Signed applet sometimes throws AccessControlException
Hello,
Apparently I'm not the only one on this forum who's getting AccessControlExceptions in an applet. The strange thing is that I'm not getting them all the time.
I have a signed applet that's requesting files from a server (http) in regular intervals (thread). When the server sends back a file, it's written to the local filesystem. There's also a logging mechanism that's write files to the filesystem. Normally this applet runs continuously for weeks, months, ...
This system has been working fine for years now, until a few months ago. Now I sometimes get an AccessControlException while reading a System.getProperty or while reading file from the filesystem. Usually the applet runs fine for day without access problems and then suddenly I get a AccessControlException: Access denied on an action that wasn't a problem the last 1000 times it performed.
My first thought was that it might be an update of the JVM that was causing it. So I tried downgrading to 1.5, even 1.4 and still got the same problem.
Does any one has an idea what's causing this? I'm pretty much stuck on this problem.
Thanks.
Andy
May be you have updated the .java files which are related to your applet and if u update the .java files, u need to recompile and need to re-sign the applets
or
When you are signing the applet you will tell, how many number of days I think that may be expired...
otherwise no need....
This may be one reason.... Once I faced
May be this will help u
Similar Messages
-
Should a signed applet ever throw a security exception?
hi,
I've had a few times when a signed applet seems to throw a security exception (at the moment am trying to figure out a SocketException being thrown).
I thought if the applet was signed, and when the browser asks if you want to grant it permissions you press Yes (which I do), then there should not be any security issues?
thanks,
asjfA signed applet has to assert which permissions it wants. The client JVM then asks the user if they will give those permissions to the signer. If the applet tries to do something for which it hasn't been granted permission a security exception is thrown.
-
Signed applet not working in firefox - java.security.AccessControlException
Hello,
I have a signed applet that works fine in IE 7 but in Firefox I'm getting this exception in the java console:
java.security.AccessControlException: access denied (java.net.SocketPermission myhost.com resolve)
I already tried to run the applet with different JRE versions in Firefox with the same result: 1.6.0_01, 1.6.0_02, 1.6.0_03, 1.6.0_05
I'll appreciate your help.thanx 4 replying
using the browser to view Applet is not recomended that is because if u change the the source-code and recompile the applet then run it using the broswer it will run the old-version
Also i've found the solution here
http://www.cs.utah.edu/classes/cs1021/notes/lecture03/eclipse_help.html -
Signed applet throws security exceptions
Since nobody seems to be reading the Signe Applet forum, I decided to try here:
Hi all
I have problems with signed applet (self-made cert), and after reading this forum I see this is more or less common.
The problem that I am having is, that I can not use doPrivilege() and similar tricks, because applet needs to be Java 1.1 compatible.
So, signing will have to work.
Applet is signed using 1.5.0_06 jarsigner. Jarsigner verifies it OK.
It works on JVM 1.5.0_06 but not on 1.4.2_08.
Please help me make if work under any JVM.
The error I get is:
Java(TM) Plug-in: Version 1.4.2_08
Using JRE version 1.4.2_08 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\miha
Proxy Configuration: Automatic Proxy Configuration
URL: http://orion.nil.si/proxy.pac
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
p: reload proxy configuration
q: hide console
r: reload policy configuration
s: dump system properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
java.security.AccessControlException: access denied (java.net.SocketPermission host.domain.dom resolve)
TelnetWrapper PROXY: java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:0 connect,resolve)
java.lang.NullPointerException
at net.propero.rdp.ISO.connect(ISO.java:123)
at net.propero.rdp.MCS.connect(MCS.java:84)
at net.propero.rdp.Secure.connect(Secure.java:153)
at net.propero.rdp.Secure.connect(Secure.java:171)
at net.propero.rdp.Rdp.connect(Rdp.java:498)
at net.propero.rdp.Rdesktop.main_nonstatic(Rdesktop.java:615)
at net.propero.rdp.applet.RdpThread.run(RdpApplet.java:222)
FATAL: java.lang.NullPointerException: nullWhat is funny, is that I have two applets, and one works and the other one doesn't. It is like this:
Applet A (signed) needs to connect to host1, fails and tries to connect through proxy using my proxy library (also signed - different JAR). Everything works.
Applet B (signed) needs to connect to host1, fails and tries to connect through proxy using the same proxy library. It gets a security exception.
All JARs are signed using the same key/certificate.
Both applets try to connect to the same "host1".
Both applets try to use the same proxy - which is different from "host1".
The one thing that might make a difference, is that in the working applet, everything is within one thread, and in the broken applet, the proxy object is in the main applet thread, and this applet may open many windows, that all utilize the same proxy object - only they can't.
When I tried to move the proxy object down to the child threads, I get the following exception:
Exception in thread "Thread-1952" java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.misc)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPackageAccess(Unknown Source)
at sun.applet.AppletSecurity.checkPackageAccess(Unknown Source)
at sun.applet.AppletClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at net.propero.rdp.Rdesktop.main_nonstatic(Rdesktop.java:567)
at net.propero.rdp.applet.RdpThread.run(RdpApplet.java:211)It seems that I can only create the proxy object in the Applet.init() method, to avoid this exception.
So to, summarize: I would prefer just one object for all threads that I will create, but then my applet behaves like it is not signed (at least under JVM 1.4.2_08). Java 1.5.0_06 doesn't have any problems with this.
Regards, Miha VitorovicThe one thing that might make a difference, is that in the working applet, everything is within one thread, and in the broken applet, the proxy object is in the main applet thread, and this applet may open many windows, that all utilize the same proxy object - only they can't.
When I tried to move the proxy object down to the child threads, I get the following exception:
Exception in thread "Thread-1952" java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.misc)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPackageAccess(Unknown Source)
at sun.applet.AppletSecurity.checkPackageAccess(Unknown Source)
at sun.applet.AppletClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at net.propero.rdp.Rdesktop.main_nonstatic(Rdesktop.java:567)
at net.propero.rdp.applet.RdpThread.run(RdpApplet.java:211)It seems that I can only create the proxy object in the Applet.init() method, to avoid this exception.
So to, summarize: I would prefer just one object for all threads that I will create, but then my applet behaves like it is not signed (at least under JVM 1.4.2_08). Java 1.5.0_06 doesn't have any problems with this.
Regards, Miha Vitorovic -
Signed Applet AccessControlException
I am seeing some behaviour that seems very weird. I have a signed applet that is trying to connect to a JMS topic. However when I create the topic connection [topicConnectionFactory.createTopicConnection()] I get:
java.lang.ExceptionInInitializerError caused by
AccessControlException: access denied (java.util.PropertyPermission... read)
This is unexpected because (1) the applet is signed, (2) I explicitly (and successfully) perform the following security checks before the createTopicConnection method call:
security.checkPermission(new AllPermission());
security.checkPropertiesAccess();
If anyone has any suggestions, they would be greatly appreciated. Thanks, -mike.
My full debug trace is:
[JMSApplet] DEBUG test permissions
[JMSApplet] DEBUG okay, all permissions
[JMSApplet] DEBUG okay, property permissions
java.lang.ExceptionInInitializerError
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at org.jboss.util.NestedThrowable$1.class$(NestedThrowable.java:101)
at org.jboss.util.NestedThrowable$Util.<clinit>(NestedThrowable.java:101)
at org.jboss.mq.SpyJMSException.<init>(SpyJMSException.java:67)
at org.jboss.mq.Connection.authenticate(Connection.java:883)
at org.jboss.mq.Connection.<init>(Connection.java:238)
at org.jboss.mq.Connection.<init>(Connection.java:315)
at org.jboss.mq.SpyConnection.<init>(SpyConnection.java:59)
at org.jboss.mq.SpyConnectionFactory.createTopicConnection(SpyConnectionFactory.java:78)
at com.octigabay.pce.web.applets.JMS2JSApplet.setupTopicConnection(JMS2JSApplet.java:278)
at com.octigabay.pce.web.applets.JMS2JSApplet.start(JMS2JSApplet.java:153)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission org.jboss.util.NestedThrowable.parentTraceEnabled read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at org.jboss.util.NestedThrowable$Util.getBoolean(NestedThrowable.java:123)
at org.jboss.util.NestedThrowable.<clinit>(NestedThrowable.java:39)
... 14 moreIt's an interesting way, and hope you haven't tried...
Create a subclass of SecurityManager
* MySecurityManager.java
* @author jMike
public class MySecurityManager extends SecurityManager {
/** Voids any Permission */
public void checkPermission(java.security.Permission permission) {
/** Voids any Permission */
public void checkPermission(java.security.Permission permission, Object obj) {
}Then in your applet add the following line within the constructor(s) or init method.
try{
new MySecurityManager();
} catch (AccessControException ace){
// User didn't allow the signed applet
JOptionPane.showMessageDialog(this,ace.getMessage(),"jMike :: Excepci�n",JOptionPane.ERROR_MESSAGE);
...The applet must be signed.
MySecurityManager allows any permission, however, you can control the ones you want.
Hope to be helpfull, make me know if not
...where Java has never gone before. -
Signed applet accessing remote host getting AccessControlException
I'm fairly new to java development, so hopefully this is an easy answer, but in my searching I haven't yet been able to figure out why this isn't working for me.
I have a self-signed applet, running on a server in my intranet. I understood that using a signed applet would allow connecting to any host within the applet. In the applet, I'm using the following code to try to connect to a remote host, which is also in my intranet:
import org.apache.commons.net.ftp.*;
FTPClient ftp = new FTPClient();ftp.connect("[myhost]");
//Where [myhost] is the name of the host I'm trying to connect to.This works fine when running from Eclipse Applet Viewer, but when I run from the website, I get the prompt to accept the signature and run. I click run. When the code above runs, I get the following exception:
ava.security.AccessControlException: access denied (java.net.SocketPermission cmdsp.bsu.edu resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at sun.plugin2.applet.Applet2SecurityManager.checkConnect(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getByName(Unknown Source)
at java.net.InetSocketAddress.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at org.apache.commons.net.DefaultSocketFactory.createSocket(DefaultSocketFactory.java:53)
at org.apache.commons.net.SocketClient.connect(SocketClient.java:162)
at org.apache.commons.net.SocketClient.connect(SocketClient.java:250)
at Deploy.DeployCard(Deploy.java:150)
Any help would be GREATLY appreciated.
Thanks!
DarylBonjour,
J'ai le problème que celui énoncé dans ce topic. Je réalise une applet ftp qui doit se connecter à un serveur ftp. J'utilise org.apache.commons.ftp.net et mon appli fonctionne sous eclipse mais pas intégré sur une page web.
J'ai signé le jar commons-net-1.1.4.jar et le jar qui contient mon code et ça ne fonctionne pas.
dois-je mettre toutes les classes de commons-net-1.1.4.jar dans mon fichier jar, je ne sais pas comment faire pour inclure commons-net-1.1.4.jar dans mon jar car lorsque je compile, je met le path dans eclipse mais je n'ai normalement pas besoin de mettre le commons-net-1.1.4.jar dans mon jar car les classes sont automatiquement importées.
Merci de votre aide -
AccessControlException - in signed applet
hi all,
I am using signed applet, i given all permission and all socket permission , still i am getting following error.
java.security.AccessControlException: access denied (java.net.SocketPermission 192.168.0.222:6060 connect,resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at java.net.DatagramSocket.send(Unknown Source)
at gov.nist.javax.sip.stack.UDPMessageChannel.sendMessage(UDPMessageChannel.java:727)
at gov.nist.javax.sip.stack.UDPMessageChannel.sendMessage(UDPMessageChannel.java:572)
at gov.nist.javax.sip.stack.SIPClientTransaction.sendMessage(SIPClientTransaction.java:355)
at gov.nist.javax.sip.stack.SIPClientTransaction.sendRequest(SIPClientTransaction.java:759)
at gov.nist.applet.phone.ua.MessengerManager.deRegister(MessengerManager.java:565)
at gov.nist.applet.phone.ua.MessengerManager.unRegisterAndReRegister(MessengerManager.java:523)
at gov.nist.applet.phone.ua.gui.NISTMessengerApplet.jMenuItemRegisterActionPerformed(NISTMessengerApplet.java:517)
at gov.nist.applet.phone.ua.gui.NISTMessengerApplet.access$7(NISTMessengerApplet.java:503)
at gov.nist.applet.phone.ua.gui.NISTMessengerApplet$5.actionPerformed(NISTMessengerApplet.java:424)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.AbstractButton.doClick(Unknown Source)
at javax.swing.plaf.basic.BasicMenuItemUI.doClick(Unknown Source)
at javax.swing.plaf.basic.BasicMenuItemUI$Handler.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
Exception in thread "AWT-EventQueue-2" java.security.AccessControlException: access denied (java.lang.RuntimePermission exitVM.0)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkExit(Unknown Source)
at java.lang.Runtime.exit(Unknown Source)
at java.lang.System.exit(Unknown Source)
at gov.nist.core.InternalErrorHandler.handleException(InternalErrorHandler.java:27)
at gov.nist.javax.sip.stack.UDPMessageChannel.sendMessage(UDPMessageChannel.java:733)
at gov.nist.javax.sip.stack.UDPMessageChannel.sendMessage(UDPMessageChannel.java:572)
at gov.nist.javax.sip.stack.SIPClientTransaction.sendMessage(SIPClientTransaction.java:355)
at gov.nist.javax.sip.stack.SIPClientTransaction.sendRequest(SIPClientTransaction.java:759)
at gov.nist.applet.phone.ua.MessengerManager.deRegister(MessengerManager.java:565)
at gov.nist.applet.phone.ua.MessengerManager.unRegisterAndReRegister(MessengerManager.java:523)
at gov.nist.applet.phone.ua.gui.NISTMessengerApplet.jMenuItemRegisterActionPerformed(NISTMessengerApplet.java:517)
at gov.nist.applet.phone.ua.gui.NISTMessengerApplet.access$7(NISTMessengerApplet.java:503)
at gov.nist.applet.phone.ua.gui.NISTMessengerApplet$5.actionPerformed(NISTMessengerApplet.java:424)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.AbstractButton.doClick(Unknown Source)
at javax.swing.plaf.basic.BasicMenuItemUI.doClick(Unknown Source)
at javax.swing.plaf.basic.BasicMenuItemUI$Handler.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)Do you trust java exception handling mechanism ??? If so, check all yours given permission one more time, try to find work examples how to do it.
Try to find the solution here: http://java.sun.com/developer/technicalArticles/Security/applets/index.html -
Java.security.AccessControlException: access denied; for a signed applet
Hi,
I have a signed applet which is used to read local files. When I call the applet method which is reading the file, from javascript I am getting "java.security.AccessControlException: access denied ". Where as if the method gets called during applet load, file is read without errors? How can I get over this problem?
If there is a way loading the applet based on a condition from Javascript, please let me know.
Thanks,[http://forums.sun.com/thread.jspa?forumID=421&threadID=5308353]
-
File read access denied for signed applet
Hi:
I have a signed applet with a certificate generated with the keytool. Yet, I keep getting this error:
java.lang.Exception: java.security.AccessControlException:
access denied (java.io.FilePermission C:\WINDOWS\system32\aetpkss1.dll read)The error is produced when the method loadKeyStore(pin) below is called.
private KeyStore ks;
private Provider provider;
private static final String providerName = "PKCS11";
private static final String providerLibrary = "aetpkss1.dll";
public void loadKeyStore(String pin) throws IOException,
CertificateException, KeyStoreException, NoSuchAlgorithmException {
if (provider == null)
registerProvider(providerLibrary);
try {
ks = KeyStore.getInstance(providerName,provider);
} catch (Exception e) {
throw new KeyStoreException("Failed get keystore instance\n"
+ e.getMessage());
try {
ks.load(null, pin.toCharArray());
} catch (Exception e) {
throw new KeyStoreException("Failed load keystore\n"
+ e.getMessage());
public void registerProvider(String library)
throws FileNotFoundException, KeyStoreException {
String fileName;
if (new File(library).isAbsolute())
fileName = library;
else
fileName = getAbsolutePath(library);
if (!(new File(fileName).exists()))
throw new FileNotFoundException("No such file: " + fileName);
String config = "name = " + providerName + "\n"
+ "library = " + fileName;
ByteArrayInputStream confStream =
new ByteArrayInputStream(config.getBytes());
try {
provider = new sun.security.pkcs11.SunPKCS11(confStream);
Security.addProvider(provider);
} catch (Exception e) {
throw new KeyStoreException("Can initialize " +
"Sun PKCS#11 provider. Reason: " +
e.getCause().getMessage());
private String getAbsolutePath(String lib) throws FileNotFoundException {
String[] searchPath;
/* NOTE: This should be modified to suit different versions of *
* Windows and not just Windows XP */
if (System.getProperty("os.name").matches("^(?i)Windows.*")) {
searchPath = new String[] { "C:\\WINDOWS\\system32" ,
"C:\\java" };
} else {
searchPath = new String[] { "/usr/local/lib/" };
for (int i = 0; i < searchPath.length; i++) {
if ((new File(searchPath[i] + File.separator + lib).exists()))
return (searchPath[i] + File.separator + lib);
throw new FileNotFoundException("Library not in search path " + lib);
}The above code is called by a java script, the class' constructor is empty.
The error appears not to be caught by my code. I have tried to insert try/catch statements everywhere to figure out where this error is produced.
The code is write off of the applet for signing with a smart card by Svetlin Nakov - and his applet works!
I have also made a CLI application that uses the above code and it works perfectly.
So: Something is wrong either with my certificate, the signing method, signature verification or something completely different. Any hints?
The certificate I generated with
keytool -genkey -keystore mystore -alias me
keytool -seflcert -keystore mystore -alias meI have tired both with and without the selfcert step.
Thanks! ErikThe problem has been identified: Placing registerProvider() in the constructor the error no longer occurs, instead an error is produced when the key store is loaded.
It appears that the javascript code is not trusted and so, even though the applet is signed, access privileges are restricted to those of the java script.
A solution to this problem is not clear, but possibly, serving the pages from a trusted server, the java script will be trusted, some documentation seem to indicate. -
Having trouble with my signed applet(if it's properly signed that is)
hi
I'm having trouble with my supposedly signed applet. I'm trying to execute a specific program in this case trilian from my browser. i'm using firefox
first my java code
package applet;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import java.io.*;
public class RunApplet extends JApplet {
JButton jButton = new JButton();
FlowLayout flowLayout1 = new FlowLayout();
public RunApplet() {
try {
init();
} catch (Exception ex) {
ex.printStackTrace();
private void init() throws Exception {
try {
this.getContentPane().setLayout(flowLayout1);
this.setSize(new Dimension(100, 200));
jButton.setText("Trillian");
jButton.addActionListener(new RunApplet_jButton_actionAdapter(this,
"\"C:\\Program Files\\Trillian\\trillian.exe\""));
this.getContentPane().add(jButton, null);
} catch (Exception e) {
e.printStackTrace();
class RunApplet_jButton_actionAdapter implements ActionListener {
private RunApplet adaptee;
private String programPath;
RunApplet_jButton_actionAdapter(RunApplet adaptee, String programPath) {
this.adaptee = adaptee;
this.programPath = programPath;
public void actionPerformed(ActionEvent e) {
try {
Runtime.getRuntime().exec(this.programPath);
} catch (IOException ex) {
}And my applet code
<html>
<body>
<!--"CONVERTED_APPLET"-->
<!-- HTML CONVERTER -->
<object
classid = "clsid:CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA"
codebase = "http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab#Version=5,0,50,5"
>
<PARAM NAME = CODE VALUE = "applet.RunApplet.class" >
<PARAM NAME = ARCHIVE VALUE = "myfile.jar" >
<param name = "type" value = "application/x-java-applet;jpi-version=1.5.0_05">
<param name = "scriptable" value = "false">
<comment>
<embed
type = "application/x-java-applet;jpi-version=1.5.0_05" \
CODE = "applet.RunApplet.class" \
ARCHIVE = "myfile.jar"
scriptable = false
pluginspage = "http://java.sun.com/products/plugin/index.html#download">
<noembed>
</noembed>
</embed>
</comment>
</object>
<!--
<applet CODE = "applet.RunApplet.class" ARCHIVE = "myfile.jar">
</applet>
-->
<!--"END_CONVERTED_APPLET"-->
</body>
</html>Creating my key:
keytool -genkey -alias sitekey -keystore "C:\Program Files\Java\jdk1.5.0_05\jre\lib\security\cacerts"Now the process of creating the jar file and signing it:
1. jar cf myfile.jar *.class
2. jarsigner -keystore "C:\Program Files\Java\
jdk1.5.0_05\jre\lib\security\cacerts" myfile.jar sitekeyNow this is the way i've been using then and the first time i get the "do you want to trust" screen but still i get a security exception.
Exception in thread "AWT-EventQueue-10" java.security.AccessControlException: access denied (java.io.FilePermission <<ALL FILES>> execute)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkExec(Unknown Source)
at java.lang.ProcessBuilder.start(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at java.lang.Runtime.exec(Unknown Source)
at applet.RunApplet_jButton_actionAdapter.actionPerformed(RunApplet.java:73)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)Is there anybody who have an idea what can be wrong?
regards
thallishok i solved i myself. i assigned a different and thereby correct keystore and now it works like it should
regards
thallish -
Signed applet don't work on XP
Hi,
I'am currently working on a point-of-sale (POS) using windows XP/Firefox and a linux apache/jboss server.
I have developed a dynamic windows library in order to use an industrial printer connected to the POS to perform some printing without confirmation of the customer.
The POS is under Windows XP SP2 and use Firefox 2.0.0.11/JRE 1.5.0.14.
This dll is used by a signed applet located on the apache/jboss server.
The applet is correctly downloaded by the client, but normally i have to wait for the certicat authentification windows appearing and for confirming that i want execute the applet. And instead i have a java exception :
security: La v�rification du certificat � l'aide des certificats AC racine a �chou�
security: Aucune information d'horodatage disponible
java.lang.NullPointerException
at com.sun.deploy.ui.UIFactory.showSecurityDialog(Unknown Source)
at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin.security.PluginClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$100(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at sun.applet.AppletClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadCode(Unknown Source)
at sun.applet.AppletPanel.createApplet(Unknown Source)
at sun.plugin.AppletViewer.createApplet(Unknown Source)
at sun.applet.AppletPanel.runLoader(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
security: L'utilisateur a refus� les droits d'acc�s au code
basic: Taille de cache du chargeur de classes courant : 1
basic: Termin�...
basic: Jonction du thread d'applet...
basic: Destruction de l'applet...
basic: Elimination de l'applet...
basic: Sortie de l'applet...
java.lang.ExceptionInInitializerError
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at sun.applet.AppletPanel.createApplet(Unknown Source)
at sun.plugin.AppletViewer.createApplet(Unknown Source)
at sun.applet.AppletPanel.runLoader(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission loadLibrary.C:\Program Files\BICImpression\impression_api.dll)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkLink(Unknown Source)
at java.lang.Runtime.load0(Unknown Source)
at java.lang.System.load(Unknown Source)
at applets.impression.Impression.<clinit>(Impression.java:38)
... 11 moreand then the certicat authentification windows appears but it's too late, the applet won't never execute ...
the apache/jboss server is accessed via some gateway, firewal, ... tha t i can't control
the apache jboss/server on my own PC is accessed directly :
What is amazing, is that work fine with my own professionnal PC on W2000 SP4, with JRE1.5.0.14 and Firefox 2.0.0.11 :
when I look in the java console, the java freeze until i have answered this java security window (certicat authentification windows). And when i answered "run" no problem the applet makes her own job.
here is the code when it works :
security: La v�rification du certificat � l'aide des certificats AC racine a �chou�
security: Aucune information d'horodatage disponible
basic: Plugin modality.pushed
basic: Modalit� empil�e
basic: push javax.swing.JDialog[dialog0,379,296,519x323,layout=java.awt.BorderLayout,modal,title=Avertissement - S�curit�,defaultCloseOperation=HIDE_ON_CLOSE,rootPane=javax.swing.JRootPane[,3,22,513x298,layout=javax.swing.JRootPane$RootLayout,alignmentX=0.0,alignmentY=0.0,border=,flags=16777673,maximumSize=,minimumSize=,preferredSize=],rootPaneCheckingEnabled=true]
basic: Chargement arr�t�...
basic: Arr�t de l'applet...Conclusion
POS : Win XP SP2, JRE1.5.0.14 (i tried 1.5.0.6 and 1.6.3 the latest), Firefox 2.0.0.11 (I tried 2.0.0.0 and 3 beta2 don't work anyway)
my own server/client : W2000 SP4, JRE1.5.0.14, Firefox 2.0.0.11
Linux server : RHEL4
It works with IE on the POS with the linux sever but it's not the selected browser.
It works with IE on the POS with my own server.
It works with Firefox on the POS with my own server.
It works with IE on my own server with the linux sever but it's not the selected browser.
It works with IE on my own server with my own server.
It works with Firefox on my own server with the linux sever.
It works with Firefox on my own server with my own server.
If you have some idea to make it work i'm you're buyer !!
Thank a lot for reading this, and i apologize for my poor english ...
greetings,
Benoit
Edited by: bendur on Feb 29, 2008 3:49 AMOk I have found my problem :
On every web pages, we have defined some inactivity timeouts.
On my own server I have disabled these timeouts but not on the distant timeout.
And it seems that the timeout (defined in javascript ont he web pages : 3s) has a very bad influence on the launching of my applet ... only with firefox (with IE and Opera no problem)
My problem is anwsered but the problem keep alive for firefox ... -
IIS, Javascript, Signed Applet and ASP Blank Page Problem
Hi,
I'm having a problem using a Signed Applet in a site that runs in a IIS (Windows Server 2003).
My aspx web page uses the applet to read my smart card and get information from it.
This applet uses an auxiliar dll (stored in a second Signed Jar file) in order to read the information from my smart card.
The way the solution is design:
1) Aspx page is asked from server
2) Internet Explorer recieve the page and asks the server for it content (images, applet, javascripts, etc)
3) After this the JVM runs (console opens)
4) After the Aspx page render fully a javascript register onload fires and call an applet method
5) Applet receive the call and run the logic of the method:
- reads the smart card;
- calls Javascript function in order to fill aspx fields with information from smart card
- calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
5) The server makes some logic with the information receive and responds to client registering in aspx page a call to another Javascrit function
6) The client received the asnwer from server and runs the Javascript function registered on step 5)
This Javascript calls another method from applet and runs the following logic:
- reads more information from smart card;
- call javascript function in order to fill more fields of aspx page with the information readed
- calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
7) The server makes some logic and call another pages with no Applets
8) Client asks for a second page with the same applet and we start with another logic express on steps 1);2);3),4);5) and then 7).
This is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
When this happens the server just responds with a blank page.
- with fiddler I can seer the request for the aspx page (that uses the applet)
- but server responds with a blank html page
The JVM doesn't fire.
The IIS log don't show errors.
The eventviewer doesn't show errors.
The problem is solved with an IIS reset or a Application Pool reset.
After a while the problem returns.
This problem occours for other user in another machine, the server just stops responding correcly to request regarding pages with applets, the other pages still continue to work.
If we disable Java Control Panel->Advanced->Java Plug-in->Enable the next-generation Java Plug-in the problem seend to stop, but we can't force all clients to disable this option right?
Or there is a way to force the Applet to run with this option disabled?
As anyone experience similar problem?
Regards,
OFThis is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
When this happens the server just responds with a blank page.
- with fiddler I can seer the request for the aspx page (that uses the applet)
- but server responds with a blank html pageWell, if http requests look identical in case of success and failure (pay attention to cookies, etc) then it has to be something on the server side.
It could be that server gets into this wrong state because of previous requests made by applet but it is hard to tell.
I am not clear how old/new plugin can make a difference unless your applets run in the legacy mode (i.e. you are actually trying to reuse SAME instance of the applet when
it is loaded next time).
I'd start with
1) carefully comparing good/bad sessions
2) checking whether server will serve correct response to another client when it serves "bad" page for current client
3) add debug statements to aspx - it is scripted page, may be some condition is not met and then it returns blank?
4) record all http requests in one session until you get to "error" state and then use any http server testing tool to "replay" this set of requests.
You should be able to get server into the same state without use of applet. Then you can try to tweak set of requests to see what makes a difference. -
A sign Applet unable to load "oracle.jdbc.OracleDriver" class
hi,
i am chiranjit , i am now working in a web based ERP. where i am using a signed applet which unable to load "oracle.jdbc.OracleDriver" class but it easily loading "sun.jdbc.odbc.JdbcOdbcDriver", i am also giving my code:
import java.sql.*;
import java.math.*;
import java.io.*;
import java.awt.*;
class JdbcTest extends Applet{
public static void main (String args[]) throws SQLException {
// Load Oracle driver
DriverManager.registerDriver (new oracle.jdbc.OracleDriver());
// Connect to the local database
Connection conn =
DriverManager.getConnection
("jdbc:oracle:thin:@192.168.16.7:1521:kris",
"plsql", "oracle");
// Query the employee names
Statement stmt = conn.createStatement ();
ResultSet rset = stmt.executeQuery ("SELECT FIRST_NAME FROM
AUTHORS");
// Print the name out
while (rset.next ())
System.out.println (rset.getString (1));
// Close the result set, statement, and the connection
rset.close();
stmt.close();
conn.close();
}Hint: The sun.jdbc.odbc.JdbcOdbcDriver is available in any JRE distribution. The Oracle driver is not.
-
Classloader caching in signed applet is very slow and weird
I have a signed applet running in the 1.4.1_01 plugin environment, and
I'm getting the following kinds of messages when I use debug mode 5 in the console:
Connecting http:[myserver]/someclass.class with no proxy
Connecting http:[myserver]/someclass.class with cookie "JSESSIONID=..."
Sometimes, the classloader will say:
WARNING: Unable to cache someclass.class
Moreover, some classes will be repeated two or three times, as if the classloader is trying to get the same class two or three times.
Some of these classes are even in the java.lang package!!
The thing is, I'm actually trying to get the applet to use webservices, so I've signed the Apache Axis jar files (about 8 or so) and included them in the "cache_archive" parameter. The classes giving problems are from these archives, not from my main applet jar.
The applet will eventually work, but the first time takes a LONG time to initialize because the classloader is trying to verify all the classes (i think). Subsequent runnings of the applet within the same browser will be much faster, but the same thing will happen if I start a new browser instance.
My questions are:
1) Why is the classloader trying to load from my http server rather than from the local jars? (they seem to be statically cached, I checked the plugin control panel)
2) Why is the classloader reloading the same classes multiple times?
3) Is the classloader verifying the signatures for each class, because it's taking a long time due to very many classes (100's).
I can't seem to find ANY documentation for this at Sun or Google.
Please help if you can!
AndrewI've got the same problem with applet using SOAP based on jwsdp.
But classloader only try to get classes from server that are used in SOAP calls.
The only workaround I found is to move this classes to root package, but still there are problems with
Connecting http://<host>/int.class with no proxy
Connecting http://<host>/int.class with no proxy
WARNING: Unable to cache http://<host>/int.class
requests.
Maybe this is a bug of Sun SOAP implementation? -
Signed applet does not grant AudioPermission "record"
From what I gather, if I have a trusted signed applet sitting on a webpage and
the visitor accepts (runs) the applet, then they should not need to have:
grant {
permission javax.sound.sampled.AudioPermission "record";
in their java policy file. Well I have done all this (with a certificate from
Thawte) and posted a thorough example at:
http://www.livesite.net/JavaSoundTest
At the bottom of that page there is a "Check permissions" link which will alert
true/false if we have record permission. Clicking any "Record" link will
attempt to open a TargetDataLine.
My experience (and problem) is: record permission must be granted even though
the applet is signed by a trusted CA.
I would very much appreciate any help.
Are you able to record/playback (without granting record permission in your
java policy files) with the JavaSoundTest applet webpage?
Is there something I am missing?
------ More information ------
Java Control Panel -> Advance -> Security
'allow user to grant permissions to signed content' is checked
Reproducable on:
MS NT4 w/ IE6
MS Windows 2000 w/ Firefox 1.5
MS Windows XP w/ Firefox 1.5
MS Windows XP w/ IE6
Fedora FC6 w/ Firefox 2.0
Also, this happens with a commented-out record permission in the user
.java.policy file, or when the policy file does not exist.
------ Source code: opening the target data line ------
Using the JavaSoundTest applet page without granted permission, clicking a
record link will yield this exception in the java console:
java.security.AccessControlException: access denied (javax.sound.sampled.AudioPermission record)
at java.security.AccessControlContext.checkPermission
at java.security.AccessController.checkPermission
at java.lang.SecurityManager.checkPermission
at com.sun.media.sound.JSSecurityManager.checkRecordPermission
at com.sun.media.sound.DirectAudioDevice$DirectDL.implOpen
at com.sun.media.sound.AbstractDataLine.open
at net.livesite.jsound.Recorder.run(Recorder.java:161)
while opening a TargetDataLine as:
23 private static TargetDataLine line;
157 line = (TargetDataLine) AudioSystem.getLine( lineInfo );
158
159 try
160 {
161 line.open( format, (int) format.getSampleRate() );
162 }
------ Source code: Using the security manager ------
The "Check permissions" link on the TestJavaSound applet page calls this method:
191 public boolean hasSoundRecPriv()
192 {
193 boolean ret = false;
194
195 try
196 {
197 SecurityManager sm = System.getSecurityManager();
198 if (sm != null)
199 {
200 sm.checkPermission(new AudioPermission("record"));
201 }
202 ret = true;
203 }
204 catch(SecurityException e)
205 {
206 ret = false;
207 }
208
209 return ret;
210 }
(This is a continued post from JAVASOUND-INTEREST at SUN.COM)Is there something I am missing?1) Applets are not well supported by Sun,
and are inherently problematic as a reult
of that.
2) My experience suggests that the diagnotics
applet is not reliable for detecting JMF.
3) I guess the JMF applet is doing checks of
policy files, despite the signed code.
You might circumvent most of these problems,
by using web-start to launch an application.
Here are some of my tests at launching
JMF using web-start.
http://www.javasaver.com/testjs/jmf/
Maybe you are looking for
-
QUESTION. Hallo , my question is ;whenever I delete a photo and restore it through Time machine and Western digital external hard drive , I am able to restore the photo but not the titles and descriptions . Western Digital inform me that it isn't the
-
What is maximum length .mov file that can be used in iDVD?
Hello Appleheads I created an HD .mov file in iMovie which I had added as a movie in iDVD - I find this works best for me, as exporting directly to iDVD from iMovie always results in stuttering when played back on a regular DVD player. The .mov file
-
Are there any guidelines on how to customize R/3 reports into BW
Hi Everyone, I have quite a number of R/3 reports that is required to be converted into a BW report but I do not know what I am supposed to do. Are there any guidelines on how to determine if a R/3 report should be created in BW? If it should be done
-
Deleting original sound of footage and replace with new sound tract.
I took footages of dance sequences and I want to completely eliminate the original sounds and replace it with a song that plays from beginning to end of the movie I'm creating. The ducking slider won't slide back to zero thus when I play the movie, I
-
EXC_BAD_ACCESS (0x0001) Photoshop does not launch anymore
Photoshop CS was working fine up to yesterday. Now I get this message when I try to launch it: EXCBADACCESS (0x0001) KERNPROTECTIONFAILURE (0x0002) at 0x00000000 can anyone explain it to me and help me? many thanks Thomas