{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Summer. ? 凉城 的问题《Why does my applet get a java.security.AccessContr》','https://www.manongdao.com/q-99584.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
We are clueless about why my client is encountering a Java Security exception in Safari. Could anyone help?
The exception occurs reliably in Safari on Windows. This involves a Java applet. The exception also occurs with Firefox and IE8 on Windows Vista.
Here are the steps to reproduce:
Open Safari on Windows
Click here: http://www.cengraving.com/s/item?itemId=CH003
Click "Customize" (at bottom of screen)
After the "Instant Proof" page loads, click "Add to cart."
Full stack trace:
java.security.AccessControlException: access denied (java.net.SocketPermission www.cengraving.com resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at sun.plugin.security.ActivatorSecurityManager.checkConnect(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getByName(Unknown Source)
at sun.net.www.http.HttpClient.New(Unknown Source)
at sun.net.www.http.HttpClient.New(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown Source)
at com.designapplet.a.f.a(Unknown Source)
at com.designapplet.ui.c.a(Unknown Source)
at com.designapplet.ui.c.for(Unknown Source)
at com.designapplet.ui.DesignApplet.buy(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSInvoke.invoke(Unknown Source)
at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin.liveconnect.PrivilegedCallMethodAction.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.liveconnect.SecureInvocation$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
java.net.MalformedURLException: no protocol:
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at sun.plugin.liveconnect.SecureInvocation.checkLiveConnectCaller(Unknown Source)
at sun.plugin.liveconnect.SecureInvocation.access$000(Unknown Source)
at sun.plugin.liveconnect.SecureInvocation$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
java.net.MalformedURLException: no protocol:
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at java.net.URL.<init>(Unknown Source)
at sun.plugin.liveconnect.SecureInvocation.checkLiveConnectCaller(Unknown Source)
at sun.plugin.liveconnect.SecureInvocation.access$000(Unknown Source)
at sun.plugin.liveconnect.SecureInvocation$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
You can override the default security policy file used by the SecurityManager.
1) Create a text file (eg. applet.policy)
2) Grant all permissions to the applet
3) Run the applet with
Thanks for the responses. I didn't award the bounty because while the answers were all helpful, none quite solved the problem.
Ultimately, I solved the problem by passing the data from the applet to the web page, then executing an AJAX call to communicate with the server. Not the most elegant solution, certainly, but it has proved effective thus far.
Try it out, and lemme know if it works for you.
Thanks again!
JRE sandbox tries to prevent javascript originated method calls to do harmful things but only thing it does is making programmers life harder.
Best workaround I've found to this is to build a producer & consumer design pattern event queue which implements very loose coupling between javascript originated calls and actual "dirty work".
What really sucks is that a code which runs fine in XP or Win7 may throw exception in Vista.
Is this an applet? If it is, you need to sign your applet for it to access a socket, (which seems to be what you are doing...)
See here for more information:
http://java.sun.com/developer/onlineTraining/Programming/JDCBook/signed.html
It's manifesting as a security exception, but the problem is really a bad URL. If you follow the stack, you'll see there is a MalformedURLException.
This is most likely caused by passing a URI somewhere that was expecting a URL. Through the LiveConnect API from the looks of it. I'd guess it's not finding a host name where one is expected, and is trying to connect to a default, probably localhost. That's disallowed bye the SecurityManager hence the SecurityException.
In href's you can use URI (e.g., HREF="/somepath") because the browser resolves that against the URL for the page itself to produce the a full URL (e.g., http://example.com/somepath).
You can do that in Java by using the [appropriate URL constructor][1].
Update: Ah, I misread; I thought that was a single stack trace.
There used to be a bug where liveconnect could access a jar: url and obtain an arbitrary socket connection. The fix for that might be causing an issue with opening url connections from the liveconnect thread. What happens, if in the
buymethod, you start a thread to perform the connection?[1]: http://download.oracle.com/javase/6/docs/api/java/net/URL.html#URL(java.net.URL, java.lang.String)
i had the same problem. And solved this by self signing the applet...
used the following steps and it worked
just answer the questions it will ask and it will do the work
NOTE : i was getting the error for local read/write file