Help! Applet access remote database

Discussion in 'Java' started by ithaca, Mar 3, 2004.

  1. ithaca

    ithaca Guest

    Hi,

    I have an applet which I want to put on the client side. The main function
    of this applet is to query database and draw some graphic navigation
    interface. It works fine when I tested with application.However once I
    changed it to applet, it has error( Java.security.AccessControl
    Exception:Access Denied, Java.net.socket Permission "my db server address"
    resolve). I know it is caused by java sand box security problem. I also
    learned online that the possible solution is to use signed applet or RMI, Or
    use applet +servlet.

    My question is what is the best solution without least change?
    Thanks a lot!
    ithaca, Mar 3, 2004
    #1
    1. Advertising

  2. On Tue, 2 Mar 2004 23:29:37 -0500, ithaca wrote:

    > I have an applet which I want to put on the client side. The main function
    > of this applet is to query database

    ....
    > changed it to applet, it has error( Java.security.AccessControl
    > Exception:Access Denied, Java.net.socket Permission "my db server address"
    > resolve). I know it is caused by java sand box security problem. I also
    > learned online that the possible solution is to use signed applet or RMI, Or
    > use applet +servlet.


    Signed applet delivered using WebStart
    would require the least changes to the
    applet (i.e. none to the applet code),
    though some combination of applet/servlet
    may produce better results depending on
    the details of your spec.

    --
    Andrew Thompson
    * http://www.PhySci.org/ Open-source software suite
    * http://www.PhySci.org/codes/ Web & IT Help
    * http://www.1point1C.org/ Science & Technology
    Andrew Thompson, Mar 3, 2004
    #2
    1. Advertising

  3. ithaca

    ithaca Guest

    Thanks for the help.
    Signed applet will have serious security problem, right?


    "Andrew Thompson" <> wrote in message
    news:1xqfsebpuhjyh$.uirg9lisnq5c$...
    > On Tue, 2 Mar 2004 23:29:37 -0500, ithaca wrote:
    >
    > > I have an applet which I want to put on the client side. The main

    function
    > > of this applet is to query database

    > ...
    > > changed it to applet, it has error( Java.security.AccessControl
    > > Exception:Access Denied, Java.net.socket Permission "my db server

    address"
    > > resolve). I know it is caused by java sand box security problem. I also
    > > learned online that the possible solution is to use signed applet or

    RMI, Or
    > > use applet +servlet.

    >
    > Signed applet delivered using WebStart
    > would require the least changes to the
    > applet (i.e. none to the applet code),
    > though some combination of applet/servlet
    > may produce better results depending on
    > the details of your spec.
    >
    > --
    > Andrew Thompson
    > * http://www.PhySci.org/ Open-source software suite
    > * http://www.PhySci.org/codes/ Web & IT Help
    > * http://www.1point1C.org/ Science & Technology
    ithaca, Mar 3, 2004
    #3
  4. Andrew Thompson, Mar 3, 2004
    #4
  5. ithaca

    Ike Guest

    Even if it is signed, you wont be able to access the remote database with an
    Applet, contrary to what anyone may tell you. What you must do is
    communicate with a servlet as an intermediary to the database. Applet calls
    servlet for data, servlet gets it from the database, sends it back to
    applet.

    Trying to access a remotre database from an applet any other way won't
    fly. -Ike

    "ithaca" <> wrote in message
    news:c23n0l$k9a$...
    > Hi,
    >
    > I have an applet which I want to put on the client side. The main function
    > of this applet is to query database and draw some graphic navigation
    > interface. It works fine when I tested with application.However once I
    > changed it to applet, it has error( Java.security.AccessControl
    > Exception:Access Denied, Java.net.socket Permission "my db server

    address"
    > resolve). I know it is caused by java sand box security problem. I also
    > learned online that the possible solution is to use signed applet or RMI,

    Or
    > use applet +servlet.
    >
    > My question is what is the best solution without least change?
    > Thanks a lot!
    >
    >
    Ike, Mar 4, 2004
    #5
  6. ithaca

    Sudsy Guest

    Ike wrote:
    > Even if it is signed, you wont be able to access the remote database with an
    > Applet, contrary to what anyone may tell you. What you must do is
    > communicate with a servlet as an intermediary to the database. Applet calls
    > servlet for data, servlet gets it from the database, sends it back to
    > applet.


    So perhaps I'm one of the "anyone". If your applet is given the
    requisite permissions then it can establish a connection with
    ANY host. Using a proxy server on the machine which sourced the
    applet is another option but not the only one.
    Sudsy, Mar 4, 2004
    #6
  7. ithaca

    Chris Uppal Guest

    Sudsy wrote:

    > If your applet is given the
    > requisite permissions then it can establish a connection with
    > ANY host.


    I'm not contradicting you, but does anyone do this in practice ?

    I'm finding it hard to imagine a scenario where I could expect users to be
    willing (and able) to modify the permissions, and none that wouldn't be better
    served by a standalone application (maybe WebStart-ed).

    -- chris
    Chris Uppal, Mar 4, 2004
    #7
  8. ithaca

    Ike Guest

    True. But I had wasted a good deal of time under the notion that simply
    because an applet was signed, it could communicate with a database on the
    server that served it up - a connection I could never make. Furthermore, I
    lost a good deal of time with an open source report generating tool that
    claimed it "could be integrated into an applet." Finally, I realised there
    wasn't any shortcut in communicating directly from signed applet to a
    database on the internet, even if on the same server, without going through
    a servlet. -Ike

    "Sudsy" <> wrote in message
    news:...
    > Ike wrote:
    > > Even if it is signed, you wont be able to access the remote database

    with an
    > > Applet, contrary to what anyone may tell you. What you must do is
    > > communicate with a servlet as an intermediary to the database. Applet

    calls
    > > servlet for data, servlet gets it from the database, sends it back to
    > > applet.

    >
    > So perhaps I'm one of the "anyone". If your applet is given the
    > requisite permissions then it can establish a connection with
    > ANY host. Using a proxy server on the machine which sourced the
    > applet is another option but not the only one.
    >
    Ike, Mar 4, 2004
    #8
  9. Ike wrote:

    > True. But I had wasted a good deal of time under the notion that simply
    > because an applet was signed, it could communicate with a database on the
    > server that served it up


    It doesn't even need to be signed for that.


    > - a connection I could never make.


    Then you did something wrong.


    > claimed it "could be integrated into an applet." Finally, I realised there
    > wasn't any shortcut in communicating directly from signed applet to a
    > database on the internet, even if on the same server, without going through
    > a servlet.


    You are mistaken. It's prefectly possible for even an unsigned applet to
    connect directly to a DB running on the server that served it, as long
    as it has the necessary DB driver, login and passwords and no firewall
    blocks it. I suspect that in your case there simply was a firewall blocking
    non-local access to the DB, which is a sensible thing to do exactly because
    the applet would have to contain the DB password which could be extracted
    from it by anyone with some technical knowledge and used to **** up the DB.

    So you don't *have* to go through a servlet - but you should, for security
    reasons.
    Michael Borgwardt, Mar 5, 2004
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Vincent Ho
    Replies:
    0
    Views:
    2,228
    Vincent Ho
    Aug 6, 2003
  2. Lukasz
    Replies:
    9
    Views:
    4,150
    Thomas Fritsch
    Aug 9, 2006
  3. Replies:
    1
    Views:
    545
    Andrew Thompson
    Nov 19, 2007
  4. eddy princen
    Replies:
    3
    Views:
    130
  5. william

    Access remote access database from ASP

    william, Feb 10, 2004, in forum: ASP General
    Replies:
    5
    Views:
    132
    william
    Feb 13, 2004
Loading...

Share This Page