Solved

JFileChooser in a Signed Applet

Posted on 2011-03-08
9
1,930 Views
Last Modified: 2012-05-11
Hello Experts,

I'm writing an applet that needs to be able to choose a directory on the local file system. The applet code is attached:

 
import java.applet.Applet;
import java.awt.*;
import javax.swing.JFileChooser;
import javax.swing.filechooser.FileSystemView;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.lang.Integer;

/**
 *
 * @author Shishir
 */
public class fileIndexerApplet2 extends Applet {

    private int width, height;

    private JFileChooser fileChooser;
    private FileSystemView fsv;

    private int currentProgress;
    private boolean isTaskRunning;

    /**
     * Initialization method that will be called after the applet is loaded
     * into the browser.
     */
    @Override
    public void init() {
        // TODO start asynchronous download of heavy resources
        setBackground( Color.WHITE );

        width = getSize().width;
        height = getSize().height;

        // currentProgress will indicate the percentage progress of an indexing job.
        // It can be accessed by the external javascript via the getter function "getIndexingProgress()", to show progressbar.
        currentProgress = 0;

        // isTaskRunning will indicate if a indexing job is in progress.
        isTaskRunning = false;
    }

    @Override
    public void paint( Graphics g ) {
        g.setColor( Color.BLUE );
        for ( int i = 0; i < 10; ++i ) {
            g.drawLine( width, height, i * width / 10, 0 );
        }
    }

    @Override
    public void stop() {
        // Do something when user closes the window or navigates to another page.
    }

    public int getIndexingProgress() {
        if(isTaskRunning)
            return currentProgress;
        return -1;
    }

    public String getFolder() {
        String res = "";
        //int result = 0;
        try {
            final Component tmp = this;
            Object result = AccessController.doPrivileged(new PrivilegedAction() {
                public Object run() {
                    fileChooser = new JFileChooser();
                    //fileChooser.setCurrentDirectory(new java.io.File("."));
                    fileChooser.setFileSelectionMode(JFileChooser.DIRECTORIES_ONLY);
                    fileChooser.setAcceptAllFileFilterUsed(false);

                    if (fileChooser.showOpenDialog(tmp) == JFileChooser.APPROVE_OPTION) {
                        return fileChooser.getSelectedFile().getPath();
                    }
                    return null;
                }
            });

            if(result == null) {
                return "";
            }

            res = (String)result;
            return res;

        } catch (Exception e) {
             e.printStackTrace();
        }
        return res;
    }

    // TODO overwrite start(), stop() and destroy() methods
}

Open in new window


-------------------------------------------------------------------
I've signed this applet using the following procedure:

keytool -genkey - alias FileIndexerApplet -validity 365

jar cvf fileIndexerApplet2.jar fileIndexerApplet2.class

jarsigner fileIndexerApplet2.jar FileIndexerApplet

--------------------------------------------------------------------

I'm getting the following error in Firefox:

uncaught exception: java.security.AccessControlException: access denied (java.util.PropertyPermission user.dir read)

OS: Windows 7

Its not working in Chrome, and I'm getting the same error in IE.

So, the applet is signed, AND I'm running the function as privileged code. Could you please advise me on what I'm doing wrong, or what I need to do in order to get this to work?

Thanks for the help.
-Shishir
0
Comment
Question by:shishir_sri
  • 4
  • 3
  • 2
9 Comments
 
LVL 92

Expert Comment

by:objects
ID: 35074888
sounds like your not running the signed jar. Make sure the classes aren't directly available on the web server or classpath.

Increase the debug level in the console as explained here to see whats getting loaded
0
 
LVL 3

Author Comment

by:shishir_sri
ID: 35074958
Hey,

Thanks for the quick response. Only the jar file has been uploaded to the server. I did as you asked and changed the trace level to 5. I got the following response:

-------------------------------------------------------------------

Trace level set to 5: all ... completed.
basic: Starting applet teardown
basic: Finished applet teardown
basic: Added progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@198a1f4
basic: Plugin2ClassLoader.addURL parent called for http://localhost/thakker/fileIndexerApplet2.jar
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Start to check whether root CA is replaced
security: The root CA hasnt been replaced
security: No timestamping info available
security: Found jurisdiction list file
security: No need to checking trusted extension for this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
basic: Applet loaded.
basic: Applet resized and added to parent container
basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 424401 us, pluginInit dt 15572703352 us, TotalTime: 15573127753 us
basic: Applet initialized
basic: Removed progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@198a1f4
basic: Applet made visible
basic: Starting applet
basic: completed perf rollup
basic: Applet started
basic: Told clients applet is started

----------------------------------------------------------------------------------

If its any help, this is the code I'm using to add the applet in the web page:

<script src="http://www.java.com/js/deployJava.js"></script>
    <script>
        var attributes = { id:'fileIndexerApplet', code:'fileIndexerApplet2.class', archive:'fileIndexerApplet2.jar', width:100, height:100} ;
        var parameters = {} ;
        deployJava.runApplet(attributes, parameters, '1.6');
    </script>
   
<script type="text/javascript">
function appletMethod_getRoot() {
      // alert(document.fileIndexerApplet.getIndexingProgress());
      var folder = document.fileIndexerApplet.getFolder();
      alert(folder);
      // document.forms[0].elements['txtRoot'].value = document.applets[0].getFolder();
      return false;
}
</script>

Let me know what you think. Thanks again.
-Shishir
0
 
LVL 47

Expert Comment

by:for_yan
ID: 35074991


there are some suggestions on how to address similar situation
http://www.thatsjava.com/java-desktop/20780/
0
 
LVL 92

Expert Comment

by:objects
ID: 35075035
are you getting prompted to accept cert and grant applet permissions
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 47

Expert Comment

by:for_yan
ID: 35075038
0
 
LVL 3

Author Comment

by:shishir_sri
ID: 35075049
Hey,

for_yan:

Thanks for the link, but I had seen the page before I posted the question here. It does not really give the solution, as its a webstart forum. Also, it recommends changing the policy files, which I cannot do, since this applet is gonna be publicly accessible over the web.

Thanks.
-Shishir
0
 
LVL 3

Author Comment

by:shishir_sri
ID: 35075071
Hey,

objects: Yes I was prompted to accept cert and grant applet permissions once (when I signed the applet the first time). At the time, I wasn't using privileged code. I have, since, made the changes and uploaded the new signed jar files, with the code attached in my original query, but I haven't been prompted again.

I'm assuming that its because I accepted it once?

Thanks,
Shishir
0
 
LVL 92

Accepted Solution

by:
objects earned 500 total points
ID: 35075176
> At the time, I wasn't using privileged code.

that would cause the exception you are getting

> I'm assuming that its because I accepted it once?

did you check to allows allow it?

And have you cleared the cache, or at least restarted the browser?


0
 
LVL 3

Author Comment

by:shishir_sri
ID: 35075304
I feel like such a fool. I didn't remember if I selected the "Always" checkbox, so I created another key and signed the latest applet. Then I opened the page in Chrome, where I was given the trust prompt. Once I accepted, it worked.

I suppose it was because the cache is not getting cleared even though I cleared my FF cache.

Anyways, thanks a lot. :)

@for_yan: thank you too for the links.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

INTRODUCTION Working with files is a moderately common task in Java.  For most projects hard coding the file names, using parameters in configuration files, or using command-line arguments is sufficient.   However, when your application has vi…
Java Flight Recorder and Java Mission Control together create a complete tool chain to continuously collect low level and detailed runtime information enabling after-the-fact incident analysis. Java Flight Recorder is a profiling and event collectio…
Viewers learn about the scanner class in this video and are introduced to receiving user input for their programs. Additionally, objects, conditional statements, and loops are used to help reinforce the concepts. Introduce Scanner class: Importing…
This theoretical tutorial explains exceptions, reasons for exceptions, different categories of exception and exception hierarchy.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now