I am trying to execute this program,
http://java.sun.com/developer/technicalArticles/ThirdParty/WebCrawler/WebCrawler.java
The program compiles without any error after i referred this page,
http://www.velocityreviews.com/forums/t146972-web-crawler.html
But while executing using the command "appletviewer WebCrawler.html" i get this exception..
Exception in thread "Thread-4"
java.security.AccessControlException:access denied(java.net.SocketPermission java.sun.com:80 connect,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1034)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:233)
at sun.net.www.http.HttpClient.New(HttpClient.java:306)
at sun.net.www.http.HttpClient.New(HttpClient.java:323)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:860)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:801)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:726)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049)
at java.net.URL.openStream(URL.java:1010)
at WebCrawler.robotSafe(WebCrawler.java:139)
at WebCrawler.run(WebCrawler.java:235)
at java.lang.Thread.run(Thread.java:619)
How do i make it work.?
By default, an applet may only connect to the same server + port from which it is located. You could do one of the following:
Convert the app into an application, removng the security restriction
Use a trusted/signed applet
Also you could have a look at configuring the crossdomain for the applet, see:
http://weblogs.java.net/blog/2008/05/28/java-doodle-crossdomainxml-support
It's pretty straight forward to self-sign an applet (which you can do for free). If you don't sign the applet you'll only get bare minimum security access and won't give access to the sockets.
Simple 3 step guide is here:
http://www.narendranaidu.com/2007/11/3-easy-steps-to-self-sign-applet-jar.html
or a more in-depth explination:
http://java.sun.com/developer/onlineTraining/Programming/JDCBook/signed.html
Related
So lets begin... not a simple question at my point of view at least...
I have create an Rmi Server property works fine .
Inside to server i need to create a file if it rus for first time or overwrite it if it is already there. (1)
I have successfully created an rmi Client , i test the project works fine with the client class in the same project.
On my Rmi interface in some methods i need to pass Clients object as a parameter (2).
Here begins the problem . I need to run my Rmi Client multiple time but not using thread , I need to create another project that each one of them(client project), has the same code and run from there. When i run the Client from Servers project runs perfect, but When i run another distanced client it fails
giving me the common error for Security Mangager
run:
Exception in thread "main" java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
at java.net.Socket.connect(Socket.java:584)
at java.net.Socket.connect(Socket.java:538)
at java.net.Socket.<init>(Socket.java:434)
at java.net.Socket.<init>(Socket.java:211)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:148)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:342)
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at java.rmi.Naming.lookup(Naming.java:101)
at Client.<init>(Client.java:69)
at Client.main(Client.java:142)
C:\Users\blue-icon\AppData\Local\NetBeans\Cache\8.1\executor-snippets\run.xml:53: Java returned: 1
BUILD FAILED (total time: 1 second)
So i googled and googled and saw that i need the security manager in order to give permission to a remote Client to download the Servers Code .So i add security Manager to server but because i use streams for my files(1) it gives me this error
Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "Subscribe.txt" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.File.exists(File.java:814)
at RMIServer03.checkFile(RMIServer03.java:132)
at RMIServer03.<init>(RMIServer03.java:46)
at RMIServer03.main(RMIServer03.java:56)
(2) i cant compile my Server and interface on server project without an instance of clients Class because i need to pass it ass a parameter as i said
any help?
You misread. You need the security manager at the client, not the server.
Running into Exception caused during call to UnicastRemoteObject.exportObject().
javax.json.jar is on the classpath and is used in many other places in the application without any problems.
This part of the application worked fine until I added a method that returned a JsonValue to the remote object.
Any ideas?
java.rmi.ServerError: Error occurred in server thread; nested exception is:
java.lang.NoClassDefFoundError: javax/json/JsonValue
at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:416)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:267)
at sun.rmi.transport.Transport$1.run(Transport.java:177)
at sun.rmi.transport.Transport$1.run(Transport.java:174)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:173)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:556)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:811)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:670)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:275)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:252)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:378)
at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
NOTE:
I also tried running the rmiregistry with codebase pointed directly at the javax.json.jar but the exception remains
rmiregistry -J-Djava.rmi.server.codebase=file:///JarLibrary/javax.json.jar &
Running into Exception caused during call to UnicastRemoteObject.exportObject().
No you aren't. See the stack trace. It's happening in Registry.bind().
You need to run the server with the java.rmi.server.codebase property set, but a file:// codebase URL isn't going to work unless either all the clients are running in the server host, in which case you don't really need the codebase feature at all, or it points to a shared folder in a form that both the Registry and the clients can use. It's usually HTTP.
But I question whether you need the codebase feature at all. You just have to ensure that the relevant jar file is on the CLASSPATH of both the Registry and the clients. The simplest way to ensure that for the Registry is to use LocateRegistry.createRegistry() in the server JVM instead of the external rmiregistry program.
I'm also wondering why you're using JSON at all. RMI is built over Object Serialization. You don't need to add another serializer.
I am developing a Java Web App using Google App Engine, the app use Maven, JSF and Objectify and works fine in devserver but in production give the following error:
com.sun.faces.config.ConfigureListener contextInitialized: Critical error during deployment:
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "modifyThreadGroup")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:375)
at java.security.AccessController.checkPermission(AccessController.java:565)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at com.google.apphosting.runtime.security.CustomSecurityManager.checkPermission(CustomSecurityManager.java:56)
at com.google.apphosting.runtime.security.CustomSecurityManager.checkAccess(CustomSecurityManager.java:131)
at java.lang.ThreadGroup.checkAccess(ThreadGroup.java:315)
at java.lang.Thread.init(Thread.java:378)
at java.lang.Thread.<init>(Thread.java:575)
at com.sun.faces.util.MojarraThreadFactory.newThread(MojarraThreadFactory.java:74)
at java.util.concurrent.ThreadPoolExecutor$Worker.<init>(ThreadPoolExecutor.java:599)
at java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:931)
at java.util.concurrent.ThreadPoolExecutor.ensurePrestart(ThreadPoolExecutor.java:1611)
at java.util.concurrent.ScheduledThreadPoolExecutor.delayedExecute(ScheduledThreadPoolExecutor.java:305)
at java.util.concurrent.ScheduledThreadPoolExecutor.scheduleAtFixedRate(ScheduledThreadPoolExecutor.java:542)
at com.sun.faces.config.ConfigureListener.initConfigMonitoring(ConfigureListener.java:480)
at com.sun.faces.config.ConfigureListener.contextInitialized(ConfigureListener.java:227)
at org.mortbay.jetty.handler.ContextHandler.startContext(ContextHandler.java:548)
at org.mortbay.jetty.servlet.Context.startContext(Context.java:136)
at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1250)
at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517)
at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:467)
at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.createHandler(AppVersionHandlerMap.java:199)
at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.getHandler(AppVersionHandlerMap.java:174)
at com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:134)
at com.google.apphosting.runtime.JavaRuntime$RequestRunnable.run(JavaRuntime.java:484)
at com.google.tracing.TraceContext$TraceContextRunnable.runInContext(TraceContext.java:438)
at com.google.tracing.TraceContext$TraceContextRunnable$1.run(TraceContext.java:445)
at com.google.tracing.CurrentContext.runInContext(CurrentContext.java:220)
at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContextNoUnref(TraceContext.java:309)
at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContext(TraceContext.java:301)
at com.google.tracing.TraceContext$TraceContextRunnable.run(TraceContext.java:442)
at com.google.apphosting.runtime.ThreadGroupPool$PoolEntry.run(ThreadGroupPool.java:251)
at java.lang.Thread.run(Thread.java:724)
Someone have faced a similar problem and can help me with a hint or maybe know the solution?
This has been asked many times, see the following questions for examples:
java.security.AccessControlException: access denied
(java.lang.RuntimePermission
modifyThreadGroup)
Google App Engine modifyThreadGroup
problem
Certain operations with threads are disallowed in App Engine, and some part of your code is breaking the rules.
Like Adam points Google App Engine has some restrictions especially with native threads as described here:
https://cloud.google.com/appengine/docs/java/#threads
In JSF a solution for the single threaded enviroment used by Google App Engine is described here:
http://java.wildstartech.com/Java-Platform-Enterprise-Edition/JavaServer-Faces/javaserver-faces-20/configuring-javaserver-faces-20-to-run-on-the-google-appengine/javaserverfaces-20-and-google-app-engine-compatibility-issues
Additionally there could be another problem handling the JSF sessions, a possible solution is described here:
Session lost in Google App Engine using JSF
And finally a good detailed example of JSF in App Engine is described here:
http://java.wildstartech.com/Java-Platform-Enterprise-Edition/JavaServer-Faces/javaserver-faces-22/configuring-jsf-22-to-run-on-the-google-app-engine-using-eclipse
I've tried to get my Java Applet to read from my text file, but I do not have sufficient privaleges to read the file when i run the applet in my browser.
I have tried to use policy files but I cannot seem to get them to work.
I later tried
System.setProperty("java.security.policy", "*filelocation*");
but i got this error
java.security.AccessControlException: access denied (java.util.PropertyPermission java.security.policy write)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.System.setProperty(Unknown Source)
at BIT.init(BIT.java:35)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
What ways can I get my applet to run in my browser? It works fine in Eclipse's applet viewer.
The reason is specified within the What Applets Can and Cannot Do. It clearly specifies that:
Applets that are not signed are restricted to the security sandbox,
and run only if the user accepts the applet. Applets that are signed
by a certificate from a recognized certificate authority can either
run only in the sandbox, or can request permission to run outside the
sandbox. In either case, the user must accept the applet's security
certificate, otherwise the applet is blocked from running.
Later it states that:
Sandbox applets cannot perform the following operations:
They cannot access client resources such as the local filesystem, executable files, system clipboard, and printers.
They cannot connect to or retrieve resources from any third party server (any server other than the server it originated from).
They cannot load native libraries.
They cannot change the SecurityManager.
They cannot create a ClassLoader.
They cannot read certain system properties. See System Properties for a list of forbidden system properties.
To know about how to sign an Applet look here : How to Sign Applets Using RSA-Signed Certificates
You really ought to consider signing the applet.
This (short!) FAQ discusses both policies and signing:
http://www.coderanch.com/how-to/java/HowCanAnAppletReadFilesOnTheLocalFileSystem
Here is the offician documentation:
http://docs.oracle.com/javase/6/docs/technotes/guides/security/doprivileged.html
http://docs.oracle.com/javase/tutorial/deployment/applet/security.html
And here is a good (albeit old) tutorial:
http://faculty.kutztown.edu/spiegel/CSc421/SigningAnApplet.htm
I am trying to execute this jnlp application.
However, I keep receiving this security exception:
java.lang.ExceptionInInitializerError
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:399)
at java.lang.Class.newInstance0(Class.java:370)
at java.lang.Class.newInstance(Class.java:322)
at com.sun.javafx.applet.FXApplet2.init(FXApplet2.java:63)
at com.sun.deploy.uitoolkit.impl.fx.FXApplet2Adapter.init(FXApplet2Adapter.java:207)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Thread.java:722)
Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "java.net.useSystemProxies" "write")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:364)
at java.security.AccessController.checkPermission(AccessController.java:560)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.System.setProperty(System.java:783)
at ensemble.Ensemble2.<clinit>(Ensemble2.java:77)
... 10 more
I tried changing the security settings in the Java control panel (OSX 10.8.3), but they seem to be disabled and I cannot modify them (I do can check the "Enable Java content in the browser" option, but it is resetted when I click apply). This is shown in the following figure:
Is there another mechanism for bypassing the Java security manager and being able to execute a jnlp application ?
UPDATE:
After reinstalling Java I was finally able to change the security options in the Java Control panel (I did not do anything special, just reinstall it from scratch). Unfortunately, when I execute the jnlp application it dies silently without showing any errors. This problem could be related to the fact that I am using the jdk 1.8 (since the jnlp application requires javafx) and it is just a preview version (and OSX does not seem to like a lot Java these days...), it is my best guess but I cannot be completely sure.
Possible reasons for this:
I have heard that Java 7 on Mac is still not stable.
By default JNLP files run in a "sandbox" to prevent malicious code from wreaking havoc on your system. This sandbox restricts access to the local filesystem and local network. I imagine that system properties are restricted too, and it looks like the app is trying to write to them. To allow unrestricted access, you need to sign the JAR file and configure the JNLP file with <security><all-permissions/></security>