• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 400
  • Last Modified:

getImage & access denied

Hello !

My applet is running on a HostA trying to get an image from HostB
here is the code piece:
...
try {
   img = getToolkit().getImage(new URL ("http://hostB/disk.gif"));
}
catch (Exception e) {
   System.err.println(e);
}
...

then, I got this message running the applet throught appletviewer:

java.security.AccessControlException: access denied java.net.SocketPermission hostB resolve)


HOW can I get an Image from a Host diferent from the (current) host where the Applet is running?


Thanks.
0
jussara
Asked:
jussara
1 Solution
 
zhongbingCommented:
you need sign your applet to access any site different from the original applet download site. And you need sign it with 2 differ ways, for IE and NS.


Look at this stuff.

 From: vladi21
 Date: Tuesday, November 16 1999 - 08:46PM CST  
 
http://java.sun.com/docs/books/tutorial/applet/overview/security.html 

Code signing resources:

Creating Signed, Persistent Java Applets
http://www.ddj.com/articles/1999/9902/9902h/9902h.htm 

http://www.javasoft.com/products/jdk/1.1/docs/guide/security/index.html 
http://java.sun.com/security/signExample/index.html 
http://www.verisign.com/library/guide/developer/signing/index.html 
http://www.suitable.com/Doc_CodeSigning.shtml 
http://www.securingjava.com/appdx-c/ 
http://tactika.com/realhome/javaht/java-s1.html 
http://www.fastlane.net/~tlandry/javafaq.txt 

MS:
http://www.thawte.com/support/developer/ms.html 
http://www.developer.com/journal/techworkshop/curr.html 
http://www.verisign.com/library/guide/developer/authenticode/index.html 
http://msdn.microsoft.com/library/psdk/crypto/cryptotools_6cdv.htm 
http://msdn.microsoft.com/library/psdk/crypto/portaltool_3u3p.htm 

NN:
http://developer.netscape.com/docs/manuals/signedobj/ 
http://developer.netscape.com/docs/manuals/signedobj/javadoc/Package-netscape_security.html 
http://developer.netscape.com/docs/manuals/signedobj/targets/contents.htm 
http://developer.netscape.com/support/faqs/objfaq.html 
http://developer.netscape.com/docs/manuals/deploymt/4_5PREFS.HTM 

NN: Bypass the need for a certificate
Netscape provides a way to accept a codebase as trusted (then a certificate is not needed). This can be useful during development or in a private Intranet. In the Netscape Users directory, there is a file called prefs.js. Adding the line user_pref("signed.applets.codebase_principal_support", true);

will enable JAR file without a certificate to request privileges on your machine. If you agree, it will be possible for an Applet to lauch a program, write a file on your hard disk or print on the printer. You will still have to ask for privileges in your program using the Netscape capabilites classes.
Another way is to lower general security setting to more allow more freedom when running applets locally. Add or modify the following entries in the prefs.js: user_pref("unsigned.applets.low_security_for_local_classes", true);
user_pref("signed.applets.local_classes_have_30_powers", true);
user_pref("signed.applets.low_security_for_local_classes", true);
user_pref("signed.applets.verbose_security_exception", true);


Then you don't need to asked for privileges for local classes.
When adding or modifying the file prefs.js, Netscape must not be running because your modification will be overwritten. So shut down Netscape, edit the prefs.js and then restart Netscape.
 

Best of luck
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now