AppletTalk.com Java discussions newsgroups   Archives   FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  SocketPermission and signed applet          AppletTalk.com Forum Index -> Security and Java View previous topic :: View next topic   Author Message Amber Guest Posted: Sun Sep 07, 2003 12:48 am    Post subject: SocketPermission and signed applet Hi, Does anyone know if a signed applet gets SocketPermission? According to the documentation for v1.4, once the user chooses to "Always" (vs. "Yes"/"No" button) trust a signed applet, the applet will be granted with all permissions. If so, how come I still get access deny error when trying to access a database server (different from the applet server)? Thanks in advance!! amber Back to top Ben Mord Guest Posted: Thu Sep 11, 2003 10:18 pm    Post subject: Re: SocketPermission and signed applet "Amber" <yi_sa (AT) yahoo (DOT) com> wrote Quote: Hi, Does anyone know if a signed applet gets SocketPermission? According to the documentation for v1.4, once the user chooses to "Always" (vs. "Yes"/"No" button) trust a signed applet, the applet will be granted with all permissions. If so, how come I still get access deny error when trying to access a database server (different from the applet server)? Thanks in advance!! amber Applets are not allowed to connect to servers other than the ones they came. If they could, then they could be used as HTTP tunnels to circumvent firewalls. If you need to talk to a DB server, then you'll need to proxy the request through the application server from which the applet came. However, depending on your security model it is normally a very bad idea to trust applets with passwords for direct database access. Remember - you have no control over client-side code, and you can never trust client-side code to inforce security constraints against the will of its user. Back to top Sruli Ganor Guest Posted: Sun Sep 14, 2003 10:18 am    Post subject: Re: SocketPermission and signed applet "Ben Mord" <benmord (AT) earthlink (DOT) net> wrote Quote: "Amber" <yi_sa (AT) yahoo (DOT) com> wrote in message news:42ecb430.0309061648.5e052fe2 (AT) posting (DOT) google.com... Hi, Does anyone know if a signed applet gets SocketPermission? According to the documentation for v1.4, once the user chooses to "Always" (vs. "Yes"/"No" button) trust a signed applet, the applet will be granted with all permissions. If so, how come I still get access deny error when trying to access a database server (different from the applet server)? Thanks in advance!! amber Applets are not allowed to connect to servers other than the ones they came. If they could, then they could be used as HTTP tunnels to circumvent firewalls. If you need to talk to a DB server, then you'll need to proxy the request through the application server from which the applet came. However, depending on your security model it is normally a very bad idea to trust applets with passwords for direct database access. Remember - you have no control over client-side code, and you can never trust client-side code to inforce security constraints against the will of its user. A signed applet that has been trusted by the client user certainly has socket permissions and can connect to any server (that would accept this connection). My signed applets connect to other servers than their homes. If your problem occurs on a specific PC, check the browser settings or the local Java security policy files. I have run into socket permission problems in one case, in which JavaScript functions called directly applet's methods in Netscape, but I'm not sure this is your problem. Sruli Ganor Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         AppletTalk.com Forum Index -> Security and Java All times are GMT Page 1 of 1   Jump to: Select a forum Java Newsgroups----------------Java DiscussionsWeb-based java games comp.lang.java 3D Graphics API's for Java Java: Support and criticism Java System Announcements comp.lang.java.api JavaBeans Java and CORBA Java and Databases comp.lang.java.developer Java GUI Toolkits Java Help comp.lang.java.javascript JVM, native methods and hardware comp.lang.java.misc Java Language Programming Security and Java comp.lang.java.setup Java Software Tools comp.lang.java.tech ibm.software.java.linux  Non-English Java Newsgroups----------------Java Language (German)Language Java (Français)Java (Italian)  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2006 phpBB Group SEO toolkit © 2004-2006 webmedic.