 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / June 2005AccessControlException
I have been blithely reading files via URL from an Applet. They worked fine locally, but with Java 1.5 I'm getting AccessControlExceptions. I should have been getting these all along. Any comments on this?  SignatureBush crime family lost/embezzled $3 trillion from Pentagon. Complicit Bush-friendly media keeps mum. Rumsfeld confesses on video. http://www.infowars.com/articles/us/mckinney_grills_rumsfeld.htm Canadian Mind Products, Roedy Green. See http://mindprod.com/iraq.html photos of Bush's war crimes >I have been blithely reading files via URL from an Applet. They >worked fine locally, but with Java 1.5 I'm getting >AccessControlExceptions. I should have been getting these all along. > >Any comments on this? Is an unsigned Applet supposed to be able to read arbitrary files from the server it came from with url = new URL( getDocumentBase(), "../xxxx.ser" ); URLConnection urlc = (URLConnection)url.openConnection(); urlc.setAllowUserInteraction( false ); urlc.setDoInput( true ); urlc.setDoOutput( false ); urlc.setUseCaches( false ); urlc.connect(); InputStream is = urlc.getInputStream(); SignatureBush crime family lost/embezzled $3 trillion from Pentagon. Complicit Bush-friendly media keeps mum. Rumsfeld confesses on video. http://www.infowars.com/articles/us/mckinney_grills_rumsfeld.htm Canadian Mind Products, Roedy Green. See http://mindprod.com/iraq.html photos of Bush's war crimes >>I have been blithely reading files via URL from an Applet. They >>worked fine locally, but with Java 1.5 I'm getting [quoted text clipped - 14 lines] > InputStream is = urlc.getInputStream(); > AFAIK, this should be possible. But judging from your question, you seem to have trouble with it. I've created a test applet using your code snippet, and hosted on my local Apache webserver. It works perfectly with JRE 1.5.0_03 (no AccessControlExceptions). SignatureRegards, Roland de Ruiter ` ___ ___ `/__/ w_/ /__/ / \ /_/ / \ > >I have been blithely reading files via URL from an Applet. They > >worked fine locally, but with Java 1.5 I'm getting [quoted text clipped - 5 lines] > Is an unsigned Applet supposed to be able to read arbitrary files from > the server it came from with I was under the impression that the unsigned Applet could be able to access (read and write) from the server it came from, but only within the same directory (sub)tree if that is the right word. I.e. if ~jones has an applet, it cannot access ~smith files. > url = new URL( getDocumentBase(), "../xxxx.ser" ); > URLConnection urlc = (URLConnection)url.openConnection(); [quoted text clipped - 12 lines] > Canadian Mind Products, Roedy Green. > See http://mindprod.com/iraq.html photos of Bush's war crimes >>>I have been blithely reading files via URL from an Applet. They >>>worked fine locally, but with Java 1.5 I'm getting [quoted text clipped - 10 lines] > within the same directory (sub)tree if that is the right word. I.e. > if ~jones has an applet, it cannot access ~smith files. This is not the case: an applet is allowed to read a resource at levels higher than the document base (i.e. where the document containing the applet resides). A Java applet has no knowledge of what "~jones" means. That's entirely defined by the webserver. Though, it is possible that the webserver does not allow to access resources of "~smith" (for instance because user "smith" has restricted access rights of his/her files or folders). In that case the webserver probably would return a 403 (Forbidden) or a 404 (Not Found) response, and the urlc.connect() below would throw an IOException, rather than the applet throwing an AccessControlException. >>url = new URL( getDocumentBase(), "../xxxx.ser" ); >> URLConnection urlc = (URLConnection)url.openConnection(); [quoted text clipped - 4 lines] >> urlc.connect(); >> InputStream is = urlc.getInputStream(); SignatureRegards, Roland de Ruiter ` ___ ___ `/__/ w_/ /__/ / \ /_/ / \ > >>>I have been blithely reading files via URL from an Applet. They > >>>worked fine locally, but with Java 1.5 I'm getting [quoted text clipped - 22 lines] > (Not Found) response, and the urlc.connect() below would throw an > IOException, rather than the applet throwing an AccessControlException. Guess I better go protect my files right away WOWOWOWOWOWOWOW. And, also, YIPES !!! >>>>>I have been blithely reading files via URL from an Applet. They >>>>>worked fine locally, but with Java 1.5 I'm getting [quoted text clipped - 25 lines] > Guess I better go protect my files right away WOWOWOWOWOWOWOW. > And, also, YIPES !!! On Unix/Linux systems running a webserver, the URL http://your.server.com/~yourname/ typically --but not allways-- corresponds to the subdirectory 'public_html' in your home directory, e.g. /usr/home/yourname/public_html/ and not your entire homedir tree: /usr/home/yourname/ All files in 'public_html' and subdirs are typically readable by the webserver (otherwise it cannot serve them to some browser, at the other side of the world, for example). For the remaining files in your homedir tree you should apply normal access rules, i.e. protecting files from access by others if you want don't want to share them, and less strict if you do. I don't have experience with webservers running on a Windows host, but I guess a similar setup is conceivable, i.e. some subfolder containing files accessible and served by the webserver, remaining files protected by normal access rules. SignatureRegards, Roland de Ruiter ` ___ ___ `/__/ w_/ /__/ / \ /_/ / \ > >>>>>I have been blithely reading files via URL from an Applet. They > >>>>>worked fine locally, but with Java 1.5 I'm getting [quoted text clipped - 45 lines] > access by others if you want don't want to share them, and less strict > if you do. So it looks like you are saying that anyone can access any of my files unless I protect each and every one of them. This is the YIKES scenario. I better run over and protect them all. But wait, since I have access to everyone elses files, I can just destroy them first. > I don't have experience with webservers running on a Windows host, but I > guess a similar setup is conceivable, i.e. some subfolder containing [quoted text clipped - 7 lines] > `/__/ w_/ /__/ > / \ /_/ / \ >>>>>>>I have been blithely reading files via URL from an Applet. They >>>>>>>worked fine locally, but with Java 1.5 I'm getting [quoted text clipped - 50 lines] > I better run over and protect them all. But wait, since I have access to > everyone elses files, I can just destroy them first. Yeah, right on... Eliminate your opponents before they harm you. 8-) Files that reside on your website (/usr/home/yourname/public_html/) should be *readable* by others (the webserver in particular), but this doesn't mean others can --or rather should be allowed to-- replace, alter or delete them. This is the way you should protect your website files: readable for others, writable (changeable) only by yourself. For other files, changeable only by yourself is always recommended, and readable by others according to the confidentially of each file. SignatureRegards, Roland de Ruiter ` ___ ___ `/__/ w_/ /__/ / \ /_/ / \ Even if an applet had those restrictions the "protected" resources would still be available from any browser not running the applet. You're probably thinking of the visibility scope of an HTTP session. John http://schemaspy.sourceforge.net >I have been blithely reading files via URL from an Applet. They >worked fine locally, but with Java 1.5 I'm getting >AccessControlExceptions. I should have been getting these all along. I think I have figured out what is going on. Running the applet locally the applet is only allowed to access its directories and descendants. Moving the files into a descendant seems to have cleared up the problem. It a nuisance trying to share files. Is this: 1. what is supposed to happen 2. a Java bug 3. an Opera bug 4. one of those vaguely defined things. SignatureBush crime family lost/embezzled $3 trillion from Pentagon. Complicit Bush-friendly media keeps mum. Rumsfeld confesses on video. http://www.infowars.com/articles/us/mckinney_grills_rumsfeld.htm Canadian Mind Products, Roedy Green. See http://mindprod.com/iraq.html photos of Bush's war crimes >I have been blithely reading files via URL from an Applet. They >worked fine locally, but with Java 1.5 I'm getting >AccessControlExceptions. I should have been getting these all along. I have discovered by experiment that when an Applet runs locally, it is only allowed to read files in the same directory or in a subdirectory of that directory. It can't read files in the parents or sibling directories, just child directories. I have not performed the corresponding experiments on websites. I did my tests with the Opera browser on Win2K. SignatureBush crime family lost/embezzled $3 trillion from Pentagon. Complicit Bush-friendly media keeps mum. Rumsfeld confesses on video. http://www.infowars.com/articles/us/mckinney_grills_rumsfeld.htm Canadian Mind Products, Roedy Green. See http://mindprod.com/iraq.html photos of Bush's war crimes Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.