Security Exception - Whats wrong with my code?


Could some one tell me what is wrong with the following code? It is driving me mad. It compiles ok but gives an error when I start the applet.

import java.applet.*;
import java.awt.*;

public class ThreadTest extends Applet
  public void init()
    url = new StringBuffer();
    readurl = new URL("");
    newurl = "";
    System.out.println("The URL is " + readurl);
    ShowURL show = new ShowURL(newurl,readurl,this);
   catch (IOException e) {    
     System.out.println("Exception error in the prog " + e);}

 class ShowURL extends Thread
  String redirectUrl;
  URL readUrl;
  Applet applet;
  //InputStream in;
  int a;
  public ShowURL(String redirectUrl, URL readUrl, Applet applet)
   this.redirectUrl = redirectUrl;
   this.readUrl = readUrl;
   this.applet = applet;
  public void run()
   System.out.println("Inside Run");
    System.out.println("Inside Try");
    InputStream in = readUrl.openStream();
    while ((a = != -1)
    //System.out.println("Outside While");
    String str = new String(url);
     URL redirecturl = new URL(str);
     System.out.println("Try Again!");
     URL redirecturl1 = new URL(redirectUrl);
   }catch (Exception e) {System.out.println("Exception error in the prog " + e);
   //      e.printStackTrace();


Thread thread;
String line;
// int a;
StringBuffer url;
String newurl;
URL readurl;
// InputStream in;
// ShowUrl show;

Thanks for your help.

Who is Participating?
s_franklinConnect With a Mentor Commented:
You're running into restrictions of the applet. If you ran it locally as an application you would have no problems. It compiles fine because it is valid. However the security container around applets as enforced by the browsers doesn't let them do this.

There is some good information that you will want to read on the topic:

Java Net Programming FAQ 2.7 - "Why is a security exception thrown when using or from an applet?"

If you want to do this, you should look into signing your applets. Signed applets can accomplish what you want legitimately. Some information on this topic can be found at:

Some browsers let you override this restriction such that the JVM doesn't get so picky. I wouldn't rely on this as part of my design however - users can turn it on and off at will, and it isn't available for all browsers.


I would expect this applet to give a security error. Unless an applet is signed it can only access the machine it was loaded from.
DoojAuthor Commented:
Yeah, that makes sense. So, if I load this in the same server as the text file (which has to be read) I should not get this error, right?

Anyway, thanks heaps Steve.

Cheers, DD :-)
All Courses

From novice to tech pro — start learning today.