CODEWITHSUNDEEP
javasecurityjakarta-eeappletaccesscontrolexception
Azeem Akram
Azeem Akram

Reputation: 233

Java applet is not supporting the Authenticator.setDefault

I want to do simple HTTP authentication in a Java applet, which I am trying this way:

static class MyAuthenticator extends Authenticator
        {
            public PasswordAuthentication getPasswordAuthentication()
                {
            // I haven't checked getRequestingScheme() here, since for NTLM
            // and Negotiate, the usrname and password are all the same.
            System.err.println("Feeding username and password for " + getRequestingScheme());
            return (new PasswordAuthentication(kuser, kpass.toCharArray()));
            }
        }
    public void paint(Graphics g) {
        try
        {
        //  String authenticate=Authenticator.getPasswordAuthentication();
             Authenticator.setDefault(new MyAuthenticator());
             URL url = new URL("http://Ip_address/jpg/image.jpg");
             InputStream ins = url.openConnection().getInputStream();
             BufferedReader reader = new BufferedReader(new InputStreamReader(ins));
             String str;
               while((str = reader.readLine()) != null)
                  System.out.println(str);

          //int s=2+2;

            g.drawString("hello world", 50, 60 );
        }
        catch (Exception e)
        {
            System.out.println("Exception : "+ e);
        }
    }

But I am getting error at this line

Authenticator.setDefault(new MyAuthenticator());

The exception is: 

Exception : java.security.AccessControlException: access denied 
    (java.net.NetPermission setDefaultAuthenticator)

Can anyone tell me that what to do now, or how to authenticate a website inside from Java applet?

Upvotes: 0

Views: 795

Answers (1)

Stephen C
Stephen C

Reputation: 719729

You've run into a security sandbox restriction. Apparently, it is a security concern for an untrusted applet to be changing the default authenticator. (I imagine it is because a nasty applet could use this to steal authentication details supplied by the user.)

Whatever the reason for the restriction, one solution is to sign the JAR file for your applet. See this page of the Oracle Tutorials for details.

Upvotes: 1

Related Questions