Signed applet in Intranet site
Hi
I have an applet which i want to make a signed applet,
has anyone created an internal certificate and use it with the applet,
are there any disadvantages for doing so, rather then getting a certificate from verisign or some third party company.
is there any expiration date for my generated certificate.
Ashish
Hi
I have an applet which i want to make a signed
applet,
has anyone created an internal certificate and use it
with the applet,
are there any disadvantages for doing so, rather then
getting a certificate from verisign or some third
party company.
is there any expiration date for my generated
certificate.
Ashish
1. A public certificate is better for it usually
executes the applet/application without prompting the
user (who might chose "No" if asked, including by
mistake). So a public/third party certificate from a
well known source is better than the one you can
create using the jarsigner tool. If you have time and
money go and use a public certificate, otherwise
create your own.
2. It does have an expiration date, usually 6 months
or so.I am looking to do the same thing as Ashish. I've tested my signed applet, which I created using keytool/jarsigner. Now I would like to eliminate any security-related interaction on the part of my users. So my 2 questions are...
1) If I go the route of obtaining a certificate from a trusted authority, are you saying I can avoid the initial "Do you trust the publisher of this applet" popup?
2) What does happens when my certificate expires? Is there a difference with a public vs. non-public certificate?
Thanks,
-Bill
Similar Messages
-
IIS, Javascript, Signed Applet and ASP Blank Page Problem
Hi,
I'm having a problem using a Signed Applet in a site that runs in a IIS (Windows Server 2003).
My aspx web page uses the applet to read my smart card and get information from it.
This applet uses an auxiliar dll (stored in a second Signed Jar file) in order to read the information from my smart card.
The way the solution is design:
1) Aspx page is asked from server
2) Internet Explorer recieve the page and asks the server for it content (images, applet, javascripts, etc)
3) After this the JVM runs (console opens)
4) After the Aspx page render fully a javascript register onload fires and call an applet method
5) Applet receive the call and run the logic of the method:
- reads the smart card;
- calls Javascript function in order to fill aspx fields with information from smart card
- calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
5) The server makes some logic with the information receive and responds to client registering in aspx page a call to another Javascrit function
6) The client received the asnwer from server and runs the Javascript function registered on step 5)
This Javascript calls another method from applet and runs the following logic:
- reads more information from smart card;
- call javascript function in order to fill more fields of aspx page with the information readed
- calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
7) The server makes some logic and call another pages with no Applets
8) Client asks for a second page with the same applet and we start with another logic express on steps 1);2);3),4);5) and then 7).
This is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
When this happens the server just responds with a blank page.
- with fiddler I can seer the request for the aspx page (that uses the applet)
- but server responds with a blank html page
The JVM doesn't fire.
The IIS log don't show errors.
The eventviewer doesn't show errors.
The problem is solved with an IIS reset or a Application Pool reset.
After a while the problem returns.
This problem occours for other user in another machine, the server just stops responding correcly to request regarding pages with applets, the other pages still continue to work.
If we disable Java Control Panel->Advanced->Java Plug-in->Enable the next-generation Java Plug-in the problem seend to stop, but we can't force all clients to disable this option right?
Or there is a way to force the Applet to run with this option disabled?
As anyone experience similar problem?
Regards,
OFThis is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
When this happens the server just responds with a blank page.
- with fiddler I can seer the request for the aspx page (that uses the applet)
- but server responds with a blank html pageWell, if http requests look identical in case of success and failure (pay attention to cookies, etc) then it has to be something on the server side.
It could be that server gets into this wrong state because of previous requests made by applet but it is hard to tell.
I am not clear how old/new plugin can make a difference unless your applets run in the legacy mode (i.e. you are actually trying to reuse SAME instance of the applet when
it is loaded next time).
I'd start with
1) carefully comparing good/bad sessions
2) checking whether server will serve correct response to another client when it serves "bad" page for current client
3) add debug statements to aspx - it is scripted page, may be some condition is not met and then it returns blank?
4) record all http requests in one session until you get to "error" state and then use any http server testing tool to "replay" this set of requests.
You should be able to get server into the same state without use of applet. Then you can try to tweak set of requests to see what makes a difference. -
Issue with Internet facing site and Intranet sites
Hello All,
I have migrated the SP2013 environment using database attach method for our intranet site. We also working on the
SP2013 Internet facing site using the same content database as Internet site.
When I extended the web application for Internet facing site, zone to
Internet and these are the URLs: The Intranet website URL is
https://intranet.contoso.com/SitePages/home.aspx (Root Site) and
SP2013 Internet facing site http://contoso.com (not a root site and publishing site template)
However, I found on the http://contoso.com users can still access the
http://contoso.com/SitePages/home with same content as Intranet.
After done some Google search, bloggers mentioned to have move https://intranet.contoso.com/SitePages/home.aspx to another site collection so that Internet facing site can exist root site.
Can 2 we have to two root sites in same web application? I need the content database to be same so that managers can check
Internet facing site and after signing into SP2013, redirects to
Internet site.
Which is the best option to achieve this with same content database.
Please advice.
Regards,
Aroh
Aroh ShuklaBusiness Requirement:
Content Managers want to control internal Internet site (https://intranet.contoso.com) (with default zone, port 443, Root site) and also want to have SP2013 Internet site (with Internet zone
http://www.contoso.com (not a root site and publishing site template)), Anonymous access at Web Application level. I configured the site architecture
to have intranet zone as default zone and extended Web Application for Internet facing site with Anonymous site. This the current site architecture
Because content managers do not want to duplicate public site (Internet facing site) with will be shared with some lists that are stored in intranet site.
For e.g. a sub site named “News and Events” will be shared with Public site as well as Internet users. Therefore, if a manger wants to update a list in the public site, it should reflect in intranet site as well. Thus, managers
don’t want to have separate database but same content database.
Problem:
I have extended web application to have different Internet zone, the site URL looks this: http://www.contoso.com/sites/public with publishing template and Anonymous access. Managers want to have public site URL to be just
http://www.contoso.com and not http://www.contoso.com/SitePages/Home.aspx. As I am using path based site collection for extending site collection, I am
getting this URL http://www.contoso.com/SitePages/Home.aspx
We also tried host named site collection, but it does not provide anonymous access and keep on asking for user credentials.
Q1: We want to have Intranet and Public site with same content database as per business requirements, Shall I following link http://sharepoint.stackexchange.com/questions/81172/moving-content-db-for-a-site-collection-to-another-db-server?
Q2: Because I am constrained that I don’t want to have separate web application, (I know, its not regular requirement), how could achieve this requirements?
Q3: Do have to completely re-design web site architecture, with
www.contoso.com as main web application, then copy Intranet site collection and move this to
www.contoso.com/intranet using
Move-SPSite command
Any kind of pointer and help will be highly appreciated as I am struggling for 2 weeks to solve this.
Regards,
Aroh
Aroh Shukla -
Signed Applet not loading on Mac OS X if using HTTPS protocol
Hi All,
I need to open a trusted applet on Mac OS 10.2. The applet works fine if using HTTP protocol. But if the protocol used is HTTPS the the applet does not loads and "javax.net.ssl.SSLException - untrusted server cert chain" exception comes on the console.
The error comes for both - Verisign and javakey - signed applet.
On seaching for possible solution on the net, i came across following link: http://www.macosxhints.com/article.php?story=20020525101202503&query=Workaround+for+secure+Java+applet+problems
It says that this is Mac's known bug and gives the workaround as:
1. Access the problematic site with Internet Explorer on Windows. Click on the padlock item and export the certificate to a file.
2. Copy the certificate to your Mac.
3. Use the command
sudo keytool -import -trustcacerts -keystore /Library/Java/Home/lib/security/cacerts -file mycert.cer
to import the certificate file to your keystore (substitute mycert.cer with the name of the file containing the certificate). The keystore is password protected - the default password is "changeit".
4. Restart your browser
But the client cannot be asked to do all this to run the applet.
Is this problem being solved by Mac in their java implementation or is there any other possible solution?
Thanx in advance.
Regards,
CharuI am experiencing the same problem - I notice it does not happen on OS9.2 using IE but appears a problem on all browsers on OSX
Apple gave me the following reply.....
Re: Bug ID# 3268633: cannot load applet class under https connection
Hello Andrew,
Thank you for bringing this problem to our attention. We have received feedback
from engineering on your
reported issue.
Please know that to get Java to recognize the certificate you will need to do
one of two things, depending
on which VM you are using. Since you want it to work with Internet Explorer, we
will assume Java 1.3.1.
In Java 1.3.1 you'll need to add the certificate to
/Library/Java/Home/lib/security/cacerts using
/usr/bin/keytool to import the certificate into the certificate database.
In Java 1.4.1 you should be able to just add the certificate to the keychain
using certtool. For more
details on how to do this, please refer to the information found at
<http://java.sun.com/j2se/1.4.1/docs/tooldocs/solaris/keytool.html>. After
doing so, if you should require
further help from Apple in resolving this issue, we recommend that you request
assistance from Developer
Technical Support. This must be done by filing a Technical Support Incident.
So I am supposed to tell every Mac user to do the above am I?!!! -
Change language on the security warning popup when using signed applets
Hi
Today when we use a signed applet the user get a security warning popup box where the langauge is English.
Is it possible to change the language to other that English and if possible how can this be done ?
Thanks in Advance,
Henrik Rasmussen
DenmarkThe Microsoft one is especially annoying because they should know better than to submit from secure to insecure.
Let's say you are currently logged in to a Microsoft account and you click Sign in on MSDN. The site redirects to login.live.com, which recognizes that you are logged in, and generates a page with a hidden form and submits it back to MSDN using a script. This is where the problem is, because the hidden form action URL is not secure, yet it is on a secure page. (See Screen shots)
The workaround (hack, whatever) is to modify the form to a secure address before it is submitted. How can you do that? Since it is impractical to do by hand, you can use an add-on.
In an earlier thread, user thx1200 posted a link to a userscript that fixes this issue on login.live.com. The userscripts''.''org site has seemingly died, but there is a copy on a mirror of that site.
* Earlier thread (long): [https://support.mozilla.org/questions/964250 How do disable this Warning? Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection]
* You need Greasemonkey to run user scripts: https://addons.mozilla.org/firefox/addon/greasemonkey/
* User script install page: [http://userscripts-mirror.org/scripts/show/173384.html Fix security warning for Microsoft Live login] -
Signed applet does not grant AudioPermission "record"
From what I gather, if I have a trusted signed applet sitting on a webpage and
the visitor accepts (runs) the applet, then they should not need to have:
grant {
permission javax.sound.sampled.AudioPermission "record";
in their java policy file. Well I have done all this (with a certificate from
Thawte) and posted a thorough example at:
http://www.livesite.net/JavaSoundTest
At the bottom of that page there is a "Check permissions" link which will alert
true/false if we have record permission. Clicking any "Record" link will
attempt to open a TargetDataLine.
My experience (and problem) is: record permission must be granted even though
the applet is signed by a trusted CA.
I would very much appreciate any help.
Are you able to record/playback (without granting record permission in your
java policy files) with the JavaSoundTest applet webpage?
Is there something I am missing?
------ More information ------
Java Control Panel -> Advance -> Security
'allow user to grant permissions to signed content' is checked
Reproducable on:
MS NT4 w/ IE6
MS Windows 2000 w/ Firefox 1.5
MS Windows XP w/ Firefox 1.5
MS Windows XP w/ IE6
Fedora FC6 w/ Firefox 2.0
Also, this happens with a commented-out record permission in the user
.java.policy file, or when the policy file does not exist.
------ Source code: opening the target data line ------
Using the JavaSoundTest applet page without granted permission, clicking a
record link will yield this exception in the java console:
java.security.AccessControlException: access denied (javax.sound.sampled.AudioPermission record)
at java.security.AccessControlContext.checkPermission
at java.security.AccessController.checkPermission
at java.lang.SecurityManager.checkPermission
at com.sun.media.sound.JSSecurityManager.checkRecordPermission
at com.sun.media.sound.DirectAudioDevice$DirectDL.implOpen
at com.sun.media.sound.AbstractDataLine.open
at net.livesite.jsound.Recorder.run(Recorder.java:161)
while opening a TargetDataLine as:
23 private static TargetDataLine line;
157 line = (TargetDataLine) AudioSystem.getLine( lineInfo );
158
159 try
160 {
161 line.open( format, (int) format.getSampleRate() );
162 }
------ Source code: Using the security manager ------
The "Check permissions" link on the TestJavaSound applet page calls this method:
191 public boolean hasSoundRecPriv()
192 {
193 boolean ret = false;
194
195 try
196 {
197 SecurityManager sm = System.getSecurityManager();
198 if (sm != null)
199 {
200 sm.checkPermission(new AudioPermission("record"));
201 }
202 ret = true;
203 }
204 catch(SecurityException e)
205 {
206 ret = false;
207 }
208
209 return ret;
210 }
(This is a continued post from JAVASOUND-INTEREST at SUN.COM)Is there something I am missing?1) Applets are not well supported by Sun,
and are inherently problematic as a reult
of that.
2) My experience suggests that the diagnotics
applet is not reliable for detecting JMF.
3) I guess the JMF applet is doing checks of
policy files, despite the signed code.
You might circumvent most of these problems,
by using web-start to launch an application.
Here are some of my tests at launching
JMF using web-start.
http://www.javasaver.com/testjs/jmf/ -
How to resolve problems in policy file of signed Applet
Hi to All,
I want to connect the web site through my Signed Applet which is working as a Proxy server. but i m facing certain problems in my policy file:
this is my policy file :-
grant {
permission java.security.AllPermission "", "";
permission java.net.SocketPermission "http://www.google.com:4321", "connect, accept,resolve";
permission java.security.UnresolvedPermission;
n i got such type of exceptions n my Applet prompt applet not initialized.
Got connection Socket[addr=/192.168.1.232,port=1200,localport=4321]
Reading request...
URI is: http://www.google.com/
Host to contact is: www.google.com at port 80
Got request...
java.security.AccessControlException: access denied (java.net.SocketPermission www.google.com resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1031)
at java.net.InetAddress.getAllByName0(InetAddress.java:1117)
at java.net.InetAddress.getAllByName0(InetAddress.java:1098)
at java.net.InetAddress.getAllByName(InetAddress.java:1061)
at java.net.InetAddress.getByName(InetAddress.java:958)
at java.net.InetSocketAddress.<init>(InetSocketAddress.java:124)
at java.net.Socket.<init>(Socket.java:179)
at ProxyApplet.handle(ProxyApplet.java:75)
at ProxyApplet.<init>(ProxyApplet.java:132)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
at java.lang.Class.newInstance0(Class.java:350)
at java.lang.Class.newInstance(Class.java:303)
at sun.applet.AppletPanel.createApplet(AppletPanel.java:721)
at sun.applet.AppletPanel.runLoader(AppletPanel.java:650)
at sun.applet.AppletPanel.run(AppletPanel.java:324)
at java.lang.Thread.run(Thread.java:595)
here 4321 is Port no. which i've as a random port no.
plz Help
thnx in advance
with regards
pank_nainiPlease, if you can't help me, could you tell me who can I contact ?
-
Signed applet stopped working in 1.4.2_04
We have a signed applet that accesses the file system. After installing 1.4.2_04 it produces this exception
java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkExec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at edu.nebraska.foundation.applets.AccessApplet.openNewSession(AccessApplet.java:35)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
java.lang.Exception: java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
.This was working in 1.4.2 and 1.3.1_08. Anyone else have this problem?Sorry, copied and pasted the following, hope it helpes.
The following examples are for a win 2000 machine, for linux
you have to use alternative paths but I think the commands
are about the same.
The SUN jre doesn't care about IE settings, if an applet is signed it will ask the user "do you trust", if
the user chooses yes or always the applet can do pretty much anything.
Because anybody can sign an applet so it will pop up the do
you trust dialog I prevent this dialog from popping up by
adding the following to the
C:\Program Files\Java\j2re****\lib\security\java.policy
under grant { [/b]
[color red]
permission java.lang.RuntimePermission "usePolicy";
[color]
You now need to set up special permissions for sites that
need it, signed applets get no special treatment since you
specified in the java.policy that policy should allways be
used.
When your applet needs to do something it normally could
not do (applet security) [b]and it needs to do this
when a user clicks on a html button (applet method called
from javascript), than all the signing and policy settings
in the world wouldn't work Unless you grant all permission
to all code.
This is because the Java Plug-in executes methods with
applet sandbox security restrictions.
http://archives.java.sun.com/cgi-bin/wa?A2=ind0404&L=java-security&F=&S=&P=4012
To solve this you can start a new thread that checks ...
times a second if a variable meets certain conditions.
These conditions are changed with public methods called
from JavaScript. When a variable meets certain Conditions
this thread will start the method that will perform
normally restricted tasks.
Here is an example where the applet doesn't work
(the batchfile, html file are OK)
Note that running this code with Mozilla on my w2k machine
crashes Mozilla (not on my Fedora machine)
Batch file to sign the applet: (please note this will
delete some files)
del *.cer
del *.com
del *.jar
del *.class
javac -classpath ".;C:\Program Files\Java\j2re1.4.2_04\lib\plugin.jar" test.java
keytool -genkey -keystore harm.com -keyalg rsa -dname "CN=Harm Meijer, OU=Technology, O=org, L=Amsterdam, ST=, C=NL" -alias harm -validity 3600 -keypass pass -storepass pass
jar cf0 test.jar test.class
jarsigner -keystore harm.com -storepass pass -keypass pass -signedjar sTest.jar test.jar harm
del *.classThe html page:
<DIV id="dvObjectHolder"> </DIV>
<br><br>
<script>
if(window.navigator.appName.toLowerCase().indexOf("netscape")!=-1){ // set object for Netscape:
document.getElementById('dvObjectHolder').innerHTML = " <object ID='appletTest1' classid=\"java:test.class\"" +
"height=\"0\" width=\"0\" onError=\"changeObject();\"" +
">" +
"<param name=\"mayscript\" value=\"Y\">" +
"<param name=\"archive\" value=\"sTest.jar\">" +
"</object>";
}else if(window.navigator.appName.toLowerCase().indexOf('internet explorer')!=-1){ //set object for IE
document.getElementById('dvObjectHolder').innerHTML = "<object ID='appletTest1' classid=\"clsid:8AD9C840-044E-11D1-B3E9-00805F499D93\"" +
" height=\"0\" width=\"0\" >" +
" <param name=\"code\" value=\"test.class\" />" +
"<param name=\"archive\" value=\"sTest.jar\">" +
" </object>"
</script>
<LABEL id="lblOutputText">This text will be replaced by the applet</LABEL>
<BR>
<input value="Javascript to java" type=button onClick="document.appletTest1.fromJavaScript()"><br>The applet:
// new class for jsObject!!!! since 1.4.2 compile this:
// javac -classpath "C:\Program Files\Java\j2re1.4.2_01\lib\plugin.jar" test.java
// since jaws.jar does not exsist anymore
// to compile with jaws: javac -classpath "C:\j2sdk1.4.0_03\jre\lib\jaws.jar" test.java
import netscape.javascript.*;
public class test extends java.applet.Applet {
JSObject win;
JSObject outputLabel;
public void init() {
try{
win = JSObject.getWindow(this);
outputLabel = (JSObject) win.eval("document.getElementById('lblOutputText')");
outputLabel.setMember("innerHTML", "<center><h1>From Init<br>Your homedir " + System.getProperty("user.home") + "</h1></center>");
}catch(Exception e){
e.printStackTrace();
public void fromJavaScript(){
try{
outputLabel.setMember("innerHTML", "<center><h1>From javascript<br>Your homedir: "+ System.getProperty("user.home") + "</h1></center>");
}catch(Exception e){
e.printStackTrace();
}When you put the files in c:\temp, run the batch file to
compile and sign the applet and then open the html file you
will be asked if you trust ... you can say yes and from
init the applet can read user.home. Click on the button and
you will get the following stack trace:
java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at test.fromJavaScript(test.java:20)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)Conclusion: the applet can read user.home but not from
JavaScript.
Here is the applet that does work because a method called
from javaScript doesn't perform a restricted task.
// new class for jsObject!!!! since 1.4.2 compile this:
// javac -classpath "C:\Program Files\Java\j2re1.4.2_01\lib\plugin.jar" test.java
// since jaws.jar does not exsist anymore
// to compile with jaws: javac -classpath "C:\j2sdk1.4.0_03\jre\lib\jaws.jar" test.java
import netscape.javascript.*;
public class test extends java.applet.Applet {
JSObject win;
JSObject outputLabel;
boolean buttonFromJavaClicked = false;
checkJavaScriptEvent evt = new checkJavaScriptEvent();
public void init() {
try {
evt.start();
win = JSObject.getWindow(this);
outputLabel =
(JSObject) win.eval("document.getElementById('lblOutputText')");
outputLabel.setMember(
"innerHTML",
"<center><h1>From Init<br>Your homedir "
+ System.getProperty("user.home")
+ "</h1></center>");
} catch (Exception e) {
e.printStackTrace();
public void fromJavaScript() {
buttonFromJavaClicked = true;
private void fromJavaScript2() {
System.out.println("fromjavascript2 is started");
try {
String strLbl =
"<center><h1>From javascript<br>Your homedir: "
+ System.getProperty("user.home")
+ "</h1></center>";
outputLabel.setMember("innerHTML", strLbl);
} catch (Exception e) {
e.printStackTrace();
class checkJavaScriptEvent extends Thread {
public void run() {
while (true) {
if (test.this.buttonFromJavaClicked) {
System.out.println("OK buttonfromjava is true");
test.this.buttonFromJavaClicked = false;
test.this.fromJavaScript2();
try {
Thread.sleep(300);
} catch (Exception e) {
System.out.println("exception in sleep");
e.printStackTrace();
System.exit(1);
} -
Accessing Signed Applet Method From Javascript
Hi All,
In my intranet application i have to retrive the mac addres of the client using the applet. I have to capture the MAC Address and set it as a hidden value in the jsp page.
I have used the signed applet and able to retrive the mac address of the client using IE but I am not able to do the same on NN 7.1
Below is my javascript and the applet tag syntax, please help me if i am wrong anywhere
function mac()
var mval=document.myApplet.getWinMACAddress()
alert("addres" +mval)
document.loginform.js_value.value=mval
and the applet tag in my jsp page is
<applet code ="SignedAppletDemo.class" codebase="http://mysouthasia/AcadResource/jsp/" archive="SSignedApplet.jar" width=1 height=1 align=center name="myApplet" >
</applet>
Thanks in AdvanceSince getWinMACAddress( ) seems to work just fine for IE, is there an equivalent for NN7.1?
What happens if I run Opera instead, and on a Linux system? Or Safari on OS X? Obviously getWinMACAddress( ) isn't going to work for that.
I really don't understand why so many Asian programmers get "Find the MAC address of..." as a homework assignment. There are many reasons why it isn't really practical to do so, and for examples, just search this forum for MAC addresses. Lots and lots of examples and counter examples. -
Getting the certificate has an invalid signature error on one of my company's intranet sites.
Immediately after upgrading to FF35, I've lost the ability to access key parts of our intranet. I understand from other related forum questions that FF reps don't believe that typical users will encounter the problem of needing to access self-signed certificates over https. Here to tell you we do. The same issue keeps being posted on your forums regarding upgrades from FF31 onward (which at least allowed some user override). It looks like rather a lot of users have intranets that behave in the same way and would like to be able to use FF to access their own intranet sites. My company is highly unlikely to institute a massive security overhaul just to satisfy FF's sensitivities over the importance of this issue, especially when they have many other layers to protect themselves, so it's back to Chrome for me I guess.
Way to go.''philipp [[#answer-677759|said]]''
<blockquote>
there will be some fixes regarding this error code in firefox 36, but without access to the site in question it will be difficult to assess the problem and to know if those would apply in your case. therefore it would be best to report the issue to the it department of your company since they have more possibilities to investigate...
</blockquote>
This won't happen. Our IT department is not going to spend time and money instituting changes because a new FF update blocks their intranet certification. I'll just be told to use Chrome or IE, which is what I'll do next. Might check back when update 36 is out. -
RuntimePermission exception on RMI lookup on a signed Applet
Hi everybody,
Here is my problem : I want to call an ejb from my applet, using RMI.
But, as it is an applet, I get a security exception when I make the naming lookup :
java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.rmi.server)
I have been wandering for two days in the Java Sun sites and forums to find out how to pass through this problem.
Too many information is no information : I am not sure to have the correct answer; but here is what I have found :
All I have to do is to make a self-signed Applet (for testing purpose, before having a real certificate), using keytool and jarsigner, and use it with Java Plugin. Doing that will give AllPermission to the signed code, if the user agrees through a Java Plugin dialog.
(see http://java.sun.com/products/plugin/1.2/docs/nsobjsigning.html)
But... that doesn't work (who said 'of course' ?) :
I get the granting dialog, and even if I agree, I always get the same java.lang.RuntimePermission accessClassInPackage exception.
The strange think is that I tried to write a file on the client machine for testing the permission, and that works fine with this same signed applet.
I think that AllPermission implies FilePermission and also RuntimePermission, doesn't ?
Is this behaviour related to my self-signed certificate ? (in this case, why can i write a file ?)
What am I missing ?
Any help will be welcome,
many thanks
bernard
PS. : Of course, i don't want the user to modify its java policy or security configuration as it is often "mission impossible".Sorry, i forgot : i am using Java Plugin v 1.3.1_02
B -
hi all..
I have an applet in my web site and it needs to access some system resources.
I have signed it and it's working properly. But by default, is it valid for six months only? how can I sign an applet with a certificate which will be valid for ever or till a specified time period?
I used jarsigner tool. is there any parameter that I can specify with this for a specifying time period
plz help me
thanx and regards
sand...sanpops wrote:
hi all..
I have an applet in my web site and it needs to access some system resources.
I have signed it and it's working properly. But by default, is it valid for six months only? how can I sign an applet with a certificate which will be valid for ever or till a specified time period?
I used jarsigner tool. is there any parameter that I can specify with this for a specifying time period
plz help me
thanx and regards
sand...The fact that the certificate expired means it cannot be used for signing anymore. The applet will still run,
if the user reads carefully the message and allows it to run. If you click more info in the security dialog,
you will see that it says "the applet was signed with a valid certificate". I have to admit that I am not
comfortable with this answer and I blame Sun for a wrong (or paranoid) implementation of this security
dialog. Contrast it with the Microsoft dialog for ActiveX controls, which is correct, IMHO. There should be
nothing scarry if the signatured used a valid certificate and it was done 10 years ago. The certificate
confirms the identity of the applet creator and the fact that the applet was not tempered with since creation.
If the creator was honorable in 1997 and now he is in jail it does not matter at all, since I am running an
applet created when he was a good citizen.
Another problem with this dialog is that I sell a product that contains signed applets. My one year Verisign certificate expires and the clients start asking questions that I can answer only in one of two ways:
- Blame Sun as above
- Redo an otherwise unnecessary build and send it to them, which does not make them very happy either,
as nobody like to upgrade something that works just fine. -
Hi All,
I have an Intranet application that uses a signed applet to access files on the client. It all works fine using JDK1.3 or 1.4 and signing the Applet with keytool.
I now need to support an older server that only has JDK1.1 available. Does anyone have any tips on how to sign my Applet with javakey?
Also what JRE version should be installed on the clients?
Thanks in advance.
P.S. I have followed the example at http://java.sun.com/security/usingJavakey.html but not got it to work.try this..
http://forums.java.sun.com/thread.jsp?forum=63&thread=132769 -
Signed applet accessing remote host getting AccessControlException
I'm fairly new to java development, so hopefully this is an easy answer, but in my searching I haven't yet been able to figure out why this isn't working for me.
I have a self-signed applet, running on a server in my intranet. I understood that using a signed applet would allow connecting to any host within the applet. In the applet, I'm using the following code to try to connect to a remote host, which is also in my intranet:
import org.apache.commons.net.ftp.*;
FTPClient ftp = new FTPClient();ftp.connect("[myhost]");
//Where [myhost] is the name of the host I'm trying to connect to.This works fine when running from Eclipse Applet Viewer, but when I run from the website, I get the prompt to accept the signature and run. I click run. When the code above runs, I get the following exception:
ava.security.AccessControlException: access denied (java.net.SocketPermission cmdsp.bsu.edu resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at sun.plugin2.applet.Applet2SecurityManager.checkConnect(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getByName(Unknown Source)
at java.net.InetSocketAddress.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at org.apache.commons.net.DefaultSocketFactory.createSocket(DefaultSocketFactory.java:53)
at org.apache.commons.net.SocketClient.connect(SocketClient.java:162)
at org.apache.commons.net.SocketClient.connect(SocketClient.java:250)
at Deploy.DeployCard(Deploy.java:150)
Any help would be GREATLY appreciated.
Thanks!
DarylBonjour,
J'ai le problème que celui énoncé dans ce topic. Je réalise une applet ftp qui doit se connecter à un serveur ftp. J'utilise org.apache.commons.ftp.net et mon appli fonctionne sous eclipse mais pas intégré sur une page web.
J'ai signé le jar commons-net-1.1.4.jar et le jar qui contient mon code et ça ne fonctionne pas.
dois-je mettre toutes les classes de commons-net-1.1.4.jar dans mon fichier jar, je ne sais pas comment faire pour inclure commons-net-1.1.4.jar dans mon jar car lorsque je compile, je met le path dans eclipse mais je n'ai normalement pas besoin de mettre le commons-net-1.1.4.jar dans mon jar car les classes sont automatiquement importées.
Merci de votre aide -
Problem Using BrowserLab on an Intranet site.
I am trying to use BrowserLab to access an intranet site and I keep receiving the message that the URL is invalid. Is it possible to use this tool in this manner? I am not using Dreamweaver for development.
fyi : BrowserLab 1.4 in current release form since June of 2010 can be used on Intranet site when invoked from Dreamweaver CS5
one needs to set-up a DW site pointing to their intranet site (it should be fairly easy - if u are a Dreamweaver user)
please make sure u have "Local/Intranet" option selected in preview dropdown in Adobe BrowserLab Panel
u can also use live DW Live View to preview the page /state of your site (in case u are using a intranet CMS system or dynamic page asp, .php)...Wordpress, Drupal or Joomal
u can initiate then the preview , it will ask u to grant permission
once u grant permission , it should be able to preview intranet site & assets.
this functionality is integrated via the DW CS5 Integration/CSLive with BrowserLab 1.4 online hosted service (so u can sign-in within DW and hop directly into your preview).
the above steps enables one to preview sites on Intranet site
please try these steps , please let us know if u have further queries w.r.t to above workflow or any further guidance.
HTH,
Amit.
Maybe you are looking for
-
TCP socket I/O from the kernel
We've been working on extending our filesystem support from UDP to TCP, and have run into an apparent roadblock. We'd like to know whether Sun is aware of the problem that we're seeing, and if so, if there is something else we should be doing to avoi
-
Preview photo with Iphoto/anteprima foto con Iphoto
Hello all, after having saved the photo on the Mac via Iphoto the preview does not show the correct picture when opening the file. many thanks for any possible suggestions. alessandro Salve a tutti, dopo aver importato le foto nel Mac tramite Iphoto
-
How to make hidden files unhidden (normal) again?
Hi, I copied a hidden folder from my PC to my MBP. I know how to view it using Terminal however I dont want it to be a hidden folder anymore. Just a normal visible folder. Appreciate any help, cheers.
-
Using iPhoto to resize digital pictures to match video footage
I am trying to cange the photo format to 16:9 to match video footage and according to Learning center= "with an image in iPhoto go to Edit mode( that the button at the bottom) nad then choose Custom from the Crop popup menu in the bottom toolbar". Tr
-
Hi Can anyone tell me if the Maps App is available for Imac yet and if so how do i find it?