my dog learned polymorphism*
The moose likes Applets and the fly likes Access problem with applet - why is a POST to a servlet not allowed via applet? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Applets
Bookmark "Access problem with applet - why is a POST to a servlet not allowed via applet?" Watch "Access problem with applet - why is a POST to a servlet not allowed via applet?" New topic
Author

Access problem with applet - why is a POST to a servlet not allowed via applet?

Angus Comber
Ranch Hand

Joined: Jul 16, 2011
Posts: 90
I have a written a servlet, pretty standard, which provides a jsp file.

I have an applet embedded in the jsp file with applet which performs this code on a button press:



This code works fine if in a standard Java program but if in the applet I get this error:

appletviewer chat.jsp
Exception in thread "AWT-EventQueue-1" java.security.AccessControlException: access denied ("java.net.SocketPermission" "localhost:8080" "connect,resolve")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
at java.security.AccessController.checkPermission(AccessController.java:555)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:456)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:203)
at sun.net.www.http.HttpClient.New(HttpClient.java:290)
at sun.net.www.http.HttpClient.New(HttpClient.java:306)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:995)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:931)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:849)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1090)
at cubaapplet.DoIt(cubaapplet.java:92)
at cubaapplet.actionPerformed(cubaapplet.java:27)
at java.awt.Button.processActionEvent(Button.java:409)
at java.awt.Button.processEvent(Button.java:377)
at java.awt.Component.dispatchEventImpl(Component.java:4861)
at java.awt.Component.dispatchEvent(Component.java:4687)
at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:723)
at java.awt.EventQueue.access$200(EventQueue.java:103)
at java.awt.EventQueue$3.run(EventQueue.java:682)
at java.awt.EventQueue$3.run(EventQueue.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:76)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:87)
at java.awt.EventQueue$4.run(EventQueue.java:696)
at java.awt.EventQueue$4.run(EventQueue.java:694)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:76)
at java.awt.EventQueue.dispatchEvent(EventQueue.java:693)
at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:244)
at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:163)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:151)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:147)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:139)
at java.awt.EventDispatchThread.run(EventDispatchThread.java:97)

Do I have to perform the POST differently in an applet?

Is there any way I can POST data to the servlet using an applet?
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

Applet security only allows unsigned applets to connect to the server where the applet was downloaded from.

Your code doesn't do that, it tries to post to a server running on localhost. You can find out the applet's host by starting with the URL returned from the getDocumentBase() method.
Angus Comber
Ranch Hand

Joined: Jul 16, 2011
Posts: 90
Paul Clapham wrote:Applet security only allows unsigned applets to connect to the server where the applet was downloaded from.

Your code doesn't do that, it tries to post to a server running on localhost. You can find out the applet's host by starting with the URL returned from the getDocumentBase() method.


The servlet is running on localhost - so it is the host that the applet came from.

Do you think if I get the url from getDocumentBase() I might get different behaviour?

If I change code to this:



I get in console printed:
url2: file:/C:/Users/angus/workspace/TestApplet/bin/cubaapplet1350599669053.html

I think eclipse generates this html file. But why file:// and not http:// - maybe I should try in a real browser - might be different?
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

Yes, I do. And I don't think you want "localhost" to be hard-coded in your applet anyway, in real life the applet is going to be loaded from some other machine.
Angus Comber
Ranch Hand

Joined: Jul 16, 2011
Posts: 90
Paul Clapham wrote:Yes, I do. And I don't think you want "localhost" to be hard-coded in your applet anyway, in real life the applet is going to be loaded from some other machine.


Yes of course. This is test code. I hope that as long as I POST to the web server which hosted the applet then I should not get security problems. After all if I was to do this in Javascript instead it would surely work?
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

I don't see what Javascript has to do with anything. The applet security model doesn't apply to Javascript.

(There are rules against cross-site scripting for Javascript, too, but as I said that's irrelevant to your present problem.)
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Access problem with applet - why is a POST to a servlet not allowed via applet?
 
Similar Threads
Error while connecting Applet to database within browser
NullPointerException thrown by method drawImage()
Getting 'null' value in response to statement.executeUpdate method
problem with JTextField null
NoClassDefFoundError(unable to open projects)