Java Applets and the URL class

steviec

Hi

I'm running into a bit of difficulty with a program I'm working on.

I have the following piece of code:

try
		{
			URL url = new URL("http://www.wherever.com/whatever.html");
			buf = new BufferedReader(new InputStreamReader(url.openStream()));
			time = buf.readLine();
			buf.close();	
		}

I have the exact same piece of code in two programs, one is normal java and works fine. The other though is an applet, and gives me the following error:

java.security.AccessControlException: access denied (java.net.SocketPermission w
ww1.bipm.org resolve)
java.security.AccessControlException: access denied (java.net.SocketPermission w
ww1.bipm.org resolve)
        at java.security.AccessControlContext.checkPermission(AccessControlConte
xt.java:269)
        at java.security.AccessController.checkPermission(AccessController.java:
401)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
        at java.lang.SecurityManager.checkConnect(SecurityManager.java:1023)
        at java.net.InetAddress.getAllByName0(InetAddress.java:1000)
        at java.net.InetAddress.getAllByName0(InetAddress.java:981)
        at java.net.InetAddress.getAllByName(InetAddress.java:975)
        at java.net.InetAddress.getByName(InetAddress.java:889)
        at sun.net.www.http.HttpClient.<init>(HttpClient.java:296)
        at sun.net.www.http.HttpClient.<init>(HttpClient.java:267)
        at sun.net.www.http.HttpClient.New(HttpClient.java:339)
        at sun.net.www.http.HttpClient.New(HttpClient.java:320)
        at sun.net.www.http.HttpClient.New(HttpClient.java:315)
        at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConne
ction.java:521)
        at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection
.java:498)
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:626)
        at java.net.URL.openStream(URL.java:913)
        at Time.reinit(Time.java:35)
        at Time.init(Time.java:27)
        at sun.applet.AppletPanel.run(AppletPanel.java:353)
        at java.lang.Thread.run(Thread.java:534)

So for some reason I'm having a problem related to security and permissions. It's the same problem no matter what address I use and I'm only trying freely visible HTML documents that java programs should have no problem accessing, so I'm wondering is there some different process or a way around this for applets?

pH

An applet is only allowed make a network connection back to the site it was served from

MrPinK

Applets run in a sandbox which gives them restricted permissions. This is to prevent websites being able to do stuff like accessing/modifying files on your computer. But as long as your using a version of java later than 1.2, you can customise the security policy for a certain applet.

First you need to jar up the class files for the applet. Then you need to modify your security policy file located at $java_home/jre/lib/security/java.policy. You can edit it by hand, but seeing as you probably don't know the format it's best to use the automated tool. Run 'policytool' from the command line, open up your java.policy file and click on 'Add Policy Entry'. Codebase is the location of the jar file you made (doesn't have to be on the local machine, can be a URL). Click add permission, and under SocketPermission you want to give connect and resolve permissions for 'www.wherever.com'. That should hopefully sort it out.

rsynnott

Alternatively you can sign the applet, and this is the way to go if you want other people to be able to use it. You'll be needing a goat and a sharp knife...

Or, if it only has to connect to a particular service, and you have control over the server it'll be running on, you could forward a port on that server to the ultimate destination.