• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Knute Snortum
  • Bear Bibeault
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Piet Souris
  • Ganesh Patekar
Bartenders:
  • Frits Walraven
  • Carey Brown
  • Tim Holloway

Applet Security Question

 
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Having looked through all the search responses for 'applet security' and not finding the answer I need, I am posting my question. I am developing a proof of concept applet for an intranet application. It is downloaded from one server, but requires resources from another. I have signed the applet and used the PolicyEngine.assertPermission(PermissionId.SYSTEM) statement as the first statement in the applet's init() method. Later on, in a different method, I create a URL object that ultimately connects to the other server so I can get it's resources, but the Java Console still shows a SecurityExceptionEx being thrown when I try to connect to the second server. What is the solution? Do I need to make it socket-based communication, or does Java and/or IE not allow this, regardless of asserted permissions and signing?
 
Alex Belt
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have an answer to my question now. Apparently, because the domain name is not exactly the same for the second server, IE considers the domains to be different. So regardless of the permissions I've asserted or the applet signature, the browser considers this absolutely forbidden and won't allow it. So I'll just call a servlet resource on the source server and let it access the other server. Not optimal, but it will work.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!