Solved

Urgent: Enigmatic Netscape Security Problem

Posted on 1998-07-16
7
206 Views
Last Modified: 2010-03-30
I have an applet using rmi which produces the attached stack trace in the Netscape Java Console.
The applet offers a remote Object to the server to access (by reference).

I tried to enable the Netscape privileges in my code on applet start up:
...
netscape.security.PrivilegeManager.enablePrivilege("30Capabilities");
...
But it did not work. I tried combinations of UniversalConnect and UniversalAccept. Did not work. I tried to give the SuperUser privilege but I get a ForbiddenTargetException.

What the h... on earth is going wrong? Does anyone know what the problem is?

Regards Ian

Netscape Communications Corporation -- Java 1.1.5
Type '?' for options.
Symantec Java! ByteCode Compiler Version 210.065
Copyright (C) 1996-97 Symantec Corporation
netscape.security.AppletSecurityException: security.Couldn't connect to '160.85.128.161' with origin from 'local-classpath-classes'.
  at java.lang.Throwable.<init>(Compiled Code)
  at java.lang.Exception.<init>(Compiled Code)
  at java.lang.RuntimeException.<init>(Compiled Code)
  at java.lang.SecurityException.<init>(Compiled Code)
  at netscape.security.AppletSecurityException.<init>(Compiled Code)
  at netscape.security.AppletSecurityException.<init>(Compiled Code)
  at netscape.security.AppletSecurity.checkConnect(Compiled Code)
  at netscape.security.AppletSecurity.checkAccept(Compiled Code)
  at java.lang.SecurityManager.checkAccept(Compiled Code)
  at java.net.ServerSocket.implAccept(Compiled Code)
* at java.net.ServerSocket.accept(Compiled Code)
  at sun.rmi.transport.proxy.HttpAwareServerSocket.accept(Compiled Code)
  at sun.rmi.transport.tcp.TCPTransport.run(Compiled Code)
  at java.lang.Thread.run(Compiled Code)
0
Comment
Question by:e4monsch
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 2

Author Comment

by:e4monsch
ID: 1226850
Could it be a Netscape Java bug. I'm using the prerelease of Netscape 4.05 with full Java Awt 1.1.5 support.

Regards Ian

0
 
LVL 5

Expert Comment

by:fontaine
ID: 1226851
3 questions come me in mind. They would clarify the context:

- Does the RMI server run on the same machine as the Web server that delivered the applet?
- Is the applet actually loaded from a server or from the local disk?
- Are you behind a firewall?


0
 
LVL 2

Author Comment

by:e4monsch
ID: 1226852
1. Yes
2. No local classes on the test computer. Every thing is loaded from server.
3. No

The server object utilieses a client object. Everything works well on Sun Activator/Appletviewer. But not in Netscape.

Regards Ian

0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 5

Accepted Solution

by:
msmolyak earned 100 total points
ID: 1226853
I assume 160.85.128.161 is the machine where you run both your Web server and RMI server (since it is one and the same machine). This is good (that is it is the way it's supposed to be), and the applet should have no troubles connecting to the server it came from.

Looking at the error message it seems you are loading the applet's classes from the local classpath (even though you do not think so) rather than from the Web server. It is easy to verify. Start your browser and clear the cache (to do the clean experiment). Then open Java Console and turn debug mode on (type 9). After that access your applet. The messages on the console will tell you where each of the Java classes comes from. If it says http://160.85.128.161/...., you are fine. If it says c:\..., then you have a problem.

Check it and post the result.
0
 
LVL 5

Expert Comment

by:msmolyak
ID: 1226854
P.S. You can use Capabilities API but I do not think you need it in this case. UniversalCOnnect and UniversalAccept shoul do the job. I do not thing the privilege 30Capabilities exists. There is a browser preference signed.applets.local_classes_have_30_powers which will give the applet loaded locally universal connect privilege. But this is not a long-term solution.
0
 
LVL 2

Author Comment

by:e4monsch
ID: 1226855
ms...:Yes you are right. It seems as if there has been a local class somewhere in the system. Could it be that, the browser looks for classes in his cache?

After removing the disk cache every thing went ok. But sadly I had to give my code to the professor two hours ago. So now I have given the pro a unfinished software...

Regards Ian

0
 
LVL 5

Expert Comment

by:msmolyak
ID: 1226856
But if the problem is in the cache or CLASSPATH why are you worried? You software should not have anything to do with that.

Browser looks at the cache, than the CLASSPATH on the local machine, then at the ARCHIVE and CODEBASE location from the APLLET tag and probably last at the directory the HTML file with an applet came from.
0

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This was posted to the Netbeans forum a Feb, 2010 and I also sent it to Verisign. Who didn't help much in my struggles to get my application signed. ------------------------- Start The idea here is to target your cell phones with the correct…
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
The viewer will learn how to implement Singleton Design Pattern in Java.
This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question