Socketproblem with applet connecting to server

Discussion in 'Java' started by Pontus, Jul 19, 2005.

  1. Pontus

    Pontus Guest

    Hello!

    Tried to write an applet that connects to a server with sockets. The code
    below works in the appletwiever but I get a SecurityException with Internet
    Explorer 5.5 when
    the applet reads Socket socket=new
    Socket(this.getCodeBase().getHost(),port);

    I think I have tried it all and I have also searched the net for answer.

    How should I do to have the applet write "javaworld" and not receive the
    SecurityException "cannot access "127.0.0.1":5000" ?

    (If you test the code below, execute the server first and then the client)


    Thanks in advance!

    /Pontus



    The Client:

    import java.io.*;
    import java.net.*;
    import java.awt.*;
    import java.applet.*;

    public class AppletClient extends Applet{

    public void init(){
    Label label=new Label(" ");
    int port=5000;
    add(label);
    try{
    Socket socket=new Socket(this.getCodeBase().getHost(),port);//will be
    SecurityException.

    BufferedReader bufferedreader=new BufferedReader(new
    InputStreamReader(socket.getInputStream()));
    PrintWriter printwriter=new PrintWriter(socket.getOutputStream(),true);

    printwriter.println("java");
    String string=bufferedreader.readLine();

    label.setText(string);// should be "javaworld", but not.
    }
    catch(Exception error){
    label.setText(error.getMessage());//cannot access "127.0.0.1":5000
    }
    }
    }


    The server:

    import java.net.*;
    import java.io.*;

    public class Server{

    public static void main(String args[]){
    int port=5000;
    try{
    ServerSocket serversocket=new ServerSocket(port);
    Socket socket=serversocket.accept();

    BufferedReader bufferedreader=new BufferedReader(new
    InputStreamReader(socket.getInputStream()));
    PrintWriter printwriter=new PrintWriter(socket.getOutputStream(),true);

    String string1=bufferedreader.readLine();
    String string2=string1+"world";
    printwriter.println(string2);

    }
    catch(IOException error){}
    }
    }


    The HTML-file:

    <html>
    <body>
    <applet code=AppletClient.class width=300 height=300></applet>
    </body>
    </html>
    Pontus, Jul 19, 2005
    #1
    1. Advertising

  2. On Tue, 19 Jul 2005 15:08:38 +0200, Pontus wrote:

    > How should I do to have the applet write "javaworld" and not receive the
    > SecurityException "cannot access "127.0.0.1":5000" ?


    Have you *signed* the code?

    Did you click 'yes' when asked if you wanted to run
    code with 'increased privileges'?

    <http://www.physci.org/codes/javafaq.jsp#security>

    --
    Andrew Thompson
    physci.org 1point1c.org javasaver.com lensescapes.com athompson.info
    Presented In DOUBLE VISION Where Drunk
    Andrew Thompson, Jul 19, 2005
    #2
    1. Advertising

  3. Andrew Thompson wrote:
    > On Tue, 19 Jul 2005 15:08:38 +0200, Pontus wrote:
    >
    >
    >>How should I do to have the applet write "javaworld" and not receive the
    >>SecurityException "cannot access "127.0.0.1":5000" ?

    >
    >
    > Have you *signed* the code?
    >
    > Did you click 'yes' when asked if you wanted to run
    > code with 'increased privileges'?
    >
    > <http://www.physci.org/codes/javafaq.jsp#security>
    >


    He's not trying to do anything that would require a signed applet. He
    is trying to access the server at Applet.getCodeBase().getHost().

    I suspect the issue is that he is accessing the server via the loopback
    interface.

    Ray

    --
    XML is the programmer's duct tape.
    Raymond DeCampo, Jul 19, 2005
    #3
  4. On Tue, 19 Jul 2005 15:41:15 GMT, Raymond DeCampo wrote:

    > Andrew Thompson wrote:
    >> On Tue, 19 Jul 2005 15:08:38 +0200, Pontus wrote:
    >>
    >>>How should I do to have the applet write "javaworld" and not receive the
    >>>SecurityException "cannot access "127.0.0.1":5000" ?

    >>
    >> Have you *signed* the code?
    >>
    >> Did you click 'yes' when asked if you wanted to run
    >> code with 'increased privileges'?
    >>
    >> <http://www.physci.org/codes/javafaq.jsp#security>

    >
    > He's not trying to do anything that would require a signed applet. He
    > is trying to access the server at Applet.getCodeBase().getHost().


    Aah yes - good point.

    > I suspect the issue is that he is accessing the server via the loopback
    > interface.


    Will that trigger the SecurityException?

    --
    Andrew Thompson
    physci.org 1point1c.org javasaver.com lensescapes.com athompson.info
    In Hypno-Vision
    Andrew Thompson, Jul 19, 2005
    #4
  5. Andrew Thompson wrote:
    > On Tue, 19 Jul 2005 15:41:15 GMT, Raymond DeCampo wrote:
    >
    >
    >>Andrew Thompson wrote:
    >>
    >>>On Tue, 19 Jul 2005 15:08:38 +0200, Pontus wrote:
    >>>
    >>>
    >>>>How should I do to have the applet write "javaworld" and not receive the
    >>>>SecurityException "cannot access "127.0.0.1":5000" ?
    >>>
    >>>Have you *signed* the code?
    >>>
    >>>Did you click 'yes' when asked if you wanted to run
    >>>code with 'increased privileges'?
    >>>
    >>><http://www.physci.org/codes/javafaq.jsp#security>

    >>
    >>He's not trying to do anything that would require a signed applet. He
    >>is trying to access the server at Applet.getCodeBase().getHost().

    >
    >
    > Aah yes - good point.
    >
    >
    >>I suspect the issue is that he is accessing the server via the loopback
    >>interface.

    >
    >
    > Will that trigger the SecurityException?
    >


    I don't know for sure, but it is the only thing in the post that seems
    likely to me. If I were the OP, I would try accessing the page
    containing the applet via something other than localhost or 127.0.0.1 to
    see if that alleviates the problem.

    Ray

    --
    XML is the programmer's duct tape.
    Raymond DeCampo, Jul 19, 2005
    #5
  6. worked for me with FireFox 1.0.4

    johan


    Pontus wrote:
    > Hello!
    >
    > Tried to write an applet that connects to a server with sockets. The code
    > below works in the appletwiever but I get a SecurityException with Internet
    > Explorer 5.5 when
    > the applet reads Socket socket=new
    > Socket(this.getCodeBase().getHost(),port);
    >
    > I think I have tried it all and I have also searched the net for answer.
    >
    > How should I do to have the applet write "javaworld" and not receive the
    > SecurityException "cannot access "127.0.0.1":5000" ?
    >
    > (If you test the code below, execute the server first and then the client)
    >
    >
    > Thanks in advance!
    >
    > /Pontus
    >
    >
    >
    > The Client:
    >
    > import java.io.*;
    > import java.net.*;
    > import java.awt.*;
    > import java.applet.*;
    >
    > public class AppletClient extends Applet{
    >
    > public void init(){
    > Label label=new Label(" ");
    > int port=5000;
    > add(label);
    > try{
    > Socket socket=new Socket(this.getCodeBase().getHost(),port);//will be
    > SecurityException.
    >
    > BufferedReader bufferedreader=new BufferedReader(new
    > InputStreamReader(socket.getInputStream()));
    > PrintWriter printwriter=new PrintWriter(socket.getOutputStream(),true);
    >
    > printwriter.println("java");
    > String string=bufferedreader.readLine();
    >
    > label.setText(string);// should be "javaworld", but not.
    > }
    > catch(Exception error){
    > label.setText(error.getMessage());//cannot access "127.0.0.1":5000
    > }
    > }
    > }
    >
    >
    > The server:
    >
    > import java.net.*;
    > import java.io.*;
    >
    > public class Server{
    >
    > public static void main(String args[]){
    > int port=5000;
    > try{
    > ServerSocket serversocket=new ServerSocket(port);
    > Socket socket=serversocket.accept();
    >
    > BufferedReader bufferedreader=new BufferedReader(new
    > InputStreamReader(socket.getInputStream()));
    > PrintWriter printwriter=new PrintWriter(socket.getOutputStream(),true);
    >
    > String string1=bufferedreader.readLine();
    > String string2=string1+"world";
    > printwriter.println(string2);
    >
    > }
    > catch(IOException error){}
    > }
    > }
    >
    >
    > The HTML-file:
    >
    > <html>
    > <body>
    > <applet code=AppletClient.class width=300 height=300></applet>
    > </body>
    > </html>
    >
    >
    =?ISO-8859-1?Q?Johan_K=FCtt?=, Jul 20, 2005
    #6
  7. Pontus

    Wenny Macura Guest

    Johan Kütt wrote:
    > worked for me with FireFox 1.0.4
    >
    > johan
    >
    >
    > Pontus wrote:
    >
    >> Hello!
    >>
    >> Tried to write an applet that connects to a server with sockets. The code
    >> below works in the appletwiever but I get a SecurityException with
    >> Internet
    >> Explorer 5.5 when
    >> the applet reads Socket socket=new
    >> Socket(this.getCodeBase().getHost(),port);
    >>
    >> I think I have tried it all and I have also searched the net for answer.
    >>
    >> How should I do to have the applet write "javaworld" and not receive the
    >> SecurityException "cannot access "127.0.0.1":5000" ?
    >>
    >> (If you test the code below, execute the server first and then the
    >> client)
    >>
    >>
    >> Thanks in advance!
    >>
    >> /Pontus
    >>
    >>
    >>
    >> The Client:
    >>
    >> import java.io.*;
    >> import java.net.*;
    >> import java.awt.*;
    >> import java.applet.*;
    >>
    >> public class AppletClient extends Applet{
    >>
    >> public void init(){
    >> Label label=new Label(" ");
    >> int port=5000;
    >> add(label);
    >> try{
    >> Socket socket=new Socket(this.getCodeBase().getHost(),port);//will be
    >> SecurityException.
    >>
    >> BufferedReader bufferedreader=new BufferedReader(new
    >> InputStreamReader(socket.getInputStream()));
    >> PrintWriter printwriter=new
    >> PrintWriter(socket.getOutputStream(),true);
    >>
    >> printwriter.println("java");
    >> String string=bufferedreader.readLine();
    >>
    >> label.setText(string);// should be "javaworld", but not.
    >> }
    >> catch(Exception error){
    >> label.setText(error.getMessage());//cannot access "127.0.0.1":5000
    >> }
    >> }
    >> }
    >>
    >>
    >> The server:
    >>
    >> import java.net.*;
    >> import java.io.*;
    >>
    >> public class Server{
    >>
    >> public static void main(String args[]){
    >> int port=5000;
    >> try{
    >> ServerSocket serversocket=new ServerSocket(port);
    >> Socket socket=serversocket.accept();
    >>
    >> BufferedReader bufferedreader=new BufferedReader(new
    >> InputStreamReader(socket.getInputStream()));
    >> PrintWriter printwriter=new
    >> PrintWriter(socket.getOutputStream(),true);
    >>
    >> String string1=bufferedreader.readLine();
    >> String string2=string1+"world";
    >> printwriter.println(string2);
    >>
    >> }
    >> catch(IOException error){}
    >> }
    >> }
    >>
    >>
    >> The HTML-file:
    >>
    >> <html>
    >> <body>
    >> <applet code=AppletClient.class width=300 height=300></applet>
    >> </body>
    >> </html>
    >>
    >>

    You have to either used signed applet or modify the java.policy
    (.java.policy ).
    since the applet lives within a sand box.

    grant {
    permission java.net.SocketPermission "*:*", "accept, connect, listen,
    resolve";
    };

    the "*.*" may be tailored to any set ip:port.

    The java.policy resides in the ..../j2re*.*.*/lib/security

    You may use the bin/policytool.exe to accomplish the same.

    Wenny
    Wenny Macura, Jul 20, 2005
    #7
  8. Pontus

    Roedy Green Guest

    On Wed, 20 Jul 2005 15:12:42 GMT, Wenny Macura <> wrote
    or quoted :

    >You have to either used signed applet or modify the java.policy
    >(.java.policy ).
    >since the applet lives within a sand box.


    You are allowed to use a socket without signing IF:

    1. you are reading from the same host that the web page came from.

    2. the resource is downstream of the web page. By that I mean if the
    web page is in the descendant tree, e.g. if the web page is in
    http://mindprod.com/applets and the resource is in
    http://mindprod.com/applets/snippets

    You CAN'T read a resource not a descendant, unless you sign e.g. in
    http://mindprod.com/jgloss/snippets

    I discovered this experimenting with the JDisplay Applet I use to
    displaying colourised code fragments.

    I need to do some more experiments to find out what happens when the
    jar and web page are not in the same directory. I am fairly sure what
    counts is being downstream of the web page, not downstream of the jar.

    --
    Bush crime family lost/embezzled $3 trillion from Pentagon.
    Complicit Bush-friendly media keeps mum. Rumsfeld confesses on video.
    http://www.infowars.com/articles/us/mckinney_grills_rumsfeld.htm

    Canadian Mind Products, Roedy Green.
    See http://mindprod.com/iraq.html photos of Bush's war crimes
    Roedy Green, Jul 23, 2005
    #8
  9. Roedy Green wrote:
    > On Wed, 20 Jul 2005 15:12:42 GMT, Wenny Macura <> wrote
    > or quoted :
    >
    >
    >>You have to either used signed applet or modify the java.policy
    >>(.java.policy ).
    >>since the applet lives within a sand box.

    >
    >
    > You are allowed to use a socket without signing IF:
    >
    > 1. you are reading from the same host that the web page came from.
    >
    > 2. the resource is downstream of the web page. By that I mean if the
    > web page is in the descendant tree, e.g. if the web page is in
    > http://mindprod.com/applets and the resource is in
    > http://mindprod.com/applets/snippets
    >
    > You CAN'T read a resource not a descendant, unless you sign e.g. in
    > http://mindprod.com/jgloss/snippets
    >
    > I discovered this experimenting with the JDisplay Applet I use to
    > displaying colourised code fragments.
    >
    > I need to do some more experiments to find out what happens when the
    > jar and web page are not in the same directory. I am fairly sure what
    > counts is being downstream of the web page, not downstream of the jar.
    >


    It has been pointed out many times that item #2 above is not true. You
    can make any kind of socket connection, to any port, to the same host
    that served the applet. Nothing prevents you from accessing any URL
    publicly available on the originating host. I have personally done this
    and know that it works.

    Please stop spreading incorrect data based on your experimental
    observations especially when they are unsupported by documentation. For
    example, see

    <http://java.sun.com/sfaq/>
    <http://java.sun.com/docs/books/tutorial/applet/practical/security.html>

    If you are experiencing problems getting #2 to work, I suggest you post
    a SSCE and let us discover the problem.

    Ray

    --
    XML is the programmer's duct tape.
    Raymond DeCampo, Jul 23, 2005
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rune Andresen
    Replies:
    2
    Views:
    1,916
    Phil Powell
    Sep 17, 2003
  2. Jesse
    Replies:
    4
    Views:
    4,250
    Ryan Stewart
    Jun 6, 2004
  3. paul.foreman

    Applet connecting to a Server

    paul.foreman, Jul 31, 2004, in forum: Java
    Replies:
    3
    Views:
    510
    paul.foreman
    Aug 2, 2004
  4. Roland Poellinger
    Replies:
    1
    Views:
    1,283
    Ryan Dillon
    Mar 12, 2005
  5. Xavier Seneque

    Connecting with an applet throw a proxy

    Xavier Seneque, May 30, 2005, in forum: Java
    Replies:
    0
    Views:
    339
    Xavier Seneque
    May 30, 2005
Loading...

Share This Page