mikesung99
asked on
Jsvs Applet - Socket Communication Exception
Hi,
We have developed a simple Java Applet that creates a TCP Port to listen on 1035 and also fires socket request messages to Port 1034 (which is the listening port of a local service) All TCP communications will be completed throught local host.
The Applet does not use a Java signed certificate as the solution is to designed to work on a local intranet.
However when we start up the applet and we try to fire a test message to the listening port of the applet 1035- the following error was outputted to the Java Console:
Exception in thread "Thread-11" java.security.AccessContro lException : access denied (java.net.SocketPermission 127.0.0.1:2046 accept,resolve)
at java.security.AccessContro lContext.c heckPermis sion(Unkno wn Source)
at java.security.AccessContro ller.check Permission (Unknown Source)
at java.lang.SecurityManager. checkPermi ssion(Unkn own Source)
at java.lang.SecurityManager. checkAccep t(Unknown Source)
at java.net.ServerSocket.impl Accept(Unk nown Source)
at java.net.ServerSocket.acce pt(Unknown Source)
at tntcctapplet.Listner_Class .Listener_ Loop(Listn er_Class.j ava:128)
at tntcctapplet.Listner_Class .run(Listn er_Class.j ava:73)
From the Java Policy (securiy) on the clents machine the following parameters is set:
permission java.net.SocketPermission "localhost:1024-", "listen";
We initially thought this was fine as the Port range covered our required Ports i.e. 1035. However we are unsure why the error message states SocketPermission 127.0.0.1:2046 accept,resolve) referencing Port 2046, when we are firing a test message to Port 1035...........
We followed to modify the Java Policy to indicate the following:
permission java.net.SocketPermission "127.0.0.1:1024-", "listen, accept, connect, resolve";
This removed all the Java Socket communication issues but was a concern, as we appear to have unlocked all the Ports to potential malicious actions.
Therefore we tried to restrict the Port Range in the Java.Policy as illustrated below:
permission java.net.SocketPermission "127.0.0.1:1024-1035", "listen, accept, connect, resolve";
Based on the above's narrow range, when we tried to Test by firing to port 1035 again, we get thefollowingbelow:-
Exception in thread "Thread-11" java.security.AccessContro lException : access denied (java.net.SocketPermission 127.0.0.1:4915 accept,resolve)
How do we restrict the Port Range used by Acces Controland why is there an error message relating to the seeminglyrandom port
The solution is created under Java Version 1.4 and JRE environment is 1.6.
We have developed a simple Java Applet that creates a TCP Port to listen on 1035 and also fires socket request messages to Port 1034 (which is the listening port of a local service) All TCP communications will be completed throught local host.
The Applet does not use a Java signed certificate as the solution is to designed to work on a local intranet.
However when we start up the applet and we try to fire a test message to the listening port of the applet 1035- the following error was outputted to the Java Console:
Exception in thread "Thread-11" java.security.AccessContro
at java.security.AccessContro
at java.security.AccessContro
at java.lang.SecurityManager.
at java.lang.SecurityManager.
at java.net.ServerSocket.impl
at java.net.ServerSocket.acce
at tntcctapplet.Listner_Class
at tntcctapplet.Listner_Class
From the Java Policy (securiy) on the clents machine the following parameters is set:
permission java.net.SocketPermission "localhost:1024-", "listen";
We initially thought this was fine as the Port range covered our required Ports i.e. 1035. However we are unsure why the error message states SocketPermission 127.0.0.1:2046 accept,resolve) referencing Port 2046, when we are firing a test message to Port 1035...........
We followed to modify the Java Policy to indicate the following:
permission java.net.SocketPermission "127.0.0.1:1024-", "listen, accept, connect, resolve";
This removed all the Java Socket communication issues but was a concern, as we appear to have unlocked all the Ports to potential malicious actions.
Therefore we tried to restrict the Port Range in the Java.Policy as illustrated below:
permission java.net.SocketPermission "127.0.0.1:1024-1035", "listen, accept, connect, resolve";
Based on the above's narrow range, when we tried to Test by firing to port 1035 again, we get thefollowingbelow:-
Exception in thread "Thread-11" java.security.AccessContro
How do we restrict the Port Range used by Acces Controland why is there an error message relating to the seeminglyrandom port
The solution is created under Java Version 1.4 and JRE environment is 1.6.
why is this an applet?
ASKER
All part of the project requirements to have a Java Applet embedded to a HTML page to enable socket communications.
so much more practical to just sign the jars
ASKER
If you sign the Jar would the user viewing the applet, always need view a certificate to accept that Applet is as a trusted application.... ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.