Socketproblem with applet connecting to server

[Pontus]

Hello!

Tried to write an applet that connects to a server with sockets. The code
below works in the appletwiever but I get a SecurityException with Internet
Explorer 5.5 when
the applet reads Socket socket=new
Socket(this.getCodeBase().getHost(),port);

I think I have tried it all and I have also searched the net for answer.

How should I do to have the applet write "javaworld" and not receive the
SecurityException "cannot access "127.0.0.1":5000" ?

(If you test the code below, execute the server first and then the client)


Thanks in advance!

/Pontus



The Client:

import java.io.*;
import java.net.*;
import java.awt.*;
import java.applet.*;

public class AppletClient extends Applet{

public void init(){
Label label=new Label(" ");
int port=5000;
add(label);
try{
Socket socket=new Socket(this.getCodeBase().getHost(),port);//will be
SecurityException.

BufferedReader bufferedreader=new BufferedReader(new
InputStreamReader(socket.getInputStream()));
PrintWriter printwriter=new PrintWriter(socket.getOutputStream(),true);

printwriter.println("java");
String string=bufferedreader.readLine();

label.setText(string);// should be "javaworld", but not.
}
catch(Exception error){
label.setText(error.getMessage());//cannot access "127.0.0.1":5000
}
}
}


The server:

import java.net.*;
import java.io.*;

public class Server{

public static void main(String args[]){
int port=5000;
try{
ServerSocket serversocket=new ServerSocket(port);
Socket socket=serversocket.accept();

BufferedReader bufferedreader=new BufferedReader(new
InputStreamReader(socket.getInputStream()));
PrintWriter printwriter=new PrintWriter(socket.getOutputStream(),true);

String string1=bufferedreader.readLine();
String string2=string1+"world";
printwriter.println(string2);

}
catch(IOException error){}
}
}


The HTML-file:

<html>
<body>
<applet code=AppletClient.class width=300 height=300></applet>
</body>
</html>

 

[Andrew Thompson]

How should I do to have the applet write "javaworld" and not receive the
SecurityException "cannot access "127.0.0.1":5000" ?

Have you *signed* the code?

Did you click 'yes' when asked if you wanted to run
code with 'increased privileges'?

<http://www.physci.org/codes/javafaq.jsp#security>

 

[Raymond DeCampo]

Have you *signed* the code?

Did you click 'yes' when asked if you wanted to run
code with 'increased privileges'?

<http://www.physci.org/codes/javafaq.jsp#security>

He's not trying to do anything that would require a signed applet. He
is trying to access the server at Applet.getCodeBase().getHost().

I suspect the issue is that he is accessing the server via the loopback
interface.

Ray

 

[Andrew Thompson]

He's not trying to do anything that would require a signed applet. He
is trying to access the server at Applet.getCodeBase().getHost().

Aah yes - good point.

I suspect the issue is that he is accessing the server via the loopback
interface.

Will that trigger the SecurityException?

 

[Raymond DeCampo]

Aah yes - good point.




Will that trigger the SecurityException?

I don't know for sure, but it is the only thing in the post that seems
likely to me. If I were the OP, I would try accessing the page
containing the applet via something other than localhost or 127.0.0.1 to
see if that alleviates the problem.

Ray

 

[=?ISO-8859-1?Q?Johan_K=FCtt?=]

worked for me with FireFox 1.0.4

johan

 

[Wenny Macura]

worked for me with FireFox 1.0.4

johan

Hello!

Tried to write an applet that connects to a server with sockets. The code
below works in the appletwiever but I get a SecurityException with
Internet
Explorer 5.5 when
the applet reads Socket socket=new
Socket(this.getCodeBase().getHost(),port);

I think I have tried it all and I have also searched the net for answer.

How should I do to have the applet write "javaworld" and not receive the
SecurityException "cannot access "127.0.0.1":5000" ?

(If you test the code below, execute the server first and then the
client)


Thanks in advance!

/Pontus



The Client:

import java.io.*;
import java.net.*;
import java.awt.*;
import java.applet.*;

public class AppletClient extends Applet{

public void init(){
Label label=new Label(" ");
int port=5000;
add(label);
try{
Socket socket=new Socket(this.getCodeBase().getHost(),port);//will be
SecurityException.

BufferedReader bufferedreader=new BufferedReader(new
InputStreamReader(socket.getInputStream()));
PrintWriter printwriter=new
PrintWriter(socket.getOutputStream(),true);

printwriter.println("java");
String string=bufferedreader.readLine();

label.setText(string);// should be "javaworld", but not.
}
catch(Exception error){
label.setText(error.getMessage());//cannot access "127.0.0.1":5000
}
}
}


The server:

import java.net.*;
import java.io.*;

public class Server{

public static void main(String args[]){
int port=5000;
try{
ServerSocket serversocket=new ServerSocket(port);
Socket socket=serversocket.accept();

BufferedReader bufferedreader=new BufferedReader(new
InputStreamReader(socket.getInputStream()));
PrintWriter printwriter=new
PrintWriter(socket.getOutputStream(),true);

String string1=bufferedreader.readLine();
String string2=string1+"world";
printwriter.println(string2);

}
catch(IOException error){}
}
}


The HTML-file:

<html>
<body>
<applet code=AppletClient.class width=300 height=300></applet>
</body>
</html>

You have to either used signed applet or modify the java.policy
(.java.policy ).
since the applet lives within a sand box.

grant {
permission java.net.SocketPermission "*:*", "accept, connect, listen,
resolve";
};

the "*.*" may be tailored to any set iport.

The java.policy resides in the ..../j2re*.*.*/lib/security

You may use the bin/policytool.exe to accomplish the same.

Wenny

 

[Roedy Green]

You have to either used signed applet or modify the java.policy
(.java.policy ).
since the applet lives within a sand box.

You are allowed to use a socket without signing IF:

1. you are reading from the same host that the web page came from.

2. the resource is downstream of the web page. By that I mean if the
web page is in the descendant tree, e.g. if the web page is in
http://mindprod.com/applets and the resource is in
http://mindprod.com/applets/snippets

You CAN'T read a resource not a descendant, unless you sign e.g. in
http://mindprod.com/jgloss/snippets

I discovered this experimenting with the JDisplay Applet I use to
displaying colourised code fragments.

I need to do some more experiments to find out what happens when the
jar and web page are not in the same directory. I am fairly sure what
counts is being downstream of the web page, not downstream of the jar.

--
Bush crime family lost/embezzled $3 trillion from Pentagon.
Complicit Bush-friendly media keeps mum. Rumsfeld confesses on video.
http://www.infowars.com/articles/us/mckinney_grills_rumsfeld.htm

Canadian Mind Products, Roedy Green.
See http://mindprod.com/iraq.html photos of Bush's war crimes

 

[Raymond DeCampo]

You are allowed to use a socket without signing IF:

1. you are reading from the same host that the web page came from.

2. the resource is downstream of the web page. By that I mean if the
web page is in the descendant tree, e.g. if the web page is in
http://mindprod.com/applets and the resource is in
http://mindprod.com/applets/snippets

You CAN'T read a resource not a descendant, unless you sign e.g. in
http://mindprod.com/jgloss/snippets

I discovered this experimenting with the JDisplay Applet I use to
displaying colourised code fragments.

I need to do some more experiments to find out what happens when the
jar and web page are not in the same directory. I am fairly sure what
counts is being downstream of the web page, not downstream of the jar.

It has been pointed out many times that item #2 above is not true. You
can make any kind of socket connection, to any port, to the same host
that served the applet. Nothing prevents you from accessing any URL
publicly available on the originating host. I have personally done this
and know that it works.

Please stop spreading incorrect data based on your experimental
observations especially when they are unsupported by documentation. For
example, see

<http://java.sun.com/sfaq/>
<http://java.sun.com/docs/books/tutorial/applet/practical/security.html>

If you are experiencing problems getting #2 to work, I suggest you post
a SSCE and let us discover the problem.

Ray