Problem to understand error message <- need help

[nymus]

Hello gurus,

I started apache on my machine and then my browser https://...
The web page appears and on the java browser console comes this
messages:
....
getLocalCert() : start
getLocalCert() failed
ERROR
java.security.AccessControlException: access denied
(java.net.SocketPermission <ip_address>:<port> connect,resolve)
java.security.AccessControlException: access denied
(java.net.SocketPermission <ip_address>:<port> connect,resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.checkPermission(Unknown
Source)
at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.connect(Unknown
Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown
Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA6275)
at WelcomeFrame.getLocalCert(WelcomeFrame.java:2222)
at WelcomeFrame.start(WelcomeFrame.java:1033)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
java.security.AccessControlException: access denied
(java.lang.RuntimePermission exitVM)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkExit(Unknown Source)
at java.lang.Runtime.exit(Unknown Source)
at WelcomeFrame.getLocalCert(WelcomeFrame.java:2330)
at WelcomeFrame.start(WelcomeFrame.java:1033)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Now, I'm learning java(newbie), I don't have wrote this program
applets/servlets BUT I should running it well.
Actually my problem is that I don't known how to begin to debug...
For me this error means that he couldn't receive the right certificat
and denied his access? Is it right? I don't understand more...

Could someone help to find the way... or some tricks to find a
solutions.

regards,
nymus

 

[Andrew Thompson]

Hello gurus,

Hi noob!

java.security.AccessControlException: access denied

This is a common one when dealing with applets,
they need to be 'signed' to do just about anything
interesting.. Horrify yourself with the breathtaking
scope of what unsigned applets are prevented..
<http://mindprod.com/jgloss/applet.html#RESTRICTIONS>

I am suach an innocent that it took me a long time
to figure why some of these things are barred to
untrusted applets, and others still leave me
scratching my head..

Now, I'm learning java(newbie),

Which brings me to ..there is a much better group
for people starting in Java, further details..

..I don't have wrote this program
applets/servlets BUT I should running it well.

Aaaaaargh!! Applets are a difficult thing
to get right, not recommended for people
just starting, signed applets are another
level of complexity thrown in, and interacting
with a web-app. (shudders) You are going
to need the will of a champion and the luck of..
I don't know who/what to achieve this advanced
goal at this stage without going absolutely mad.

Can you start on simpler things?

Actually my problem is that I don't known how to begin to debug...

ooooooh... OK.
1) You need to understand that the Exception/Error
stacktraces are not just the first and probably best
info, but much more helpful than starters seem to realize..
<http://www.physci.org/codes/javafaq.jsp#exact>

2) That entry also has a link to a resource for
interpreting (and fixing) those errors that is
worth it's weight in gold, the mindprod 'error messages' page
<http://mindprod.com/jgloss/errormessages.html>

3) Simplifying the problem down to the *simplest*
example that displays the problem can help you to
track it down as well..
<http://www.physci.org/codes/sscce.jsp>

HTH

 

[Roedy Green]

Can you start on simpler things?

You might start with Java Web Start or standalone app + servlet, then
once that is working tackle the Applet.

 

[nymus]

Hi noob!


This is a common one when dealing with applets,
they need to be 'signed' to do just about anything
interesting.. Horrify yourself with the breathtaking
scope of what unsigned applets are prevented..
<http://mindprod.com/jgloss/applet.html#RESTRICTIONS>

'signed' don't means encrypted with key?

I am suach an innocent that it took me a long time
to figure why some of these things are barred to
untrusted applets, and others still leave me
scratching my head..


Which brings me to ..there is a much better group
for people starting in Java, further details..
<http://www.physci.org/codes/javafaq.jsp#cljh>

thanks for the link

Aaaaaargh!! Applets are a difficult thing
to get right, not recommended for people
just starting, signed applets are another
level of complexity thrown in, and interacting
with a web-app. (shudders) You are going
to need the will of a champion and the luck of..
I don't know who/what to achieve this advanced
goal at this stage without going absolutely mad.

Can you start on simpler things?

Yeaahhh I'd like it, but this program was made by a other guys... and
now I must
tkat his programs and running it

ooooooh... OK.
1) You need to understand that the Exception/Error
stacktraces are not just the first and probably best
info, but much more helpful than starters seem to realize..
<http://www.physci.org/codes/javafaq.jsp#exact>

2) That entry also has a link to a resource for
interpreting (and fixing) those errors that is
worth it's weight in gold, the mindprod 'error messages' page
<http://mindprod.com/jgloss/errormessages.html>

3) Simplifying the problem down to the *simplest*
example that displays the problem can help you to
track it down as well..
<http://www.physci.org/codes/sscce.jsp>

HTH

Thanks a lot for your help, your explanation and all good links (that
I'll read it)

regards,
nymus

 

[Andrew Thompson]

...
'signed' don't means encrypted with key?

No. You 1st 'jar' your classes together then
use 'jarsigner' to ..sign them*, there is no
encryption of classes happening, and it is
all done using Sun's tools.

* Assuming you have already used 'keytool' to
generate and export a self-signed certificate..

Yeaahhh I'd like it, but this program was made by a other guys...

I suspected as much.. :-(

See you over on c.l.j.help and we will
see what we can do.

Note that I agree with Roedy's comment about
building it as an application *first*, the
amount of time you save in testing will be
well worth it. It saves the entire hassle of
continually jarring, signing, clearing cache
to test changes..

 

[Andrew Thompson]

No. You 1st 'jar' your class...

(Duhh! slaps forehead) For some bizarre reason
you wrote 'encrypted' but I read 'obfuscated',
which led to the 'No' answer.. So, change that to
'Yes. Signed means the classes get an enrypted key'..
...sorry for any confusion.

 

[Roedy Green]

'signed' don't means encrypted with key?

so it means digitally signed. See
http://mindprod.com/jgloss/signedapplets.html
http://mindprod.com/jgloss/certificate.html
http://mindprod.com/jgloss/digitalsignatures.html
http://mindprod.com/jgloss/encryption.html

 

[Roedy Green]

(Duhh! slaps forehead) For some bizarre reason
you wrote 'encrypted' but I read 'obfuscated',
which led to the 'No' answer.. So, change that to
'Yes. Signed means the classes get an enrypted key'..
..sorry for any confusion.

you were right the first time. You can use keys to either sign, or
encrypt or both.

Signing makes sure no one has tampered.

Encrypting stops others from snooping.

See http://mindprod.com/products.html#WRAPPER

It provides simple code to compress, encrypt, sign, armour.