This week's book giveaway is in the Agile and Other Processes forum.
We're giving away four copies of The Little Book of Impediments (e-book only) and have Tom Perry on-line!
See this thread for details.
Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Applet Security Question

 
Alex Belt
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Having looked through all the search responses for 'applet security' and not finding the answer I need, I am posting my question. I am developing a proof of concept applet for an intranet application. It is downloaded from one server, but requires resources from another. I have signed the applet and used the PolicyEngine.assertPermission(PermissionId.SYSTEM) statement as the first statement in the applet's init() method. Later on, in a different method, I create a URL object that ultimately connects to the other server so I can get it's resources, but the Java Console still shows a SecurityExceptionEx being thrown when I try to connect to the second server. What is the solution? Do I need to make it socket-based communication, or does Java and/or IE not allow this, regardless of asserted permissions and signing?
 
Alex Belt
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have an answer to my question now. Apparently, because the domain name is not exactly the same for the second server, IE considers the domains to be different. So regardless of the permissions I've asserted or the applet signature, the browser considers this absolutely forbidden and won't allow it. So I'll just call a servlet resource on the source server and let it access the other server. Not optimal, but it will work.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic