URLConnection and applet security

Similar Messages

• Net addresses and Applets?

  Is it at all possible to query whether a certain web site is availble via an applet. I have been trying numerous ways (URL, URLConnection, HttpURLConnection, and even INETAddress) but always seem to get security errors.
  I do understand that applets have very (and understandable) security restrictions, but all I need is in effect a "ping" applet, to acknowledge whether or not a web site (IP Address) is available or not...
  Does anyone have any advise, it would be greatly appreciated!
  James.

  James
  I suspect that the security sandbox will stop any attempt by an unsigned applet to communicate with web servers other than the one your applet is hosted from.
  Your options depend on which version of Java your are using (and which browser you want to support).
  Using Java 2, you can either
  1) Sign the applet using an RSA certificate from a commercial provider - this will allow anyone with the plug-in to run your applet easily.
  2) Change your policy file settings - this is too fiddly for "off the street" users, but will allow you to test your applet. If you search the forum for "policytool" you will find instructions.
  Using Java 1.x you can sign the applet in various ways, or use the Netscape Capabilities API (not sure about the name) to work around the security settings with Netscape users.
  That probably isn't what you wanted to hear, but hope it is helpful
  Regards
  Matthew

• Apparent gap in java applet security on client machine

  I know about signing applets, and both the new and original security models for applets. For my purposes, the original security model for applets is just about perfect. My applets do not need access to the client machine hardware, nor do they need to access any machine other than that which provides them to the client (at least at present).
  What I have been told is that it is not possible for a server of any kind (DB, servlets, &c.) to authenticate an applet. The claim was made that all the security was designed for client security and that a developer's only option is to trust the client machine.
  I can exchange information among my servers over SSL, and secure communications between by servers and applet clients. However, what is there to prevent a bad guy from breaking into a client machine and then capturing and modifying the applet I am relying on to protect the client's sensitive data? Signing the applet tells the user that the applet has not been modified from what I have produced, and so the user should feel confident enough to run it. But what if the applet and related web page is cached, and someone who has, legitimately or not, access to the machine and tries to use the cached copy for inappropriate purposes?
  If my servers can not verify that the applet code accessing them is mine, rather than a variant created to mimic my applet, then that certainly creates a risk for my code, but doesn't it also create a security risk for the client? After all, it is the client's sensitive data I am trying to protect, and I can envision a situation in which a bogus applet mascerades as mine and sends that sensitive data to a bad guy's machine; all this while giving the user the illusion that his data is safe.
  The gap here is either in my understanding of this technology or a gap in java security, so I'll put the question another way also. Is it possible for a server (e.g. an application server such as Tomcat or Sun's application server) to verify that the applet code used to try to connect with them is in fact the applet code that was signed on and served from the same machine and not malicious code masceraing as my code? If so, how does that work, and how does the programmer do it?
  Thanks,
  Ted

  the jar file reqiured is jmf.jar this jar file will there in
  jmf_home/lib
  for example in my mechine
  C:\Program Files\JMF2.1.1e\lib this jar file contain all the file reqired to run the application
  i think you may need some of the dll files also to run see
  if reqiured the then it may throw exception
  java.lang.UnsatisfiedLinkError then put respective dll file to workiing folder or the system32 folder

• Self Signing and Applets

  I have spent hours reading over the Signed Applets forum and Sun applet security training pages. There seems to be so much confusion in this area that the use and proliferation of Java Applets must be suffering.
  As the usual underfunded developer, I am not able to buy a certificate before proving the concept. Therefore, I am relegated to using self signed applets to demonstrate the use of signed applets and the power they have. This would also be the case for students of Java applets, of which I am also one.
  I have tried the sample applets in the Sun security training. They in fact write the file to my system, but they also display a security error as well.
  The Sun training indicates that I should be using a policy file with the security and that when my applet is run by another user, that user must also manually update their policy file, using keytool, before running the applet. If this is true, I see no use for Java Applets that work outside of the sandbox confines. There must be a better way to use applets that require security.
  I have also read Irene's 10 steps and numerous comments about them. They seem to work fine until I get to step 10. If I am using a self signed applet, why should the user of the applet have to click on a HREF to load the certificate into the keystore? Why shouldn't the user be prompted to trust the self signed certificate, just like a certificate obtained from a CA?
  I have tried to develop a batch file (Windows NT 4.0) to illustrate the signing process, but I have been unsuccessful. I have listed the output from it below followed by the batch file itself. Would someone please indicate what would make this batch file work? If possible, I would like it to work for both IE 5.5 and Netscape 4.06; especially ie 5.5.
  My environment consists of:
  NT 4.0 (SP6)
  IE 5.5 (SP1)
  JRUN 3.1
  JRE 1.3.1_01
  JDK 1.3.1_01
  javac writeFile.java
  keytool -delete -alias writefile
  Enter keystore password: password
  keytool -genkey -alias writefile
  Enter keystore password: password
  What is your first and last name?
  [Unknown]: Robert Klawuhn
  What is the name of your organizational unit?
  [Unknown]: mygroup
  What is the name of your organization?
  [Unknown]: mycompany
  What is the name of your City or Locality?
  [Unknown]: mycity
  What is the name of your State or Province?
  [Unknown]: mystate
  What is the two-letter country code for this unit?
  [Unknown]: US
  Is <CN=Robert Klawuhn, OU=mygroup, O=mycompany, L=mycity, ST=mystate, C=US> correct?
  [no]: yes
  Enter key password for <writefile>
  (RETURN if same as keystore password): password
  keytool -selfcert -alias writefile
  Enter keystore password: password
  keytool -list -alias writefile
  Enter keystore password: password
  writefile, Wed Dec 19 10:41:35 PST 2001, keyEntry,
  Certificate fingerprint (MD5): 90:4D:63:0E:9E:56:CF:7F:93:2B:92:EE:AA:2B:87:E3
  jar cvf writefile.jar writeFile.class
  added manifest
  adding: writeFile.class(in = 1678) (out= 940)(deflated 43%)
  jar tvf writefile.jar
  0 Wed Dec 19 10:41:58 PST 2001 META-INF/
  71 Wed Dec 19 10:41:58 PST 2001 META-INF/MANIFEST.MF
  1678 Wed Dec 19 10:40:46 PST 2001 writeFile.class
  jarsigner writefile.jar writefile
  Enter Passphrase for keystore: password
  jarsigner -verify -verbose -certs writefile.jar
  139 Wed Dec 19 10:42:02 PST 2001 META-INF/MANIFEST.MF
  192 Wed Dec 19 10:42:08 PST 2001 META-INF/WRITEFIL.SF
  1098 Wed Dec 19 10:42:08 PST 2001 META-INF/WRITEFIL.DSA
  0 Wed Dec 19 10:41:58 PST 2001 META-INF/
  smk 1678 Wed Dec 19 10:40:46 PST 2001 writeFile.class
  X.509, CN=Robert Klawuhn, OU=mygroup, O=mycompany, L=mycity, ST=mystate, C=US (writefile)
  s = signature was verified
  m = entry is listed in manifest
  k = at least one certificate was found in keystore
  i = at least one certificate was found in identity scope
  jar verified.
  1 file(s) copied.
  1 file(s) copied.
  1 file(s) copied.
  An error appears:
  java.security.cert.CertificateException: Unable to verify the certificate with root CA
  @ECHO OFF
  REM Doit.bat
  REM
  REM This batch file leads the user through the creating
  REM and signing of an applet class and how it is accessed
  REM from a browser. The applet creates the file: C:\tmpfoo.
  REM
  REM The JRE 1.3.1 plug-in should be installed. See the
  REM control panel for an icon leading to the plug-in.
  REM
  REM This demo is for JRE 1.3.1_01, NT 4 (SP6), HTMLConverter
  REM 1.3, and IE 5.5.
  REM
  REM Run the HTMLConverter 1.3 against the following HTML
  REM file to generate the converted HTML that will support
  REM both Netscape and IE. Get the converter from Sun.
  REM
  REM <html>
  REM <head>
  REM <title> Java Security Example: Writing Files</title>
  REM </head>
  REM <body>
  REM Hi there. There is a signed applet following...
  REM <hr>
  REM <applet code=writeFile.class archive="/writefile.jar" width=500 height=50>
  REM </applet>
  REM <hr>
  REM </body>
  REM </html>
  REM
  REM The following is the code for the applet.
  REM
  REM import java.awt.*;
  REM import java.io.*;
  REM import java.lang.*;
  REM import java.applet.*;
  REM
  REM public class writeFile extends Applet {
  REM String myFile = "/tmp/foo";
  REM File f = new File(myFile);
  REM DataOutputStream dos;
  REM
  REM public void init() {
  REM
  REM String osname = System.getProperty("os.name");
  REM if (osname.indexOf("Windows") != -1) {
  REM myFile="C:" + File.separator + "tmpfoo";
  REM }
  REM }
  REM
  REM public void paint(Graphics g) {
  REM      try {
  REM      dos = new DataOutputStream(new BufferedOutputStream(new FileOutputStream(myFile),128));
  REM      dos.writeChars("Cats can hypnotize you when you least expect it\n");
  REM      dos.flush();
  REM      g.drawString("Successfully wrote to the file named " + myFile + " -- go take a look at REM it!", 10, 10);
  REM      } catch (SecurityException e) {
  REM      g.drawString("writeFile: caught security exception", 10, 10);
  REM } catch (IOException ioe) {
  REM      g.drawString("writeFile: caught i/o exception", 10, 10);
  REM }
  REM }
  REM }
  REM
  @ECHO javac writeFile.java
  javac writeFile.java
  REM Generate a selfsigned certificate and put it into
  REM the keystore.
  REM
  REM password = password
  REM first and last name = Robert Klawuhn
  REM org unit = COMPASS
  REM org = Applied Materials
  REM city = Santa Clara
  REM state = California
  REM country = US
  REM The -selfcert option may not be necessary the first
  REM time this is run
  @ECHO keytool -delete -alias writefile
  keytool -delete -alias writefile
  @ECHO keytool -genkey -alias writefile
  keytool -genkey -alias writefile
  @ECHO keytool -selfcert -alias writefile
  keytool -selfcert -alias writefile
  REM
  REM Export the key that was just created into a .crt file.
  REM This is then sent to a CA to obtain a 'real' certificate
  REM which is then imported into the keystore. These are
  REM commented because I am trying to use a self-issued key.
  REM
  REM keytool -certreq -alias writefile -file writefile.crt
  REM keytool -import -alias writefile -file writefile.crt
  @ECHO keytool -list -alias writefile
  keytool -list -alias writefile
  REM Jar the applet
  REM
  @ECHO jar cvf writefile.jar writeFile.class
  jar cvf writefile.jar writeFile.class
  REM Verify the jar
  REM
  @ECHO jar tvf writefile.jar
  jar tvf writefile.jar
  REM Sign the jar
  REM
  REM passphrase = password
  @ECHO jarsigner writefile.jar writefile
  jarsigner writefile.jar writefile
  REM Verify the signed jar file
  REM
  @ECHO jarsigner -verify -verbose -certs writefile.jar
  jarsigner -verify -verbose -certs writefile.jar
  REM The next statements assume that the applet will be
  REM obtained from Macromedia's JRun default server.
  REM
  copy writefile.crt %JRUN_HOME%\servers\default\default-app\.
  copy writefile.jar %JRUN_HOME%\servers\default\default-app\.
  copy writefile.html %JRUN_HOME%\servers\default\default-app\.
  "C:\Program Files\Plus!\Microsoft Internet\IEXPLORE.EXE" "http://localhost:8100/writefile.html"

  I believe I finally found my problem. If I use JRun as a web server and put the applet on the default server within JRun, I am only able to run the applet from a different client. It doesn't seem to load right on the same system as JRun.
  This may be due to other software I have running on my JRun server system, but it finally works.
  For those that are still having problems with self-signing applets, here is a batch file, that I am using, that works for me.
  @ECHO OFF
  REM Doit.bat
  REM
  REM This batch file leads the user through the creating
  REM and signing of an applet class and how it is accessed
  REM from a browser. When the Publish button is pressed
  REM     the selected file is copied to C:\TEMP\BOBK_copy.txt.
  REM
  REM The JRE 1.3.1 plug-in will be installed on the client.
  REM See the control panel for an icon leading to the plug-in.
  REM
  REM This demo is for JRE 1.3.1_01, HTMLConverter
  REM 1.3, and IE 5.5.
  REM
  REM Run the HTMLConverter 1.3 against the following HTML
  REM file to generate the converted HTML that will support
  REM both Netscape and IE. Get the converter from Sun.
  REM
  REM <html>
  REM <head>
  REM <title> Java Security Example</title>
  REM </head>
  REM <body>
  REM Hi there. There is a signed applet following...
  REM <hr>
  REM <applet code=FilePrompt.class archive="/fileprompt.jar" width=800 height=500>
  REM </applet>
  REM <hr>
  REM </body>
  REM </html>
  REM
  REM This applet can be executed by starting the default server in JRun and then
  REM then entering the following for the IE URL: http://K011614:8100/FilePrompt.html
  REM This assumes that JRun is installed and running on K011614.
  REM
  REM The first time the applet is executed, the 1.3.1_02 JRE is loaded if allowed.
  REM The main problem here is the JRE is about 5.3MB and takes a while.
  REM
  REM For some reason, running IE and pointing it to the applet on the same system that
  REM JRun is executing, doesn't work. You have to run it from another client that
  REM references the applet.
  REM
  @ECHO keytool -delete -alias fileprompt
  keytool -delete -alias fileprompt
  @ECHO keytool -genkey -alias fileprompt
  keytool -genkey -alias fileprompt
  @ECHO keytool -selfcert -alias fileprompt
  keytool -selfcert -alias fileprompt
  @ECHO keytool -export -alias fileprompt -file fileprompt.crt
  keytool -export -alias fileprompt -file fileprompt.crt
  @ECHO keytool -list -alias fileprompt
  keytool -list -alias fileprompt
  @ECHO jar cvf fileprompt.jar *.class
  jar cvf fileprompt.jar *.class
  @ECHO jar tvf fileprompt.jar
  jar tvf fileprompt.jar
  @ECHO jarsigner fileprompt.jar fileprompt
  jarsigner fileprompt.jar fileprompt
  @ECHO jarsigner -verify -verbose -certs fileprompt.jar
  jarsigner -verify -verbose -certs fileprompt.jar
  copy fileprompt.jar %JRUN_HOME%\servers\default\default-app\.
  copy FilePrompt.html %JRUN_HOME%\servers\default\default-app\.
  REM The following doesn't seem to work when executed on the same
  REM system as the JRun server. Access the applet from another client.
  REM "C:\Program Files\Plus!\Microsoft Internet\IEXPLORE.EXE" "http://localhost:8100/FilePrompt.html"
  pause

• Oracle8i JDBC Guide Example Not Working-applet security

  I was having problems with a JDK1.1.7 applet that I want to get
  working with Netscape 4.07 and my Oracle 8.0.5 installation. I
  am using Netscape's Signtool, the Capabilities classes, and I
  have packaged the Oracle classes111.zip contents into my Signed
  JAR file. I got a copy of the Oracle 8i JDBC Developer's Guide
  and Reference which has an example of what I'm trying to do.
  However, I get the same error running the example. Can anyone
  tell me what I'm doing wrong?
  Please help...
  stephen
  The Java console output is as follows:
  # Applet debug level set to 9
  netscape.security.AppletSecurityException: security.Couldn't
  connect to '47.129.164.42' with origin from ''.
  at
  netscape.security.AppletSecurity.checkConnect(AppletSecurity.java
  :914)
  at
  netscape.security.AppletSecurity.checkConnect(AppletSecurity.java
  :926)
  at
  netscape.security.AppletSecurity.checkConnect(AppletSecurity.java
  :795)
  at
  java.lang.SecurityManager.checkConnect(SecurityManager.java:718)
  at java.net.Socket.<init>(Socket.java:245)
  at java.net.Socket.<init>(Socket.java:123)
  at oracle.sqlnet.SQLnet.Connect(SQLnet.java:176)
  at oracle.sqlnet.SQLnet.Connect(SQLnet.java:146)
  at oracle.sqlnet.SQLnet.Connect(SQLnet.java:120)
  at oracle.jdbc.ttc7.TTC7Protocol.connect(TTC7Protocol.java:983)
  at oracle.jdbc.ttc7.TTC7Protocol.logon(TTC7Protocol.java:158)
  at
  oracle.jdbc.driver.OracleConnection.<init>(OracleConnection.java:
  93)
  at
  oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:146)
  at java.sql.DriverManager.getConnection(DriverManager.java:90)
  * at java.sql.DriverManager.getConnection(DriverManager.java:132)
  at MainApplet.button2_actionPerformed(MainApplet.java:196)
  at
  MainApplet$MainApplet_button2_actionAdapter.actionPerformed(MainA
  pplet.java:255)
  at java.awt.Button.processActionEvent(Button.java:267)
  at java.awt.Button.processEvent(Button.java:240)
  at java.awt.Component.dispatchEventImpl(Component.java:1789)
  at java.awt.Component.dispatchEvent(Component.java:1715)
  at
  java.awt.EventDispatchThread$EventPump.dispatchEvents(EventDispat
  chThread.java:83)
  at
  java.awt.EventDispatchThread.run(EventDispatchThread.java:135)
  at
  netscape.applet.DerivedAppletFrame$AppletEventDispatchThread.run(
  DerivedAppletFrame.java:911)
  null

  No, it is not, but this is the reason for using Netscape's
  Capabilities API. It contains a PrivilegeManager that works with
  Java's Applet Security Manager to grant permissions for the
  applet.
  Stephen Brewell (guest) wrote:
  : Is the database server on the same machine as your web server?
  : I don't think applets can connect to a machine other than that
  : from which it was served.
  null

• Re: Getting around Applet security

  I don't think this is an Applet Security problem associated with accessing the xml files on the server using URL connection. This will not in itself produce the exception unless the files are on a different server to the one the Applet was loaded from.

  According to http://java.sun.com/sfaq/, There is
  no explicit support in the JDK applet API for
  persistent state on the client side. However, an
  applet can maintain its own persistent state on the
  server side. That is, it can create files on the
  server side and read files from the server
  side.
  I believe that if you use Applet.getCodeBase() you
  can get the directory containing the applet, and
  using that, you can specify exactly which files you
  want.Accessing the XML file isn't my problem it is accessing the parser. I can't access the parser on the server and it is not an option to change the policy file on all clients to allow to use their JRE's parser.

• How to establish communication between dynpro and Applet running in Portal

  Hello SDN,
  I have a problem with concept of my app and would be glad if You can help me. 
  -  I needed a graphics engine to draw a map during a dynpro runtime, and i made applet for it because dynpro don't offer suitable api.
  Map have to show some data from Bussines Warehouse and R/3 and also have to return coordinates onMouse click to dynpro app.
  My question is how to pass params from web dynpro app to applet and receive coordinates after mouse click on map.
  I made dynpage and placed my applet inside for EPCF but don't know how to use it in applet?

  1. First of all set up the Rfc connection between System A and System B.
     If you are calling the function module which is avlaible on Syetem A  and calling in system B. In system A, go to SM59 opt for R\3 connection and give all the details in "Technical settings" and "logon & Security" tabs and test your connection. If you are returning any value Back to system A , make the same settings in system B.
  2. While creating the Function module check the Radio-button "Remote-Enabled Module" in the attributes tab.
  3. Call function <function-name> Destination <Destination-name>.

• JDBC and Applet communication

  HI!
  I am not able to connect my Oracle datbase in Applet.
  Please give ur suggestions.
  Thanx in Adv
  Vink

  Hi
  An applet can request a socket connection only to the server from which it is downloaded from.
  If your database and the webserver are running on different hosts then the applet security model restricts the applet from connecting to the database. You need to set the proper security policies and sign the applets.
  Refer the following link on applets
  http://developer.java.sun.com/developer/technicalArticles/Security/Signed/
  Also post the complete error/stack traces if you get into some problems.
  Hope this helps
  shrini

• Applet Security loading & running on local PC

  I understnd the limits of an Applet loaded from a server to a local PC. What I am trying to do is test my Applet (JApplet actually) as I create it. I have some GIF and JPG files that need to be loaded from the same DIR that the JApplets HTML file is in. When I run the Applet in appletviewer it works fine, when I run it in IE5.5 I get security errors and the Applet fails to initialize.
  I have read the online section on applet security. It seems to me that my applet 'thinks' it is being loaded from a remote server.
  The online HTML talks about a properties file that can be edited to include the rights to read and/or write to specific local files. Anybody know the name of this file ??
  It should not make a difference that I am doing my work on a W2K Server, should it ???
  Any specific help would be greatly appreciated !!

  java.security.AccessControlException: access denied (java.io.FilePermission CHR.gif read)
  All I try to do in my code is place a GIF as am Icon on a JButton.
  //add buttons to controlPanel
          for(int i=0;i<siteNames.length; i++){
              icon = new ImageIcon(icons);
  JButton b = new JButton(siteNames[i],icon);
  b.addActionListener(listener);
  b.setActionCommand(siteNames[i]);
  controlPanel.add(b);
  Where icons[i] is a string listing of GIF files. The code works fine in IE5.5 without the icons on the buttons. Only when I put the icons on the buttons do I get the access denied error.
  Any Ideas ????
  Could it be the fact that I am doing my coding and testing on a W2K Server ????

• ActiveX bridge uses applet security model???

  Hello,
  During execution my ActiveX bean has no permissions to make something, but I need it at least able to access files. ActiveX bridge documentation says that the bean is executed with all permissions. Is something was changed in 1.5 release?
  Anton

  Seems like axbridge doesnt use the applet security model if you have the following folder structure:
  <JRE>\axbridge\bin\mybean.dll
  <JRE>\axbridge\lib\mybean.jar
  But then there are a lot of bugs, and the bug workaround is to rename the lib folder after registering the dll (and updating the path to the jarfile in the registry):
  <JRE>\axbridge\bin\mybean.dll
  <JRE>\axbridge\bug_workaround_lib\mybean.jar
  But then we get another problem: the applet security model is turned on...

• Hi i got a new airport express for christmas and i set it up as per instructions ,i even give a static ip and wpa2 security ..the problem is is when i come to want to use it it says its not on my network and a orange triangle shows .when i reboot it works

  hi i got a new airport express for christmas and i set it up as per instructions ,i even give a static ip and wpa2 security ..the problem is is when i come to want to use it it says its not on my network and a orange triangle shows .when i reboot it works..then if i leave it a while and try iy agian its disapeared of my network...i have a bt hub 3 ....any help please ..im not sure if itsa faulty express

  I really don't have an answer for that one. I guess that while trying to get things working correctly, I would use the most basic monitor I had which in your case would be the Eizon using the Thunderbolt port and adaptor.
  When you boot into Safe Mode the startup is quite slow, but you should get the Apple logo and then the spinning gear below it (release the SHIFT key when it appears.) Then after a little more time you should see a gray progress bar appear below the spinning gear. When that disappears the computer will startup to a login screen.

• My ipod wont let me buy apps etc... keeps saying this is the first time this device has been used and to sign in and answer security questions. I have had this account for years but cant remember the answer to the security questions. How can i fix it?

  My iPod touch wont let me buy anything, i've beem using this account for a couple of years and now it says that this is the first ime this id has been used on my device... it's not.... and to sign in and answer security questions. i cant remember the answers to the questions. How can i fix this without making a new account and losing all my stuff???

  From a Kappy  post
  The Three Best Alternatives for Security Questions and Rescue Mail
     1. Use Apple's Express Lane.
  Go to https://expresslane.apple.com ; click 'See all products and services' at the
  bottom of the page. In the next page click 'More Products and Services, then
  'Apple ID'. In the next page select 'Other Apple ID Topics' then 'Forgotten Apple
  ID security questions' and click 'Continue'. Please be patient waiting for the return
  phone call. It will come in time depending on how heavily the servers are being hit.
  2.  Call Apple Support in your country: Customer Service: Contact Apple support.
  3.  Rescue email address and how to reset Apple ID security questions.
  A substitute for using the security questions is to use 2-step verification:
  Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID.

• I have forgotten my Apple ID and my security question. How can I change it. When I try to verify it through email it never goes through...

  I've forgotten my Apple ID and my security question. I've tried to receive the Apple ID through email but I never receive the email.

  The Best Alternatives for Security Questions and Rescue Mail
      a. Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
      b. Call Apple Support in your country: Customer Service: Contact Apple support.
      c. Rescue email address and how to reset Apple ID security questions.

• HT201269 When I try to setup my new iPad air, I go through all the steps for the iCloud sign-in and choosing security questions and what not. But after I hit the agree to the terms and conditions... It says Apple ID could not be created because of a serve

  When I try to setup my new iPad air, I go through all the steps for the iCloud sign-in and choosing security questions and what not. But after I hit the agree to the terms and conditions... It says Apple ID could not be created because of a server error. Have no clue what to do... I've restarted the iPad and get the same message. But my internet works just fine.

  1. Turn router off for 30 seconds and on again
  2. Settings>General>Reset>Reset Network Settings

• Secure and non-secure access to the web application in one war

  Say we have one web application (in one war) which includes JSP, servlets and the security intercepter. There is one business requirement to have most of the JSP(s) accessed via HTTPS, but a few JSP(S) accessed via HTTP.
  My questions are:
  a. Is this possible, or a reasonable requirement or a good practice?
  b. if yes, what can we do to make it happen in the security intercepter implementation?
  c. If not, what is the technical reasons?
  Thanks much.

  a) Yes its is reasonable and good practive, there is an overhead using https, so you should only encrypt file you need to. When you use an online store, only account details / payments are https, the shop itself is http
  b) I dont really understand your difficulty. You can define a folder as 'secure' and put all your secure pages in this folder, leaving non secure files in a different folder. Whenever a page in the secure folder is accessed, https is automatically invoked.