• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Paul Clapham
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Liutauras Vilda
Saloon Keepers:
  • Tim Holloway
  • Carey Brown
  • Roland Mueller
  • Piet Souris
Bartenders:

Does signed applet allow to Make network connections to arbitary hosts ??

 
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Doed signed applet allow to Make network connections to arbitary hosts ??
I have two co-worker showed me they can do it.
Thanks!
Ping
 
P Lu
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Do signed applet allow to listen on the port as a server ?
 
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Have a read of this.
I would have automatically said 'no' to your question, unless of course the browser's security policy has granted permission. It looks like a JDK1.1 signed applet would work though (assuming no firewall issues).
In the context of the SCEA exam, I believe the answer would be 'no', as they are testing your knowledge of the new applet security architecture.
Cheers
Gus
[ March 17, 2004: Message edited by: Angus MacCuish ]
 
Ranch Hand
Posts: 146
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Guys,
Better read the following which may answer ur question.
-Rameshkumar
How can an applet open a network connection to a computer on the internet?
Applets are not allowed to open network connections to any computer, except for the host that provided the .class files. This is either the host where the html page came from, or the host specified in the codebase parameter in the applet tag, with codebase taking precendence.
For example, if you try to do this from an applet that did not originate from the machine foo.com, it will fail with a security exception:
Socket s = new Socket("foo.com", 25, true);
How can an applet open a network connection to its originating host?
Be sure to name the originating host exactly as it was specified when the applet was loaded into the browser.
That is, if you load an HTML page using the URL
http://foo.state.edu/~me/appletPage.html
then your applet will be able to connect to its host only by using the name foo.state.edu. Using the IP address for foo.state.edu won't work, and using a "shorthand" form of the host name, like foo.state instead of foo.state.edu, won't work.
 
Angus MacCuish
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Check out
http://www.cs.ust.hk/~lzhang/teach/java03/slides/17security.ppt
and
http://www.securingjava.com/chapter-three/chapter-three-7.html
I think the Sun document you're quoting (from the SCEA links page) is describing the default behaviour of Applets. The Java 2 security architecture is supposed to let you go 'beyond the sandbox' with the
'java.policy' permissions file.
If you search for applets on the web you'll notice some will tell you to add entries into this policy file to grant 'SocketPermission' for other hosts.
I haven't written an Applet since 1998 I hasten to add! Interestingly enough, that particular project used a signed applet to connect to other hosts (an Oracle database via JDBC).
Cheers
Gus
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic