Signed applet on linux
Hi,
Just recently switched to linux OS -RedHat 8.0 and now having problem on how to create a signed applet on linux box, have no problem doing this on MS windows platform. Could you provide some hints or GOOD links on how to do all this on linux?
Thanks,
Rem
same as what U use for windows.............
details at
http://forums.java.sun.com/thread.jsp?forum=63&thread=132769
Similar Messages
-
Signed applet don't work on XP
Hi,
I'am currently working on a point-of-sale (POS) using windows XP/Firefox and a linux apache/jboss server.
I have developed a dynamic windows library in order to use an industrial printer connected to the POS to perform some printing without confirmation of the customer.
The POS is under Windows XP SP2 and use Firefox 2.0.0.11/JRE 1.5.0.14.
This dll is used by a signed applet located on the apache/jboss server.
The applet is correctly downloaded by the client, but normally i have to wait for the certicat authentification windows appearing and for confirming that i want execute the applet. And instead i have a java exception :
security: La v�rification du certificat � l'aide des certificats AC racine a �chou�
security: Aucune information d'horodatage disponible
java.lang.NullPointerException
at com.sun.deploy.ui.UIFactory.showSecurityDialog(Unknown Source)
at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin.security.PluginClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$100(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at sun.applet.AppletClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadCode(Unknown Source)
at sun.applet.AppletPanel.createApplet(Unknown Source)
at sun.plugin.AppletViewer.createApplet(Unknown Source)
at sun.applet.AppletPanel.runLoader(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
security: L'utilisateur a refus� les droits d'acc�s au code
basic: Taille de cache du chargeur de classes courant : 1
basic: Termin�...
basic: Jonction du thread d'applet...
basic: Destruction de l'applet...
basic: Elimination de l'applet...
basic: Sortie de l'applet...
java.lang.ExceptionInInitializerError
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at sun.applet.AppletPanel.createApplet(Unknown Source)
at sun.plugin.AppletViewer.createApplet(Unknown Source)
at sun.applet.AppletPanel.runLoader(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission loadLibrary.C:\Program Files\BICImpression\impression_api.dll)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkLink(Unknown Source)
at java.lang.Runtime.load0(Unknown Source)
at java.lang.System.load(Unknown Source)
at applets.impression.Impression.<clinit>(Impression.java:38)
... 11 moreand then the certicat authentification windows appears but it's too late, the applet won't never execute ...
the apache/jboss server is accessed via some gateway, firewal, ... tha t i can't control
the apache jboss/server on my own PC is accessed directly :
What is amazing, is that work fine with my own professionnal PC on W2000 SP4, with JRE1.5.0.14 and Firefox 2.0.0.11 :
when I look in the java console, the java freeze until i have answered this java security window (certicat authentification windows). And when i answered "run" no problem the applet makes her own job.
here is the code when it works :
security: La v�rification du certificat � l'aide des certificats AC racine a �chou�
security: Aucune information d'horodatage disponible
basic: Plugin modality.pushed
basic: Modalit� empil�e
basic: push javax.swing.JDialog[dialog0,379,296,519x323,layout=java.awt.BorderLayout,modal,title=Avertissement - S�curit�,defaultCloseOperation=HIDE_ON_CLOSE,rootPane=javax.swing.JRootPane[,3,22,513x298,layout=javax.swing.JRootPane$RootLayout,alignmentX=0.0,alignmentY=0.0,border=,flags=16777673,maximumSize=,minimumSize=,preferredSize=],rootPaneCheckingEnabled=true]
basic: Chargement arr�t�...
basic: Arr�t de l'applet...Conclusion
POS : Win XP SP2, JRE1.5.0.14 (i tried 1.5.0.6 and 1.6.3 the latest), Firefox 2.0.0.11 (I tried 2.0.0.0 and 3 beta2 don't work anyway)
my own server/client : W2000 SP4, JRE1.5.0.14, Firefox 2.0.0.11
Linux server : RHEL4
It works with IE on the POS with the linux sever but it's not the selected browser.
It works with IE on the POS with my own server.
It works with Firefox on the POS with my own server.
It works with IE on my own server with the linux sever but it's not the selected browser.
It works with IE on my own server with my own server.
It works with Firefox on my own server with the linux sever.
It works with Firefox on my own server with my own server.
If you have some idea to make it work i'm you're buyer !!
Thank a lot for reading this, and i apologize for my poor english ...
greetings,
Benoit
Edited by: bendur on Feb 29, 2008 3:49 AMOk I have found my problem :
On every web pages, we have defined some inactivity timeouts.
On my own server I have disabled these timeouts but not on the distant timeout.
And it seems that the timeout (defined in javascript ont he web pages : 3s) has a very bad influence on the launching of my applet ... only with firefox (with IE and Opera no problem)
My problem is anwsered but the problem keep alive for firefox ... -
Safari will not run a signed applet on mac os x 10.5.7 with new Java update
Hi Everyone,
I've got a problem that hopefully you guys can help me solve. I have an applet that runs on windows, mac and linux that is signed by a verisign certificate my work has. The certificate is valid and everything works just fine on windows and linux, but after I upgraded our macs with the newest java update for mac (which gave macs Java 1.6.13), the applets won't work. When the applet is loaded in Safari or Firefox, it asks if I want to trust the certificate. When I tell it to trust it, Safari comes back with a message saying that it will not trust the code and will treat it as unsigned code.
For a long time the applet was built and signed on windows, but now it can be built and signed on windows and mac. Building and signing on either platform gives the same results and the mac signed applet works just fine on windows.
Has anyone else run across this problem? Any help or advice will be appreciated.
Thanks,
RobbieBenGlancy wrote:
How did you tell it to fully trust it? I thought the dialog comes up asking the user whether to trust it.
I only ask because it's not practical to expect all users to dig around for settings to trust a particular certificate.They don't have to dig around. When a signed Applet is loaded, if the certificate chain contains a certificate not in the trust store then a dialogue box asks the user if he wants to run it anyway. This dialogue box also has check box to indicate the the user should always trust this certificate and checking this means the user will not be asked again. -
Signed applet working in Netscape 6 but not in IE 5.5
I have an applet that reads a file from a server and tries to write it to a client machine. To this i self signed the jar file containing the applet using the keytool and jarsigner. So now I had a self signed applet. I tried to run this in IE. It gave the same error message that i used to get when I tried to run it the applet as unsigned. What am I missing here? Is self signing not enough to run the applet in IE? The same applet works in Netscape 6 and successfully downloads the file to the local machine. Please help me. I have added the certificate to the IE security panel as trusted.
Netscape 6 has Java VM 1.3. if you use MSIE, you should try JavaPlugin.
If interested in an appli that helps in signing process, you may download XLRSecTool for
free at:
. Windows:
http://www.xlreader.com/download/stl10ea/InstData/Windows/NoVM/istl10ea.exe
. Unix and Linux:
http://www.xlreader.com/download/stl10ea/InstData/Unix/Others/istl10ea.bin
. Other Java-enabled OS
http://www.xlreader.com/download/stl10ea/InstData/Java/install.zip
Requires Java VM 1.3.1
Screenshot:
http://www.xlreader.com/images/sshot_s673x548.gif
-- Robert
=====
[email protected]
XL-Reader Project - Secured online documentation solutions
www.xlreader.com
===== -
Signed applet stopped working in 1.4.2_04
We have a signed applet that accesses the file system. After installing 1.4.2_04 it produces this exception
java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkExec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at edu.nebraska.foundation.applets.AccessApplet.openNewSession(AccessApplet.java:35)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
java.lang.Exception: java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
.This was working in 1.4.2 and 1.3.1_08. Anyone else have this problem?Sorry, copied and pasted the following, hope it helpes.
The following examples are for a win 2000 machine, for linux
you have to use alternative paths but I think the commands
are about the same.
The SUN jre doesn't care about IE settings, if an applet is signed it will ask the user "do you trust", if
the user chooses yes or always the applet can do pretty much anything.
Because anybody can sign an applet so it will pop up the do
you trust dialog I prevent this dialog from popping up by
adding the following to the
C:\Program Files\Java\j2re****\lib\security\java.policy
under grant { [/b]
[color red]
permission java.lang.RuntimePermission "usePolicy";
[color]
You now need to set up special permissions for sites that
need it, signed applets get no special treatment since you
specified in the java.policy that policy should allways be
used.
When your applet needs to do something it normally could
not do (applet security) [b]and it needs to do this
when a user clicks on a html button (applet method called
from javascript), than all the signing and policy settings
in the world wouldn't work Unless you grant all permission
to all code.
This is because the Java Plug-in executes methods with
applet sandbox security restrictions.
http://archives.java.sun.com/cgi-bin/wa?A2=ind0404&L=java-security&F=&S=&P=4012
To solve this you can start a new thread that checks ...
times a second if a variable meets certain conditions.
These conditions are changed with public methods called
from JavaScript. When a variable meets certain Conditions
this thread will start the method that will perform
normally restricted tasks.
Here is an example where the applet doesn't work
(the batchfile, html file are OK)
Note that running this code with Mozilla on my w2k machine
crashes Mozilla (not on my Fedora machine)
Batch file to sign the applet: (please note this will
delete some files)
del *.cer
del *.com
del *.jar
del *.class
javac -classpath ".;C:\Program Files\Java\j2re1.4.2_04\lib\plugin.jar" test.java
keytool -genkey -keystore harm.com -keyalg rsa -dname "CN=Harm Meijer, OU=Technology, O=org, L=Amsterdam, ST=, C=NL" -alias harm -validity 3600 -keypass pass -storepass pass
jar cf0 test.jar test.class
jarsigner -keystore harm.com -storepass pass -keypass pass -signedjar sTest.jar test.jar harm
del *.classThe html page:
<DIV id="dvObjectHolder"> </DIV>
<br><br>
<script>
if(window.navigator.appName.toLowerCase().indexOf("netscape")!=-1){ // set object for Netscape:
document.getElementById('dvObjectHolder').innerHTML = " <object ID='appletTest1' classid=\"java:test.class\"" +
"height=\"0\" width=\"0\" onError=\"changeObject();\"" +
">" +
"<param name=\"mayscript\" value=\"Y\">" +
"<param name=\"archive\" value=\"sTest.jar\">" +
"</object>";
}else if(window.navigator.appName.toLowerCase().indexOf('internet explorer')!=-1){ //set object for IE
document.getElementById('dvObjectHolder').innerHTML = "<object ID='appletTest1' classid=\"clsid:8AD9C840-044E-11D1-B3E9-00805F499D93\"" +
" height=\"0\" width=\"0\" >" +
" <param name=\"code\" value=\"test.class\" />" +
"<param name=\"archive\" value=\"sTest.jar\">" +
" </object>"
</script>
<LABEL id="lblOutputText">This text will be replaced by the applet</LABEL>
<BR>
<input value="Javascript to java" type=button onClick="document.appletTest1.fromJavaScript()"><br>The applet:
// new class for jsObject!!!! since 1.4.2 compile this:
// javac -classpath "C:\Program Files\Java\j2re1.4.2_01\lib\plugin.jar" test.java
// since jaws.jar does not exsist anymore
// to compile with jaws: javac -classpath "C:\j2sdk1.4.0_03\jre\lib\jaws.jar" test.java
import netscape.javascript.*;
public class test extends java.applet.Applet {
JSObject win;
JSObject outputLabel;
public void init() {
try{
win = JSObject.getWindow(this);
outputLabel = (JSObject) win.eval("document.getElementById('lblOutputText')");
outputLabel.setMember("innerHTML", "<center><h1>From Init<br>Your homedir " + System.getProperty("user.home") + "</h1></center>");
}catch(Exception e){
e.printStackTrace();
public void fromJavaScript(){
try{
outputLabel.setMember("innerHTML", "<center><h1>From javascript<br>Your homedir: "+ System.getProperty("user.home") + "</h1></center>");
}catch(Exception e){
e.printStackTrace();
}When you put the files in c:\temp, run the batch file to
compile and sign the applet and then open the html file you
will be asked if you trust ... you can say yes and from
init the applet can read user.home. Click on the button and
you will get the following stack trace:
java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at test.fromJavaScript(test.java:20)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
at sun.plugin.com.DispatchImpl$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.com.DispatchImpl.invoke(Unknown Source)Conclusion: the applet can read user.home but not from
JavaScript.
Here is the applet that does work because a method called
from javaScript doesn't perform a restricted task.
// new class for jsObject!!!! since 1.4.2 compile this:
// javac -classpath "C:\Program Files\Java\j2re1.4.2_01\lib\plugin.jar" test.java
// since jaws.jar does not exsist anymore
// to compile with jaws: javac -classpath "C:\j2sdk1.4.0_03\jre\lib\jaws.jar" test.java
import netscape.javascript.*;
public class test extends java.applet.Applet {
JSObject win;
JSObject outputLabel;
boolean buttonFromJavaClicked = false;
checkJavaScriptEvent evt = new checkJavaScriptEvent();
public void init() {
try {
evt.start();
win = JSObject.getWindow(this);
outputLabel =
(JSObject) win.eval("document.getElementById('lblOutputText')");
outputLabel.setMember(
"innerHTML",
"<center><h1>From Init<br>Your homedir "
+ System.getProperty("user.home")
+ "</h1></center>");
} catch (Exception e) {
e.printStackTrace();
public void fromJavaScript() {
buttonFromJavaClicked = true;
private void fromJavaScript2() {
System.out.println("fromjavascript2 is started");
try {
String strLbl =
"<center><h1>From javascript<br>Your homedir: "
+ System.getProperty("user.home")
+ "</h1></center>";
outputLabel.setMember("innerHTML", strLbl);
} catch (Exception e) {
e.printStackTrace();
class checkJavaScriptEvent extends Thread {
public void run() {
while (true) {
if (test.this.buttonFromJavaClicked) {
System.out.println("OK buttonfromjava is true");
test.this.buttonFromJavaClicked = false;
test.this.fromJavaScript2();
try {
Thread.sleep(300);
} catch (Exception e) {
System.out.println("exception in sleep");
e.printStackTrace();
System.exit(1);
} -
Accessing Signed Applet Method From Javascript
Hi All,
In my intranet application i have to retrive the mac addres of the client using the applet. I have to capture the MAC Address and set it as a hidden value in the jsp page.
I have used the signed applet and able to retrive the mac address of the client using IE but I am not able to do the same on NN 7.1
Below is my javascript and the applet tag syntax, please help me if i am wrong anywhere
function mac()
var mval=document.myApplet.getWinMACAddress()
alert("addres" +mval)
document.loginform.js_value.value=mval
and the applet tag in my jsp page is
<applet code ="SignedAppletDemo.class" codebase="http://mysouthasia/AcadResource/jsp/" archive="SSignedApplet.jar" width=1 height=1 align=center name="myApplet" >
</applet>
Thanks in AdvanceSince getWinMACAddress( ) seems to work just fine for IE, is there an equivalent for NN7.1?
What happens if I run Opera instead, and on a Linux system? Or Safari on OS X? Obviously getWinMACAddress( ) isn't going to work for that.
I really don't understand why so many Asian programmers get "Find the MAC address of..." as a homework assignment. There are many reasons why it isn't really practical to do so, and for examples, just search this forum for MAC addresses. Lots and lots of examples and counter examples. -
Signed.applets.codebase_principal_support is set true but I always get error
signed.applets.codebase_principal_support is set true but I always get error like Error: A script from «https://127.0.0.1:8080 <https://127.0.0.1:8080/> » was denied UniversalXPConnect privileges.
On linux it works well.
May be I need to change something else ?Possibly the consequence of this bug fix.
*[https://bugzilla.mozilla.org/show_bug.cgi?id=546848 bug 546848] - Remove support for enablePrivilege
<i>([https://bugzilla.mozilla.org/page.cgi?id=etiquette.html please do not comment in bug reports])</i> -
How to create signed applet and make it work with browser
i hav an applet that needs to write a file to onto local system resource. i came to know that the applet needs to be signed. so i searched some guides to create a signed applet but most of them specify how to use it with applet viewer and not on a browser. plz help me with how to sign an applet and and allow it to write a file from within a browser.
On linux, something like this:
keytool -genkey -alias signSocket -keystore socketstore -keypass abc123 -dname "cn=your name" -storepass abc123
jar cvf Socket.jar *.class
jarsigner -keystore socketstore -storepass abc123 -keypass abc123 -signedjar SSocket.jar Socket.jar signSocket
And in html:
CODE = "YourClass.class"
ARCHIVE = "SSocket.jar"
... -
What are the default permissions for "self-signed" applets?
Hello!
I have a self-signed applet (=signed with a self made certificate) and under most plugin-enviroments java asks the user if it accepts this certificate as trustworth.
On my linux-box I do not have any problems to write files to the local filesystem after I accepted this self-signed applet.
However I've often read that users must grant some permissions even for signed applets, so is there a list of permissions that are denied by default?
Are there differences between java releases starting with 1.2.2?
Thanks in advance, lg ClemensDefault settings are like you said, jre asks the user and everything will work.
Unless.your applet uses classes that are not signed like with calls from javascript to your applet the plugin.jar is used and you'll get an exception when writing to files.
When writing to files the OS might not allowe the user to write to a certain file or folder.
Don't know what type of exception will be thrown if the OS doesn't allowe it but it has
nothing to do with applet permissions.
To change the default setting you can add the following line in the grant { bit of the
java.policy
permission java.lang.RuntimePermission "usePolicy";
When this line is there all signatures will be ignored and an applet can only do extra
things (like access to local files) if a policy is set up for this applet.
To find out what's wrong at your clients site you should ask them to send a full trace
and check that. I hope you did a .printStacktrace() on the exception in your code so
you can see if any other classes are involved when the exception is thrown.
To turn the full trace on (windows) you can start the java console, to be found here:
C:\Program Files\Java\j2re1.4...\bin\jpicpl32.exe
In the advanced tab you can fill in something for runtime parameters fill in this:
-Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|security|ext|liveconnect
if you cannot start the java console check here:
C:\Documents and Settings\userName\Application Data\Sun\Java\Deployment\deployment.properties
I think for linux this is somewhere in youruserdir/java (hidden directory)
add or change the following line:
javaplugin.jre.params=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
for 1.5:
deployment.javapi.jre.1.5.0.args=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
The trace is here:
C:\Documents and Settings\your user\Application Data\Sun\Java\Deployment\log\plugin...log
I think for linux this is somewhere in youruserdir/java (hidden directory) -
IIS, Javascript, Signed Applet and ASP Blank Page Problem
Hi,
I'm having a problem using a Signed Applet in a site that runs in a IIS (Windows Server 2003).
My aspx web page uses the applet to read my smart card and get information from it.
This applet uses an auxiliar dll (stored in a second Signed Jar file) in order to read the information from my smart card.
The way the solution is design:
1) Aspx page is asked from server
2) Internet Explorer recieve the page and asks the server for it content (images, applet, javascripts, etc)
3) After this the JVM runs (console opens)
4) After the Aspx page render fully a javascript register onload fires and call an applet method
5) Applet receive the call and run the logic of the method:
- reads the smart card;
- calls Javascript function in order to fill aspx fields with information from smart card
- calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
5) The server makes some logic with the information receive and responds to client registering in aspx page a call to another Javascrit function
6) The client received the asnwer from server and runs the Javascript function registered on step 5)
This Javascript calls another method from applet and runs the following logic:
- reads more information from smart card;
- call javascript function in order to fill more fields of aspx page with the information readed
- calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
7) The server makes some logic and call another pages with no Applets
8) Client asks for a second page with the same applet and we start with another logic express on steps 1);2);3),4);5) and then 7).
This is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
When this happens the server just responds with a blank page.
- with fiddler I can seer the request for the aspx page (that uses the applet)
- but server responds with a blank html page
The JVM doesn't fire.
The IIS log don't show errors.
The eventviewer doesn't show errors.
The problem is solved with an IIS reset or a Application Pool reset.
After a while the problem returns.
This problem occours for other user in another machine, the server just stops responding correcly to request regarding pages with applets, the other pages still continue to work.
If we disable Java Control Panel->Advanced->Java Plug-in->Enable the next-generation Java Plug-in the problem seend to stop, but we can't force all clients to disable this option right?
Or there is a way to force the Applet to run with this option disabled?
As anyone experience similar problem?
Regards,
OFThis is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
When this happens the server just responds with a blank page.
- with fiddler I can seer the request for the aspx page (that uses the applet)
- but server responds with a blank html pageWell, if http requests look identical in case of success and failure (pay attention to cookies, etc) then it has to be something on the server side.
It could be that server gets into this wrong state because of previous requests made by applet but it is hard to tell.
I am not clear how old/new plugin can make a difference unless your applets run in the legacy mode (i.e. you are actually trying to reuse SAME instance of the applet when
it is loaded next time).
I'd start with
1) carefully comparing good/bad sessions
2) checking whether server will serve correct response to another client when it serves "bad" page for current client
3) add debug statements to aspx - it is scripted page, may be some condition is not met and then it returns blank?
4) record all http requests in one session until you get to "error" state and then use any http server testing tool to "replay" this set of requests.
You should be able to get server into the same state without use of applet. Then you can try to tweak set of requests to see what makes a difference. -
A sign Applet unable to load "oracle.jdbc.OracleDriver" class
hi,
i am chiranjit , i am now working in a web based ERP. where i am using a signed applet which unable to load "oracle.jdbc.OracleDriver" class but it easily loading "sun.jdbc.odbc.JdbcOdbcDriver", i am also giving my code:
import java.sql.*;
import java.math.*;
import java.io.*;
import java.awt.*;
class JdbcTest extends Applet{
public static void main (String args[]) throws SQLException {
// Load Oracle driver
DriverManager.registerDriver (new oracle.jdbc.OracleDriver());
// Connect to the local database
Connection conn =
DriverManager.getConnection
("jdbc:oracle:thin:@192.168.16.7:1521:kris",
"plsql", "oracle");
// Query the employee names
Statement stmt = conn.createStatement ();
ResultSet rset = stmt.executeQuery ("SELECT FIRST_NAME FROM
AUTHORS");
// Print the name out
while (rset.next ())
System.out.println (rset.getString (1));
// Close the result set, statement, and the connection
rset.close();
stmt.close();
conn.close();
}Hint: The sun.jdbc.odbc.JdbcOdbcDriver is available in any JRE distribution. The Oracle driver is not.
-
Prevent abuse of a signed applet?
Hi
I am creating an application using HTML, javascript, and a set of java classes.
Communication betwwen the javascript and java is done by an applet, signed with a real certificate.
I would like to prevent someone copying my signed jar, and abusing it.
The classes behind my applet will do (a.o.) local I/O.
The type of abuse I am worried about is e.g. java code from another jar calling public methods on classes in my signed jar, using them to read or write files, and thus abusing my certificate for doing something else than my applet/jar was meant to.
I am looking for advice on how to prevent such things from happening.
Thoughts that already crossed my mind, are:
- making sure only my applet (and as few as possible other classes) has a public constructor
- declaring as much classes as possible (at least the sensitive classes) as final
- avoid non-final public static variables that contain default names of files
If anyone has some more ideas, please post them! I'll be very gratefull!
If you know about a similar question (and answer) in this forum, please let me know, as I have not found it.harmmeijer,
thanks for the answer, and especially the idea of checking the call stack!
You scared the hell out of me however, by saying:
Your applet would not work at all in jre 1.4.2 signed or policy, when the method is called by javascriptand reading the thread you referenced!
Everything worked fine in jre 1.4.1_2 and earlier. It continued working in 1.4.2_01 in combination with Netscape (v 7.1)
But the combination MSIE (v6.0) with jre v1.4.2_01 did require a minor change:
From my signed applet, I called a .class.getResource(...).getURL()
It didn't work anymore, so I do it know in my applet's init() method, instead of in a stack started by javascript.
All my other I/O (and reflection) still works (thank all gods!), since I do it in a separate thread that I start in my applet's init() method. I hope it keeps working in jre 1.5 :-)
Any other input is very welcome! -
Signed Applet not loading on Mac OS X if using HTTPS protocol
Hi All,
I need to open a trusted applet on Mac OS 10.2. The applet works fine if using HTTP protocol. But if the protocol used is HTTPS the the applet does not loads and "javax.net.ssl.SSLException - untrusted server cert chain" exception comes on the console.
The error comes for both - Verisign and javakey - signed applet.
On seaching for possible solution on the net, i came across following link: http://www.macosxhints.com/article.php?story=20020525101202503&query=Workaround+for+secure+Java+applet+problems
It says that this is Mac's known bug and gives the workaround as:
1. Access the problematic site with Internet Explorer on Windows. Click on the padlock item and export the certificate to a file.
2. Copy the certificate to your Mac.
3. Use the command
sudo keytool -import -trustcacerts -keystore /Library/Java/Home/lib/security/cacerts -file mycert.cer
to import the certificate file to your keystore (substitute mycert.cer with the name of the file containing the certificate). The keystore is password protected - the default password is "changeit".
4. Restart your browser
But the client cannot be asked to do all this to run the applet.
Is this problem being solved by Mac in their java implementation or is there any other possible solution?
Thanx in advance.
Regards,
CharuI am experiencing the same problem - I notice it does not happen on OS9.2 using IE but appears a problem on all browsers on OSX
Apple gave me the following reply.....
Re: Bug ID# 3268633: cannot load applet class under https connection
Hello Andrew,
Thank you for bringing this problem to our attention. We have received feedback
from engineering on your
reported issue.
Please know that to get Java to recognize the certificate you will need to do
one of two things, depending
on which VM you are using. Since you want it to work with Internet Explorer, we
will assume Java 1.3.1.
In Java 1.3.1 you'll need to add the certificate to
/Library/Java/Home/lib/security/cacerts using
/usr/bin/keytool to import the certificate into the certificate database.
In Java 1.4.1 you should be able to just add the certificate to the keychain
using certtool. For more
details on how to do this, please refer to the information found at
<http://java.sun.com/j2se/1.4.1/docs/tooldocs/solaris/keytool.html>. After
doing so, if you should require
further help from Apple in resolving this issue, we recommend that you request
assistance from Developer
Technical Support. This must be done by filing a Technical Support Incident.
So I am supposed to tell every Mac user to do the above am I?!!! -
OS X 10.5.6, Safari 3.2.1 hangs when second applet loaded is signed applet
Dear Forum,
I've been investigating a customer's problem. She is trying to use our
VoIP applet, but it continuously freezes Safari when the Trust dialog shows.
A "Force Quit" is necessary.
I managed to reproduce the problem consistently on
- PowerMac7 OS X 10.5.6 (Build 9G55)
- Architecture: ppc
- Safari 3.2.1 (5525.27.1)
- JVM 1.5.0_16 from Apple
The problem is persistent when:
- the signed applet is loaded as second applet in the browser
- the signed applet is cached by the JVM
Our customer uses:
- Mac Book ProOS X 10.5.6
- Safari 3.2.1
- JVM 1.5.0_16 from Apple
This problem does not occur on:
- Mac OS X 10.4.11 (Mac Powerbook G4)
- Safari 3.2.1 (4525.27.1)
- JVM 1.5.0_16 from Apple
and not on:
- MacBook Air, OS X 10.5.6, 1.6 Ghz Intel core 2 duo
- Safari Version 3.2.1 (5525.27.1)
- JVM 1.5.0_16 from Apple
Steps to reproduce the problem:
Launch Safari.
In (first) page/tab go to
http://www.javatester.org/version.html
(this uses a non signed applet)
Open a second tab. Here go to:
http://ukapi.phonefromhere.com/talk/vtop2.xsql?key=01612884242
This is a signed applet that will ring our office over VoIP.
Click the "Trust" button (signed by PhoneFromHere).
As long as this applet isn't cached by the JVM this will work, so
the first time you will succeed.
Now Quit Safari (not "just" close all Safari windows, but a "real" quit) and repeat the exercise.
The second (and next) time this will fail (only if the signed applet is loaded as second, so the order is important)! This keeps failing until I go (back) to the Java Preference window (via Finder) and explicitly delete the cached files.
The URL will work when loaded first (cached or not).
Some diagnostics, that might help:
I configured the Java Preference window to "enable Logging, Tracing and Show applet livecycle exceptions".
When the applet fails to load (and Safari freezes/hangs), the last few records of the plugin150.log are:
<message>basic: Loading http://ukapi.phonefromhere.com/talk/lib/pfh.jar from cache
<message>basic: Reading cached JAR file from JRE 1.5 release
<message>basic: Certificates for http://ukapi.phonefromhere.com/talk/lib/pfh.jar is read from JAR cache
<message>security: Loading certificates from Deployment session certificate store
<message>security: Loaded certificates from Deployment session certificate store
<message>security: Checking if certificate is in Deployment session certificate store
(and then nothing)
whereas when it succeeds to load, as soon as I click the "Trust" button, it's say:
<message>security: User has granted the priviledges to the code for this session only
The Report is a bit too long to port, I'll include the same text above when sending it.
Model: PowerMac7,2, BootROM 5.1.3f0, 2 processors, PowerPC 970 (2.2), 1.8 GHz, 2 GB
To cut a long story short? Is this a know bug (I couldn't find anything, but you never know)? Does anyone have any ideas how to fix this?
Thanks, BirgitI have the same issue now after downgrading my Flash plugin. I downgraded from 10 to 9 latest because I like using Camino and for some reason Flash 10 doesn't play nice with Camino. But all of a sudden as I use Camino 2b2 for everyday and Safari 3.2 for banking and such, the browser hangs requiring a forced quit when I close it. I've re-installed the browser twice now with all the previous folders, and preferences erased and caches emptied. I even when to re-installing 10.5.6 and it still crashes, it's odd. Maybe 10.5.7 will address this.
-
File read access denied for signed applet
Hi:
I have a signed applet with a certificate generated with the keytool. Yet, I keep getting this error:
java.lang.Exception: java.security.AccessControlException:
access denied (java.io.FilePermission C:\WINDOWS\system32\aetpkss1.dll read)The error is produced when the method loadKeyStore(pin) below is called.
private KeyStore ks;
private Provider provider;
private static final String providerName = "PKCS11";
private static final String providerLibrary = "aetpkss1.dll";
public void loadKeyStore(String pin) throws IOException,
CertificateException, KeyStoreException, NoSuchAlgorithmException {
if (provider == null)
registerProvider(providerLibrary);
try {
ks = KeyStore.getInstance(providerName,provider);
} catch (Exception e) {
throw new KeyStoreException("Failed get keystore instance\n"
+ e.getMessage());
try {
ks.load(null, pin.toCharArray());
} catch (Exception e) {
throw new KeyStoreException("Failed load keystore\n"
+ e.getMessage());
public void registerProvider(String library)
throws FileNotFoundException, KeyStoreException {
String fileName;
if (new File(library).isAbsolute())
fileName = library;
else
fileName = getAbsolutePath(library);
if (!(new File(fileName).exists()))
throw new FileNotFoundException("No such file: " + fileName);
String config = "name = " + providerName + "\n"
+ "library = " + fileName;
ByteArrayInputStream confStream =
new ByteArrayInputStream(config.getBytes());
try {
provider = new sun.security.pkcs11.SunPKCS11(confStream);
Security.addProvider(provider);
} catch (Exception e) {
throw new KeyStoreException("Can initialize " +
"Sun PKCS#11 provider. Reason: " +
e.getCause().getMessage());
private String getAbsolutePath(String lib) throws FileNotFoundException {
String[] searchPath;
/* NOTE: This should be modified to suit different versions of *
* Windows and not just Windows XP */
if (System.getProperty("os.name").matches("^(?i)Windows.*")) {
searchPath = new String[] { "C:\\WINDOWS\\system32" ,
"C:\\java" };
} else {
searchPath = new String[] { "/usr/local/lib/" };
for (int i = 0; i < searchPath.length; i++) {
if ((new File(searchPath[i] + File.separator + lib).exists()))
return (searchPath[i] + File.separator + lib);
throw new FileNotFoundException("Library not in search path " + lib);
}The above code is called by a java script, the class' constructor is empty.
The error appears not to be caught by my code. I have tried to insert try/catch statements everywhere to figure out where this error is produced.
The code is write off of the applet for signing with a smart card by Svetlin Nakov - and his applet works!
I have also made a CLI application that uses the above code and it works perfectly.
So: Something is wrong either with my certificate, the signing method, signature verification or something completely different. Any hints?
The certificate I generated with
keytool -genkey -keystore mystore -alias me
keytool -seflcert -keystore mystore -alias meI have tired both with and without the selfcert step.
Thanks! ErikThe problem has been identified: Placing registerProvider() in the constructor the error no longer occurs, instead an error is produced when the key store is loaded.
It appears that the javascript code is not trusted and so, even though the applet is signed, access privileges are restricted to those of the java script.
A solution to this problem is not clear, but possibly, serving the pages from a trusted server, the java script will be trusted, some documentation seem to indicate.
Maybe you are looking for
-
What will be impacted if we change Acquisition value in closed year
hello, I want to change the Net value of asset to zero for tax depreciation area for the closed year. I will change this by transaction type posting for acquisition value and ordinary depreciation. My question is: The year in which I need to post is
-
Has anyone tried creating a plugin that you can type in a specific word, and if it comes up in the very top of the page (i think its refered to as the header) it closes the page or tab automatically? there is a program called POW! by AnalogX that doe
-
I can not select a layer or page and edit. I can see both layers and pages but cannot select and edit anything? I have tried to re-install sewel times and used ccleaner and intalled again.. still same problem.
-
Improving the LabVIEW Help: Working with Data Types
Have you ever had trouble figuring out how to work with the waveform data type, the dynamic data type, or some of the other more complex data types in LabVIEW? As a tech writer on the LabVIEW team, I'd like to improve our documentation about working
-
Challenging--- How to use AudioFormat , AudioInputStream in my case
I did a application extracting data in byte format from .wav file, storing them in byte array, and I also have to use those data to do signal processing ,such FFT, convolution,... and so on, In order to do so, i guess I have to convert byte data to d