I am getting a file permmission error when I use my Java applet on my website.
The error is:
access denied ("java.io.FilePermision""image.png""read")
An applet operates in a restricted environment (known as a security sandbox) and,unless it is signed, can only load resources from the same location from where it was loaded. The images can be included in the applet jar file. To access these, you could use
Image image = ImageIO.read(MyApplet.class.getResourceAsStream("/images/image.png"));
Applets are by default denied from accessing the client's file I/O. You need to sign your applet or edit the policy files.
You can check How Can An Applet Read Files On The Local File System
Related
I want to get all files from WhatsApp's .Statuses folder. Until Android 10 im perfectly getting all statuses files. But on Android 11 due to new restrictions, when I code like below:
File(Environment.getExternalStorageDirectory().absolutePath + File.separator + "Android/media/com.whatsapp/WhatsApp/Media/.Statuses").listFiles()
I always get 0 files. Whereas, Im successfully getting other folder files "Android/media/com.whatsapp/WhatsApp/Media/" on this path.
Two problems I'm facing now:
If a folder is hidden then in Android 11, listFiles() returns 0 on that folder.
If a folder not hidden but contains one file as ".nomedia" , listFiles() returns 0 on that folder as well in Android 11.
What should I do to get all whatsapp statuses files in Android 11?
I dont want to use MANAGE_EXTERNAL_STORAGE permission for it due to google policies. Thank you
There are ways to access Hidden Directory in Android 11, two of them are:
Storage access framework (SAF) in which you take user to that specific directory and ask for permission from user to access directory files and that way you get access to files in it (Study SAF).
You can use File Observer on that hidden folder and whenever any file created or modified or deleted from that hidden directory you will get full path in that case for that specific file in hidden folder & once you have full path you can have access to that file.
I have a jar that will be connecting to a website for communication using websockets. The website is an SSL site and for that reason I have a .ts the program needs to load file. The following is the java code used to load that .ts file
System.setProperty("javax.net.ssl.trustStore",
"foo.ts");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
and the java program is in a package called foo.web so thus when packed into the jar is in a folder called foo which then has a subfolder called web.
My question is, do I put the foo.ts in the foo/web folder where my classes reside or should I put the foo.ts file at the root of the jar to be loaded with my current code in the program for loading the foo.ts file?
The work around System.setProperty... needing a 'regular' file path, is using mechanism to resolve class resources:
place ts file in your code folder under some package (normal web code not
a library jar code)
in a class from the same package, call:
a
//this will find the file in the package folder
URL cert = this.getClass().getResource("ts");
String path = cert.toString(); //this translate the url to file system location
if (path.startsWith("file:"))
path = path.substring("file:".length()+1,path.length()); //getting rid of file prefix as not needed
System.setProperty("javax.net.ssl.trustStore", path);
If you want to include ts in jar, similar trick, but instead of path (which will not work, read the content and save it to temporary location
in = this.getClass().getResourceAsStream(wsdl);
... save it to tmp location
System.setProperty("javax.net.ssl.trustStore", your tmp location);
I assume that you have unsigned, self generated certificate that you want to use for your ssl connection.
The part that servers the content over ssl, (your tomcat on 443 or apache) needs to know the certificate and its key (configured as in tomcat or apache document).
Your java code that is deployed on that server, does not need to knwo about the certificate or even that is behind ssl.
But the code that wants to connect to such server, lets say web service client will throw exception (and very obscured btw) as it will not recognize the certificate and refuse connecting (unlike the web browser which ofer the dialog that lets you add an exception).
So the client code needs the certificate added to its TrustedStore before oppening connection (the trick with System.property does the job). Thanks to it the client can trust the connection as your remote cert matches the one he already has.
If your client code happens to be running on the same tomcat, it still needs the cert added to the store, as the configuration options for connector at 443 only expose the cert to anyone who can read it, but do not add it to the tomcat's pool of know certificates. To do so you need the -Djava.net.ssl.trustStore=YOUR_TS -Djavax.net.trustStorePassword=PASS options for tomcat starts, or the System.setProperty inside your application code.
The value of the javax.net.ssl.trustStore property is a file path that points to the location of the trust store on disk. If you don't specify a folder, it will assume the current working directory for the program which is most likely where the JVM was invoked from. If you are unsure what your current working directory is, you can get it from the user.dir system property.
System.getProperty("user.dir"));
I have an html file with applet code like
<applet code="myapplet.class" archive="http://localhost:8080/myapplets.jar"width="350" height="350"></applet>
The applet loads fine if the html file is local to the machine but if that html file is on shared drive (windows) and if html file opened ( so that the address in the address bar is
\X.X.X.X\testhtml\myapplethost.html ) then
While applet is trying to load , this exception is thrown
java.lang.SecurityException: Permission denied: http://localhost:8080/myapplets.jar
I have added both the
http://localhost:8080 and file:\\X.X.X.X\testhtml
to the exception list. Have lowered the security to the lowest possible (i.e Medium) in java control panel (JRE 1.7 upate 67) but this applet keeps getting blocked. Is there any settign that can help here to allow the access to applet from the shared location? Thanks
The archive parameter of the applet can only reference archives (e.g. jar files) from the same source the applet was started. Here is the quote from the official documentation:
For security reasons, the applet's class loader can read only from the same codebase from which the applet was started. This means that archives in archiveList must be in the same directory as, or in a subdirectory of, the codebase.
If you load the HTML page from a shared drive, the archive attribute of the applet tag in the HTML file should not point to http://localhost:8080/myapplets.jar. Most likely this is just a mistake (you forgot to change it or you forgot to use relative URL).
Just change the archive attribute to a relative URL and it will work. Something like this:
<applet code="myapplet.class" archive="myapplets.jar" width="350" height="350">
</applet>
Absoulte URLs are always a bad idea and this is especially true for applet archives.
Used shared drive path (like Z: instead of \server ) and it works.
I want to create a file in Drive which is shared over the network.If I give normal path for file creation like :-
D:\\Folder\FileName.txt
this works but If I give
hostname\\Folder\Filename.txt
This gives me Access Denied Error.
Folder is shared to ALL/Everyone
I am using windows 7.
I am using tomcat server for my java application(Servlet,jsp).In my servlet page calling one java class function.Actually the java file is written separately and i will call the function written inside it.With in the function, i have to read one config(user defined) file for some purpose.so, i am using File class for that.
But, here i have to give relative path of the config file(user defined).Because, now i am running this application in local windows server.But my live server is based on Linux.So, the file path is changed in linux.
File f1=new File("D:\tomcat\webapp\myapp\WEB-INF\src\point_config.txt"); -- windows
File f1=new File("D:\ravi\tomcat\webapp\myapp\WEB-INF\src\point_config.txt"); -- linux
So, i have to give relative path of the file that is common to both windows and linux machine.
Is there a way to do this?
Please guide me to get out of this issue?
Place your config file under your webapp WEB-INF/classes folder and read like this in code
InputStream is=
YourClassName.class.getResourceAsStream("point_config.txt");
The path of the config file leads into the WEB-INF folder
tomcat\webapp\myapp\WEB-INF\src\point_config.txt
Anything inside WEB-INF is protected and cannot be user-defined once the web application has launched. If you meant to read from a user-defined configuration file from the file system, please use an API like the common configuration API.
If you want to insist on keeping the file inside the WEB-INF folder, use the Class.getResourceAsStream() method to obtain the configuration instead. That would not make the configuration user-defined though.