*
The moose likes JSP and the fly likes How to create files at client machine in java web application Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "How to create files at client machine in java web application" Watch "How to create files at client machine in java web application" New topic
Author

How to create files at client machine in java web application

Sreenath Guduru
Greenhorn

Joined: Sep 06, 2012
Posts: 8
Hi,

Is there any way like creating files, running batch files in the client machine where as java web application is deployed in some other server.

Please help out.

Thanks
Sreenath
Vishal Shaw
Ranch Hand

Joined: Aug 09, 2012
Posts: 179
Huh, and what about the security. Doesn't it violates the security.


Programming is about thinking, NOT coding
Sreenath Guduru
Greenhorn

Joined: Sep 06, 2012
Posts: 8
Vishal Shaw wrote:Huh, and what about the security. Doesn't it violates the security.


Hi,

I am new to java and looking for this feture to be implemented once after user allows with credentials. So, is there any to do this..?
Sreenath Guduru
Greenhorn

Joined: Sep 06, 2012
Posts: 8
Sreenath Gvl wrote:
Vishal Shaw wrote:Huh, and what about the security. Doesn't it violates the security.


Hi,

I am new to java and looking for this feture to be implemented once after user allows with credentials. So, is there any to do this..?


in other terms, even with security mesures, how can we achive this..any idea please...
Vishal Shaw
Ranch Hand

Joined: Aug 09, 2012
Posts: 179
If you are thinking about running a process in client's machine without notifying the client ,forget it !!! It's hacking.

Can us tell me your exact requirement? That would be a better approach.
Sreenath Guduru
Greenhorn

Joined: Sep 06, 2012
Posts: 8
Vishal Shaw wrote:If you are thinking about running a process in client's machine without notifying the client ,forget it !!! It's hacking.

Can us tell me your exact requirement? That would be a better approach.


No its not like that.

What I want is I want to get path from user where he want to create some files which will be used for this project. And I will be creating files (may be batch files) at that path and and will execute them if necessary thats it.

Not for hacking. This is for our internal work.
Vishal Shaw
Ranch Hand

Joined: Aug 09, 2012
Posts: 179
Sreenath Gvl wrote:
Vishal Shaw wrote:If you are thinking about running a process in client's machine without notifying the client ,forget it !!! It's hacking.

Can us tell me your exact requirement? That would be a better approach.


No its not like that.

What I want is I want to get path from user where he want to create some files which will be used for this project. And I will be creating files (may be batch files) at that path and and will execute them if necessary thats it.

Not for hacking. This is for our internal work.


Well , that's almost like hacking.
For eg. suppose I ask a user to upload a photo, and then I used that path for creating a virus into the client's machine.

This is like fiddling with the System security and I bet whatever you do, this will be blocked by atleast some systems(which are more secure), until unless you are too good a hacker :wink:
Sreenath Guduru
Greenhorn

Joined: Sep 06, 2012
Posts: 8
Vishal Shaw wrote:
Sreenath Gvl wrote:
Vishal Shaw wrote:If you are thinking about running a process in client's machine without notifying the client ,forget it !!! It's hacking.

Can us tell me your exact requirement? That would be a better approach.


No its not like that.

What I want is I want to get path from user where he want to create some files which will be used for this project. And I will be creating files (may be batch files) at that path and and will execute them if necessary thats it.

Not for hacking. This is for our internal work.


Well , that's almost like hacking.
For eg. suppose I ask a user to upload a photo, and then I used that path for creating a virus into the client's machine.

This is like fiddling with the System security and I bet whatever you do, this will be blocked by atleast some systems(which are more secure), until unless you are too good a hacker :wink:


I already said it is for my internal purpose, No issues Sir, seems you dont have solution for this. Will find out.
Vishal Shaw
Ranch Hand

Joined: Aug 09, 2012
Posts: 179
Sreenath Gvl wrote:
Vishal Shaw wrote:
Sreenath Gvl wrote:
Vishal Shaw wrote:If you are thinking about running a process in client's machine without notifying the client ,forget it !!! It's hacking.

Can us tell me your exact requirement? That would be a better approach.


No its not like that.

What I want is I want to get path from user where he want to create some files which will be used for this project. And I will be creating files (may be batch files) at that path and and will execute them if necessary thats it.

Not for hacking. This is for our internal work.


Well , that's almost like hacking.
For eg. suppose I ask a user to upload a photo, and then I used that path for creating a virus into the client's machine.

This is like fiddling with the System security and I bet whatever you do, this will be blocked by atleast some systems(which are more secure), until unless you are too good a hacker :wink:


I already said it is for my internal purpose, No issues Sir, seems you dont have solution for this. Will find out.


Sure, and let me know after doing it.I would be glad to learn something as interesting as this.

Just for a caution
Sreenath Gvl wrote: Is there any way like creating files, running batch files in the client machine where as java web application is deployed in some other server.


This is not possible if client and server are on different machine (like what you asked for), until you have the application registered (may be through various security certificates) on client's machine.
Sreenath Guduru
Greenhorn

Joined: Sep 06, 2012
Posts: 8
Vishal Shaw wrote:
Sreenath Gvl wrote:
Vishal Shaw wrote:
Sreenath Gvl wrote:
Vishal Shaw wrote:If you are thinking about running a process in client's machine without notifying the client ,forget it !!! It's hacking.

Can us tell me your exact requirement? That would be a better approach.


No its not like that.

What I want is I want to get path from user where he want to create some files which will be used for this project. And I will be creating files (may be batch files) at that path and and will execute them if necessary thats it.

Not for hacking. This is for our internal work.


Well , that's almost like hacking.
For eg. suppose I ask a user to upload a photo, and then I used that path for creating a virus into the client's machine.

This is like fiddling with the System security and I bet whatever you do, this will be blocked by atleast some systems(which are more secure), until unless you are too good a hacker :wink:


I already said it is for my internal purpose, No issues Sir, seems you dont have solution for this. Will find out.


Sure, and let me know after doing it.I would be glad to learn something as interesting as this.

Just for a caution
Sreenath Gvl wrote: Is there any way like creating files, running batch files in the client machine where as java web application is deployed in some other server.


This is not possible if client and server are on different machine (like what you asked for), until you have the application registered (may be through various security certificates) on client's machine.



Sure. Thanks.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

The normal way to do it is to install something which will run in the browser and which can create those files. That's called an "applet" -- they are written in Java so probably you have heard of them.

And Vishal is right, there's a security exposure. So you can't just produce an applet and download it to the client's system and expect it to be messing about with the client's files. Ordinary applets aren't allowed to do that. You have to sign them first of all, and then the first time a signed applet runs on a client, it displays a dialog box asking if the user there is willing to trust the applet.

Now, if you were doing this for people in the general public like me or Vishal, you would want to get a certificate from one of the companies which produce those things. Signing the applet with one of those certificates then lets me or Vishal know that the company has checked you out and decided you are harmless and anyway they know where you live if you aren't. That would cost you a few hundred dollars. But it's also possible to generate your own certificate and sign your applet. If you do that, then the client will be told (in that dialog box which I mentioned) that you are using a self-signed certificate so you might not be trustworthy. But this is okay if it's for internal use within your company; the client will be told (if you do it right) that the certificate belongs to "Company X Information Technology" or whatever you put into the certificate.

This is how my company handles signed applets and it works just fine.
Vishal Shaw
Ranch Hand

Joined: Aug 09, 2012
Posts: 179
Paul Clapham wrote:The normal way to do it is to install something which will run in the browser and which can create those files. That's called an "applet" -- they are written in Java so probably you have heard of them.

And Vishal is right, there's a security exposure. So you can't just produce an applet and download it to the client's system and expect it to be messing about with the client's files. Ordinary applets aren't allowed to do that. You have to sign them first of all, and then the first time a signed applet runs on a client, it displays a dialog box asking if the user there is willing to trust the applet.

Now, if you were doing this for people in the general public like me or Vishal, you would want to get a certificate from one of the companies which produce those things. Signing the applet with one of those certificates then lets me or Vishal know that the company has checked you out and decided you are harmless and anyway they know where you live if you aren't. That would cost you a few hundred dollars. But it's also possible to generate your own certificate and sign your applet. If you do that, then the client will be told (in that dialog box which I mentioned) that you are using a self-signed certificate so you might not be trustworthy. But this is okay if it's for internal use within your company; the client will be told (if you do it right) that the certificate belongs to "Company X Information Technology" or whatever you put into the certificate.

This is how my company handles signed applets and it works just fine.


Thanks for explaining it better :)
Sreenath Guduru
Greenhorn

Joined: Sep 06, 2012
Posts: 8
Paul Clapham wrote:The normal way to do it is to install something which will run in the browser and which can create those files. That's called an "applet" -- they are written in Java so probably you have heard of them.

And Vishal is right, there's a security exposure. So you can't just produce an applet and download it to the client's system and expect it to be messing about with the client's files. Ordinary applets aren't allowed to do that. You have to sign them first of all, and then the first time a signed applet runs on a client, it displays a dialog box asking if the user there is willing to trust the applet.

Now, if you were doing this for people in the general public like me or Vishal, you would want to get a certificate from one of the companies which produce those things. Signing the applet with one of those certificates then lets me or Vishal know that the company has checked you out and decided you are harmless and anyway they know where you live if you aren't. That would cost you a few hundred dollars. But it's also possible to generate your own certificate and sign your applet. If you do that, then the client will be told (in that dialog box which I mentioned) that you are using a self-signed certificate so you might not be trustworthy. But this is okay if it's for internal use within your company; the client will be told (if you do it right) that the certificate belongs to "Company X Information Technology" or whatever you put into the certificate.

This is how my company handles signed applets and it works just fine.


Thanks a lot.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to create files at client machine in java web application