aspose file tools*
The moose likes Applets and the fly likes Why this difference between Jdk versions for Applet? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Applets
Bookmark "Why this difference between Jdk versions for Applet?" Watch "Why this difference between Jdk versions for Applet?" New topic
Author

Why this difference between Jdk versions for Applet?

Maki Jav
Ranch Hand

Joined: May 09, 2002
Posts: 436
Hi,

I was testing an Applet in JDK1.3, yes, 1.3 and in Jdk1.6.0_39 using appletviewver.

I got response in 1.3 in 2 sec and it took 15 sec to show that rsponse in my installed jdk 1.6.0_39 ie latest.

Besides, in 1.6 I was getting

socket creation= java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:80 connect,resolve)

for a call


on localhost and that in appletviewer !!!

Any thoughts?

Thanks,


Maki Jav


Help gets you when you need it!
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
Applets can only open sockets that go to the host where they were served from. if you want topen sockets to other hosts you have to sign the applet.


Ping & DNS - my free Android networking tools app
Maki Jav
Ranch Hand

Joined: May 09, 2002
Posts: 436
It is running locally and Applet is on local computer. It was only in Jdk1.6 I was getting this exception and not in Jdk1.3. That is why I am asking this question...

I just copied Jdk1.6.0_39 to drive d: so as to avoid any access restrictions and ran the applet from its bin folder just as I was doing for jdk1.3. Got the same results.
some output statements from Applet to appletviewer window
getDocumentBase()
url=file:/D:/jdk1.6.0_39/bin/info.html url.getHost() =
socket creation= java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:80 connect,resolve)


The Applet is running from a local file and from the same very machine but it is not able to open socket to localhost only in Jdk1.6 but in Jdk1.3 the speed is good and it does make connection to local host and give me expected results...

There must be something wrong that Oracle engineers have done to it ie Jdk1.6 or it must require a .java.policy file even for a local machine now.

On my site, where there is that Applet too, it runs from there okay. whether Jdk 1.3 or Jdk 1.6 is installed


Thanks,

Maki Jav
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
Yes, I think they tightened security enforcement between Java 1.3 and Java 6.
Maki Jav
Ranch Hand

Joined: May 09, 2002
Posts: 436
Yes, I have changed .java.policy for jdk1.6.0_38 using its policy tool and it is working. But it takes a lot longer time than jdk1.3; and the beauty that I was catching my computer name ie Host name is no longer there in Jdk1.6.

And yes, using Appletviewer to view or run local files is like using a Swing based GUI Java application running on one's own system. And if they are restricting one to do anything one likes with his computer (using appletviewer), it is really stupid.


And besides I would vote for jre 1.3 as it did not have the problem that jre1.6 faced and even Oracle is trying get the vulnerbility of Jdk 1.6 across when we view an applet on a web page. It says to upgrade to jre 7.

I would like to make a lot of things in Applets. Oh I hear "ajax" and a million libraries based on Javascript... Well I can do a lot with a non-gui based Java Applet on a web page.
And turning off of Java in a browser by client? Well well we have NoScript add-on for Firefox and I used it all time
Without permissions, and Applet and Javascript is equivalent. And building trust among user of a page is our task.


Maki Jav
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
Without permissions, and Applet and Javascript is equivalent.

Unfortunately not. The JVM continues to have security holes that can be (and are) exploited by malicious applets. JavaScript engines -which by their nature do not have full access to the client machine- do not have this problem.
Maki Jav
Ranch Hand

Joined: May 09, 2002
Posts: 436
I won't be making malicious Applets for visitors of my sites. Would you?


I can have clear instructions and a .java.policy file for clients to download with ample comments and restrictions, if I need to access client side. Others no need to do that.



Thanks,

Maki Jav
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42286
    
  64
Having users fiddle with policy files is not a viable approach unless the users are highly technical, and very motivated to use the applet.

I won't be making malicious Applets for visitors of my sites.

Goog. That would likely be illegal anyway :-)
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Why this difference between Jdk versions for Applet?