Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

SecurityException when loading dll from applet

 
Tan Gu
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
We need to call dll from our applet. By adding entries into <usr.home>/.java.policy as below, i.e. grant to ALL applet, it works fine.

#beginning of policy file
grant {
permission java.security.AllPermission;
};

However when associating it with the signedby as below, we encountered an exception (as at end of the post):

#beginning of policy file
grant signedBy "Edward" {
permission java.security.AllPermission;
};


The applet is signed by self-generated certificate (as instructed at http://javagently.cs.up.ac.za/jg2e/SecurityFAQ.html). We have checked in Java Console that the certificate is already registered as trusted cert.

Is there any missing steps we need to do? Do we have to specify the keystore in the policy file?

Thanks for any response.

=============The exception says: ==============

java.security.AccessControlException: access denied (java.lang.RuntimePermission loadLibrary.rtftp)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkLink(Unknown Source)
at java.lang.Runtime.loadLibrary0(Unknown Source)
at java.lang.System.loadLibrary(Unknown Source)
at RTFTP.<clinit>(RTFTP.java:346)

[ UD: fixed URL ]
[ April 30, 2007: Message edited by: Ulf Dittmer ]
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

On your way in you may have missed that we have a policy on screen names here at JavaRanch. Basically, it must consist of a first name, a space, and a last name, and not be obviously fictitious. Since yours does not conform with it, please take a moment to change it, which you can do right here.

As to your question, are you certain that the JVM agrees that this particular certificates is signed by "Edward"? Have you tried it with a standalone application instead of an applet? Policy issues are easier to debug that way.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic