CODEWITHSUNDEEP
javaswingappletsecurity
Niklas Rosencrantz
Niklas Rosencrantz

Reputation: 26647

Applet security setting?

I'm converting a JFrame to an applet and getting an security exception:

C:\prv_workspace_8\DungeonWorldAdventure\bin>appletviewer applet.html
java.security.AccessControlException: access denied ("java.net.SocketPermission"
 "www.student.nada.kth.se:80" "connect,resolve")
        at java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:366)
        at java.security.AccessController.checkPermission(AccessController.java:
555)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
        at sun.net.www.http.HttpClient.openServer(HttpClient.java:456)
        at sun.net.www.http.HttpClient.<init>(HttpClient.java:203)
        at sun.net.www.http.HttpClient.New(HttpClient.java:290)
        at sun.net.www.http.HttpClient.New(HttpClient.java:306)

It's trying to read pics from an URL:

// Load an image from the net, making sure it has already been
    // loaded when the method returns
    public Image loadPicture(String imageName) {
        Image im = null;

        // Load the image from the net
        try {
            URL imageSource = new URL(
                    "http://www.student.nada.kth.se/~d99-nro/" + imageName);

            try {
                im = createImage((ImageProducer) imageSource.getContent());
            } catch (IOException e) {
            }

        } catch (MalformedURLException e) {
        }

        // Wait to ensure that the image is loaded
        MediaTracker imageTracker = new MediaTracker(this);
        imageTracker.addImage(im, 0);
        try {
            imageTracker.waitForID(0);
        } catch (InterruptedException e) {
        }

        return im;
    }

Any idea how I can make this work? Do I need a java.policyfile? If so, how do I make this applet work on a web page?

Upvotes: 0

Views: 189

Answers (1)

Andrew Thompson
Andrew Thompson

Reputation: 168825

Any idea how I can make this work?

An applet needs to be trusted to read cross-domain. Either that or a file in a specific place on the foreign server that permits cross-domain access, I doubt applet viewer is sophisticated enough to make the distinction though, so it would be best to test it in a web page.

For more details on cross-domain access, see:

Do I need a java.policyfile?

No. That will not work (is not practical) to deploy over the net, so is not worth pursuing.

I'm converting a JFrame to an applet..

It is probably a better idea to launch the frame using Java Web Start. The same security restrictions will apply, but a free floating (& resizable) frame is typically better for displaying images. It also requires no code conversion, and is generally easier to maintain - applets cause more maintenance trouble than JWS apps.

I will make it with Java Web Start. I read that I can make my application signed and then it can read files. Shouldn't it be easy? I see other developers had trouble getting their applets to load files and then they were recommended to use signed applet, perhaps there is something similar for Java Web start?

Pretty much the same. The Jar(s) need to be digitally signed if they are referenced in any launch file (a JNLP, similar to the applet element in HTML but with more options) or any extension (also a JNLP) that requests extended permissions (there are 3 levels or privileges in JWS).

Another alternative is to use the JNLP API file services to access the local file-system from a sand-boxed app., but that would require changes to the code. Here is a demo. of the file services.

Upvotes: 3

Related Questions