JFileChooser in a Signed Applet

Hello Experts,

I'm writing an applet that needs to be able to choose a directory on the local file system. The applet code is attached:

import java.applet.Applet;
import java.awt.*;
import javax.swing.JFileChooser;
import javax.swing.filechooser.FileSystemView;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.lang.Integer;

 * @author Shishir
public class fileIndexerApplet2 extends Applet {

    private int width, height;

    private JFileChooser fileChooser;
    private FileSystemView fsv;

    private int currentProgress;
    private boolean isTaskRunning;

     * Initialization method that will be called after the applet is loaded
     * into the browser.
    public void init() {
        // TODO start asynchronous download of heavy resources
        setBackground( Color.WHITE );

        width = getSize().width;
        height = getSize().height;

        // currentProgress will indicate the percentage progress of an indexing job.
        // It can be accessed by the external javascript via the getter function "getIndexingProgress()", to show progressbar.
        currentProgress = 0;

        // isTaskRunning will indicate if a indexing job is in progress.
        isTaskRunning = false;

    public void paint( Graphics g ) {
        g.setColor( Color.BLUE );
        for ( int i = 0; i < 10; ++i ) {
            g.drawLine( width, height, i * width / 10, 0 );

    public void stop() {
        // Do something when user closes the window or navigates to another page.

    public int getIndexingProgress() {
            return currentProgress;
        return -1;

    public String getFolder() {
        String res = "";
        //int result = 0;
        try {
            final Component tmp = this;
            Object result = AccessController.doPrivileged(new PrivilegedAction() {
                public Object run() {
                    fileChooser = new JFileChooser();
                    //fileChooser.setCurrentDirectory(new java.io.File("."));

                    if (fileChooser.showOpenDialog(tmp) == JFileChooser.APPROVE_OPTION) {
                        return fileChooser.getSelectedFile().getPath();
                    return null;

            if(result == null) {
                return "";

            res = (String)result;
            return res;

        } catch (Exception e) {
        return res;

    // TODO overwrite start(), stop() and destroy() methods

Open in new window

I've signed this applet using the following procedure:

keytool -genkey - alias FileIndexerApplet -validity 365

jar cvf fileIndexerApplet2.jar fileIndexerApplet2.class

jarsigner fileIndexerApplet2.jar FileIndexerApplet


I'm getting the following error in Firefox:

uncaught exception: java.security.AccessControlException: access denied (java.util.PropertyPermission user.dir read)

OS: Windows 7

Its not working in Chrome, and I'm getting the same error in IE.

So, the applet is signed, AND I'm running the function as privileged code. Could you please advise me on what I'm doing wrong, or what I need to do in order to get this to work?

Thanks for the help.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sounds like your not running the signed jar. Make sure the classes aren't directly available on the web server or classpath.

Increase the debug level in the console as explained here to see whats getting loaded
shishir_sriAuthor Commented:

Thanks for the quick response. Only the jar file has been uploaded to the server. I did as you asked and changed the trace level to 5. I got the following response:


Trace level set to 5: all ... completed.
basic: Starting applet teardown
basic: Finished applet teardown
basic: Added progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@198a1f4
basic: Plugin2ClassLoader.addURL parent called for http://localhost/thakker/fileIndexerApplet2.jar
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Start to check whether root CA is replaced
security: The root CA hasnt been replaced
security: No timestamping info available
security: Found jurisdiction list file
security: No need to checking trusted extension for this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
basic: Applet loaded.
basic: Applet resized and added to parent container
basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 424401 us, pluginInit dt 15572703352 us, TotalTime: 15573127753 us
basic: Applet initialized
basic: Removed progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@198a1f4
basic: Applet made visible
basic: Starting applet
basic: completed perf rollup
basic: Applet started
basic: Told clients applet is started


If its any help, this is the code I'm using to add the applet in the web page:

<script src="http://www.java.com/js/deployJava.js"></script>
        var attributes = { id:'fileIndexerApplet', code:'fileIndexerApplet2.class', archive:'fileIndexerApplet2.jar', width:100, height:100} ;
        var parameters = {} ;
        deployJava.runApplet(attributes, parameters, '1.6');
<script type="text/javascript">
function appletMethod_getRoot() {
      // alert(document.fileIndexerApplet.getIndexingProgress());
      var folder = document.fileIndexerApplet.getFolder();
      // document.forms[0].elements['txtRoot'].value = document.applets[0].getFolder();
      return false;

Let me know what you think. Thanks again.

there are some suggestions on how to address similar situation
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

are you getting prompted to accept cert and grant applet permissions
shishir_sriAuthor Commented:


Thanks for the link, but I had seen the page before I posted the question here. It does not really give the solution, as its a webstart forum. Also, it recommends changing the policy files, which I cannot do, since this applet is gonna be publicly accessible over the web.

shishir_sriAuthor Commented:

objects: Yes I was prompted to accept cert and grant applet permissions once (when I signed the applet the first time). At the time, I wasn't using privileged code. I have, since, made the changes and uploaded the new signed jar files, with the code attached in my original query, but I haven't been prompted again.

I'm assuming that its because I accepted it once?

> At the time, I wasn't using privileged code.

that would cause the exception you are getting

> I'm assuming that its because I accepted it once?

did you check to allows allow it?

And have you cleared the cache, or at least restarted the browser?


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
shishir_sriAuthor Commented:
I feel like such a fool. I didn't remember if I selected the "Always" checkbox, so I created another key and signed the latest applet. Then I opened the page in Chrome, where I was given the trust prompt. Once I accepted, it worked.

I suppose it was because the cache is not getting cleared even though I cleared my FF cache.

Anyways, thanks a lot. :)

@for_yan: thank you too for the links.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.