Message-Id: <199806170740.AA17991@egate2.citicorp.com>
Date: Wed, 17 Jun 1998 08:42:34 +0100
From: Asgar Ali <asgar.ali@citicorp.com>
To: Marianne Mueller <Marianne.Mueller@Eng>
Subject: Re: Security Problem
Thank you for your response. I was using ftp protocol to gain access to
the applet from netscape. This managed to log me in to the server, show
the html page, and execute the applet but gave the security problem.
Installing a http daemon such as Apache and using http protocol instead
of ftp seems to have fixed the problem.
Asgar.
Marianne Mueller wrote:
>
> By default, applets that are downloaded to a client are prevented from
> making network connections to any servers other than the one they came from.
> Is the Java server application running on the same machine that served up
> the applet? If so, they should be able to connect. Print out the hostname
> that the applet thinks is its own since it could be different than what you
> thought.
>
> For info on applet security, see http://java.sun.com/sfaq and
> http://java.sun.com/security
>
> > Date: Fri, 12 Jun 1998 11:30:03 +0100
> > From: Asgar Ali <asgar.ali@citicorp.com>
> > X-Sender: "Asgar Ali" <aali1@pop3.citicorp.com>
> > Mime-Version: 1.0
> > To: java-security@web2.javasoft.com
> > Subject: Security Problem
> > Content-Transfer-Encoding: 7bit
> >
> > Hi.
> >
> > I have an applet that connects using sockets to a JAVA application
> > server running on the same DEC Unix machine. I get the following error
> > on connect. The connection works if I use a console JAVA application
> > instead of an applet.
> > Any ideas on how to fix this.
> >
> >
> > sun.applet.AppletSecurityException: checkconnect.networkhost1
> > at sun.applet.AppletSecurity.checkConnect(Compiled Code)
> > at sun.applet.AppletSecurity.checkConnect(Compiled Code)
> > at sun.applet.AppletSecurity.checkConnect(Compiled Code)
> > at java.net.Socket.<init>(Compiled Code)
> > at java.net.Socket.<init>(Compiled Code)
> > at DCJClient2.send(Compiled Code)
> > at DCJClient2.capture(Compiled Code)
> > at Button1Handler.actionPerformed(Compiled Code)
> > at java.awt.Button.processActionEvent(Compiled Code)
> > at java.awt.Button.processEvent(Compiled Code)
> > at java.awt.Component.dispatchEventImpl(Compiled Code)
> > at java.awt.Component.dispatchEvent(Compiled Code)
> > at java.awt.EventDispatchThread.run(Compiled Code)
> >
> > Here is the extract of code:-
> > public void send( String deal )
> > {
> > Socket asocket = null;
> > PrintWriter out = null;
> > BufferedReader in = null;
> >
> > try
> > {
> > //asocket = new Socket( "lonu17", 4444 );
> > asocket = new Socket( "163.38.16.82", 4444 );
> >
> > out = new PrintWriter(
> > asocket.getOutputStream(), true );
> > in = new BufferedReader(
> > new InputStreamReader(
> > asocket.getInputStream() ) );
> >
> > out.println( deal );
> > out.close();
> > in.close();
> > asocket.close();
> > }
> >
> > catch( UnknownHostException e )
> > {
> > System.out.println("Unknown host");
> > showStatus( "Unknown host " );
> > System.exit(1);
> > }
> > catch( IOException e )
> > {
> > System.out.println("Could not get I/O
> > connetion");
> > showStatus( "Could not get I/O connection" );
> > System.exit(1);
> > }
> >
> > /*
> > catch( Exception e )
> > {
> > System.out.println("Other error ");
> > showStatus("Other error");
> > }
> > .
> > .
> > .
> >
> >
> >
> > Asgar.