know if those would apply in your case. therefore it would be best to report the issue to the it department of your company since they have more possibilities to investigate...
  </blockquote>
  This won't happen. Our IT department is not going to spend time and money instituting changes because a new FF update blocks their intranet certification. I'll just be told to use Chrome or IE, which is what I'll do next. Might check back when update 36 is out.

• RuntimePermission exception on RMI lookup on a signed Applet

  Hi everybody,
  Here is my problem : I want to call an ejb from my applet, using RMI.
  But, as it is an applet, I get a security exception when I make the naming lookup :
  java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.rmi.server)
  I have been wandering for two days in the Java Sun sites and forums to find out how to pass through this problem.
  Too many information is no information : I am not sure to have the correct answer; but here is what I have found :
  All I have to do is to make a self-signed Applet (for testing purpose, before having a real certificate), using keytool and jarsigner, and use it with Java Plugin. Doing that will give AllPermission to the signed code, if the user agrees through a Java Plugin dialog.
  (see http://java.sun.com/products/plugin/1.2/docs/nsobjsigning.html)
  But... that doesn't work (who said 'of course' ?) :
  I get the granting dialog, and even if I agree, I always get the same java.lang.RuntimePermission accessClassInPackage exception.
  The strange think is that I tried to write a file on the client machine for testing the permission, and that works fine with this same signed applet.
  I think that AllPermission implies FilePermission and also RuntimePermission, doesn't ?
  Is this behaviour related to my self-signed certificate ? (in this case, why can i write a file ?)
  What am I missing ?
  Any help will be welcome,
  many thanks
  bernard
  PS. : Of course, i don't want the user to modify its java policy or security configuration as it is often "mission impossible".

  Sorry, i forgot : i am using Java Plugin v 1.3.1_02
  B

• Signing applets for a period

  hi all..
  I have an applet in my web site and it needs to access some system resources.
  I have signed it and it's working properly. But by default, is it valid for six months only? how can I sign an applet with a certificate which will be valid for ever or till a specified time period?
  I used jarsigner tool. is there any parameter that I can specify with this for a specifying time period
  plz help me
  thanx and regards
  sand...

  sanpops wrote:
  hi all..
  I have an applet in my web site and it needs to access some system resources.
  I have signed it and it's working properly. But by default, is it valid for six months only? how can I sign an applet with a certificate which will be valid for ever or till a specified time period?
  I used jarsigner tool. is there any parameter that I can specify with this for a specifying time period
  plz help me
  thanx and regards
  sand...The fact that the certificate expired means it cannot be used for signing anymore. The applet will still run,
  if the user reads carefully the message and allows it to run. If you click more info in the security dialog,
  you will see that it says "the applet was signed with a valid certificate". I have to admit that I am not
  comfortable with this answer and I blame Sun for a wrong (or paranoid) implementation of this security
  dialog. Contrast it with the Microsoft dialog for ActiveX controls, which is correct, IMHO. There should be
  nothing scarry if the signatured used a valid certificate and it was done 10 years ago. The certificate
  confirms the identity of the applet creator and the fact that the applet was not tempered with since creation.
  If the creator was honorable in 1997 and now he is in jail it does not matter at all, since I am running an
  applet created when he was a good citizen.
  Another problem with this dialog is that I sell a product that contains signed applets. My one year Verisign certificate expires and the clients start asking questions that I can answer only in one of two ways:
  - Blame Sun as above
  - Redo an otherwise unnecessary build and send it to them, which does not make them very happy either,
  as nobody like to upgrade something that works just fine.

• Signing Applets with javakey

  Hi All,
  I have an Intranet application that uses a signed applet to access files on the client. It all works fine using JDK1.3 or 1.4 and signing the Applet with keytool.
  I now need to support an older server that only has JDK1.1 available. Does anyone have any tips on how to sign my Applet with javakey?
  Also what JRE version should be installed on the clients?
  Thanks in advance.
  P.S. I have followed the example at http://java.sun.com/security/usingJavakey.html but not got it to work.

  try this..
  http://forums.java.sun.com/thread.jsp?forum=63&thread=132769

• Signed applet accessing remote host getting AccessControlException

  I'm fairly new to java development, so hopefully this is an easy answer, but in my searching I haven't yet been able to figure out why this isn't working for me.
  I have a self-signed applet, running on a server in my intranet. I understood that using a signed applet would allow connecting to any host within the applet. In the applet, I'm using the following code to try to connect to a remote host, which is also in my intranet:
  import org.apache.commons.net.ftp.*;
  FTPClient ftp = new FTPClient();ftp.connect("[myhost]");
  //Where [myhost] is the name of the host I'm trying to connect to.This works fine when running from Eclipse Applet Viewer, but when I run from the website, I get the prompt to accept the signature and run. I click run. When the code above runs, I get the following exception:
  ava.security.AccessControlException: access denied (java.net.SocketPermission cmdsp.bsu.edu resolve)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkConnect(Unknown Source)
  at sun.plugin2.applet.Applet2SecurityManager.checkConnect(Unknown Source)
  at java.net.InetAddress.getAllByName0(Unknown Source)
  at java.net.InetAddress.getAllByName(Unknown Source)
  at java.net.InetAddress.getAllByName(Unknown Source)
  at java.net.InetAddress.getByName(Unknown Source)
  at java.net.InetSocketAddress.<init>(Unknown Source)
  at java.net.Socket.<init>(Unknown Source)
  at org.apache.commons.net.DefaultSocketFactory.createSocket(DefaultSocketFactory.java:53)
  at org.apache.commons.net.SocketClient.connect(SocketClient.java:162)
  at org.apache.commons.net.SocketClient.connect(SocketClient.java:250)
  at Deploy.DeployCard(Deploy.java:150)
  Any help would be GREATLY appreciated.
  Thanks!
  Daryl

  Bonjour,
  J'ai le problème que celui énoncé dans ce topic. Je réalise une applet ftp qui doit se connecter à un serveur ftp. J'utilise org.apache.commons.ftp.net et mon appli fonctionne sous eclipse mais pas intégré sur une page web.
  J'ai signé le jar commons-net-1.1.4.jar et le jar qui contient mon code et ça ne fonctionne pas.
  dois-je mettre toutes les classes de commons-net-1.1.4.jar dans mon fichier jar, je ne sais pas comment faire pour inclure commons-net-1.1.4.jar dans mon jar car lorsque je compile, je met le path dans eclipse mais je n'ai normalement pas besoin de mettre le commons-net-1.1.4.jar dans mon jar car les classes sont automatiquement importées.
  Merci de votre aide

• Problem Using BrowserLab on an Intranet site.

  I am trying to use BrowserLab to access an intranet site and I keep receiving the message that the URL is invalid.  Is it possible to use this tool in this manner?  I am not using Dreamweaver for development.

  fyi : BrowserLab 1.4 in current release form since June of  2010 can be used on Intranet site when invoked from Dreamweaver CS5
  one needs to set-up a DW site pointing to their intranet site (it should be fairly easy - if u are a Dreamweaver user)
  please make sure u have "Local/Intranet" option selected in preview dropdown in Adobe BrowserLab Panel
  u can also use live DW Live View to preview the page /state of your site (in case u are using a intranet CMS system or dynamic page asp, .php)...Wordpress, Drupal or Joomal
  u can initiate then the preview , it will ask u to grant permission
  once u grant permission , it should be able to preview intranet site & assets.
  this functionality is integrated via the DW CS5 Integration/CSLive with BrowserLab 1.4 online hosted service (so u can sign-in within DW and hop directly into your preview).
  the above steps enables one to preview sites on Intranet site
  please try these steps , please let us know if u have further queries w.r.t to above workflow or any further guidance.
  HTH,
  Amit.