pls test my applet

[NickPick]

Could you please test my applet? I heard from some people that they
can't load it and I'm trying to find the reason as it works fine on my
computer.

http://www.dickreuter.com/res1.php

many thanks

 

[Lord0]

Doesnt work for me in
FF 3.0.6
or
IE 6.0.29 ("Loading Java applet failed.....")

Note I am using Java 1.4.2_08 (dont ask)

 

[Lew]

Doesnt work for me in
FF 3.0.6
or
IE 6.0.29 ("Loading Java applet failed.....")

Note I am using Java 1.4.2_08 (dont ask)

Rrr?

 

[NickPick]

Doesnt work for me in
FF 3.0.6
or
IE 6.0.29 ("Loading Java applet failed.....")

Note I am using Java 1.4.2_08 (dont ask)

Any idea why it doesn't work. Does work on my computer!

 

[Albert]

NickPick a écrit :

Could you please test my applet? I heard from some people that they
can't load it and I'm trying to find the reason as it works fine on my
computer.

http://www.dickreuter.com/res1.php

many thanks

works on mine (1.6.0_12) with FF 3.06

 

[evilfrenchguy]

Could you please test my applet? I heard from some people that they
can't load it and I'm trying to find the reason as it works fine on my
computer.

http://www.dickreuter.com/res1.php

many thanks

Works fine for me in IE

 

[Thomas Kellerer]

NickPick, 03.03.2009 15:34:

Could you please test my applet? I heard from some people that they
can't load it and I'm trying to find the reason as it works fine on my
computer.

http://www.dickreuter.com/res1.php

many thanks

Works fine here with FF 3.0.6 and JRE 1.6.0_10-b33

I get a warning from FF because the digital signature can not be verified (because you signed it yourself).

I assume this could cause the applet not to be run at all by the browser depending on the security settings.

 

[Mark Space]

Could you please test my applet? I heard from some people that they
can't load it and I'm trying to find the reason as it works fine on my
computer.

http://www.dickreuter.com/res1.php

many thanks

I almost did not accept your security credential. My guess would be
that some browsers are set to silently reject untrusted certificates.

I'd change your app so that it doesn't need the cert. Have it talk to
your server. Have your server do the connect to outside servers.
There's a lot of mischief you can do with an certificate, you really
shouldn't need one for something like this.

 

[NickPick]

NickPick, 03.03.2009 15:34:> Could you please test my applet? I heard from some people that they

Works fine here with FF 3.0.6 and JRE 1.6.0_10-b33

I get a warning from FF because the digital signature can not be verified (because you signed it yourself).

I assume this could cause the applet not to be run at all by the browser depending on the security settings.

Thanks.
DO you have any idea where I can buy a cheap certificate so that I
don't have to sign it myself?

 

[John B. Matthews]

I almost did not accept your security credential. My guess would be
that some browsers are set to silently reject untrusted certificates.

I'd change your app so that it doesn't need the cert. Have it talk to
your server. Have your server do the connect to outside servers.
There's a lot of mischief you can do with an certificate, you really
shouldn't need one for something like this.

This is surely a better approach. Ignoring certification, the user may
reasonably wonder why your applet has to contact another server. At the
same time, signing your applet ensures that maliciously altered copies
cannot pose as yours.

Consider doing both: sign your applet but give it suitable untrusted
functionality. Here is a signed applet that runs in a secure sandbox
even if the certificate is rejected:

<http://sites.google.com/site/drjohnbmatthews/subway>

 

[Dave Miller]

Could you please test my applet? I heard from some people that they
can't load it and I'm trying to find the reason as it works fine on my
computer.

http://www.dickreuter.com/res1.php

many thanks

It works after the user accepts the signed content. If they don't
accept, they will get a security exception. AFAIK there is no browser
setting that automatically denies signed content.(We sell a product that
uses signed applets so I'm pretty sure we would have run across it if it
existed.)

If you want troubleshoot failures:

1. Ask the user if they get a little coffee cup icon in the lower right
hand corner of their screen (presuming Windows).
2. If no, they have a missing or other JRE problem.
3. If yes, have them right click on the coffee cup, open the console and
copy and paste the exceptions into an email to you.

Whether the user accepts the content has more to do with their trust in
you rather than their trust in a Certificate Authority. If it's people
that you know and / or with whom you've created a real or virtual
relationship, you can probably explain the self signed applet upfront
and have them accept it. If you don't have a relationship, you'll
probably need a CA signed cert.

We sell certs on our site (GlobalSign) at (AFAIK) the lowest prices
available. Unfortunately, of the three Java cert issuers, only Verisign
will issue to individuals and they're the most expensive - about $500
for a year. The others, including ours, only issue to registered businesses.

The poster who suggested contacting your server and having it contact
the data generating server seems to have the best workaround. Unless you
need access to the client's system (usually for writing to disk) you
really don't need to sign.

I'd probably have a servlet get the data every x minutes and save it to
a DB and then have the applets connect to a JSP or servlet that reads
from the DB.

 

[Roedy Green]

http://www.dickreuter.com/res1.php

it is a signed applet with phony cert. This is just the sort of code
people should NOT run. If you want people to test it, they will need
to see the source first or at least know a lot more about what it
does.

--
Roedy Green Canadian Mind Products
http://mindprod.com

"Learning is not compulsory... neither is survival."
~ Dr. W. (William) Edwards Deming (born: 1900-10-14 died: 1993-12-20 at age: 93))

 

[Arne Vajhøj]

Doesnt work for me in
FF 3.0.6
or
IE 6.0.29 ("Loading Java applet failed.....")

Note I am using Java 1.4.2_08 (dont ask)

That could very well be the reason other have problems
as well.

There are lots of browsers out there with Java versions older
than latest and greatest.

Arne

 

[Arne Vajhøj]

DO you have any idea where I can buy a cheap certificate so that I
don't have to sign it myself?

It is just a regular certificate.

And seller of certificates should do.

VeriSign, Thawte, RapidSSL, GeoTrust and so on.

Arne

 

[Arne Vajhøj]

it is a signed applet with phony cert. This is just the sort of code
people should NOT run.

In general internet context I agree 100%.

If you want people to test it, they will need
to see the source first or at least know a lot more about what it
does.

In this particular case we all know reasonably well what it does
because the poster has asked several question the last couple of
weeks..

And people should have the knowledge to download the code and
decompile it to check for malicious code.

Arne

 

[NickPick]

it is a signed applet with phony cert.  This is just the sort of code
people should NOT run.  If you want people to test it, they will need
to see the source first or at least know a lot more about what it
does.

--
Roedy Green Canadian Mind Productshttp://mindprod.com

"Learning is not compulsory... neither is survival."
~ Dr. W. (William) Edwards Deming (born: 1900-10-14 died: 1993-12-20 at age: 93))

All it does is downloading data from finance.yahoo.com (that's why it
needs a certificate) and displaying it as a chart.

For some reason certain people get the error message:
Loading Java Applet Failed java.lang.NoClassDefFoundError

I don't understand why only part of the people get an error message
while it works fine for the rest. Any ideas? thanks

 

[Lew]

NickPick: Please don't quote sigs.

All it does is downloading data from finance.yahoo.com (that's why it
needs a certificate) and displaying it as a chart.

People inclined to be suspicious of your certificate are likely to be too
paranoid to accept your say-so about its safety.

 

[Dave Miller]

NickPick wrote:

It is just a regular certificate.

And seller of certificates should do.

VeriSign, Thawte, RapidSSL, GeoTrust and so on.

Arne

It used to be that you could take a regular SSL, play around with it to
get it into your keystore and use it to sign. We were only able to get
it to work with certs whose root was distributed in the JRE (Thawte,
etc.) but others may have been able to get cheaper certs to work as well.

Starting with either 1.5 or 1.6, Sun apparently put the kibosh on that.
No matter how much we hacked around with the SSL certs, we still got
security exceptions.

Since then we've had to use a separate object signing cert and can no
longer use a regular SSL. If anyone knows how to use the (much, much)
cheaper SSL please post the how to here.

 

[NickPick]

I can't say for sure, but if your cert isn't accepted, then the code
won't be downloaded, and hence "NoClassDefFoundError".  That is, the
class def it's looking for is yours, and it isn't there.

I'm new to Java and my preliminary conclusion is that Java is just not
suitable for what I want to do. I'm working on a solution in PHP which
appears to be much easier and better. But thanks for your help!

 

[Lew]

I'm new to Java and my preliminary conclusion is that Java is just not
suitable for what I want to do. I'm working on a solution in PHP which
appears to be much easier and better. But thanks for your help!

Keywords: "appears to be"