Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / April 2008

Tip: Looking for answers? Try searching our database.

Applet security

Thread view: 
Enable EMail AlertsStart New Thread
Kenneth P. Turvey - 24 Mar 2008 22:00 GMT
I'm going to be implementing an applet for a customer over the next month
or so that interfaces with the customers phpFox installation and
downloads, updates, and uploads images.  

The problem of course, is that I don't want just anyone to be able to
perform these tasks, but only the logged in user of phpFox.  So how is
this best implemented?  Can an applet get access to the cookies stored by
the surrounding browser?  Is there some other way to handle this?

Thanks,

Signature

Kenneth P. Turvey <kt-usenet@squeakydolphin.com>

Reply to this Message
Speedo - 25 Mar 2008 01:54 GMT
The normal applet security mechanisms of Java, as far as I can tell,
is to protect users instead of restrict them. No matter what kinds of
tricks and traps you place in your code, an experienced user can
always decompile the code, reverse engineering the protocol, and
bypass all kinds of restrictions.

So pay less attention on the client applet, and add real security to
the communication protocol and your server infrastructure. That's the
correct approach.

Speedo

On Mar 25, 5:00 am, "Kenneth P. Turvey" <kt-use...@squeakydolphin.com>
wrote:
> I'm going to be implementing an applet for a customer over the next month
> or so that interfaces with the customers phpFox installation and
[quoted text clipped - 9 lines]
> --
> Kenneth P. Turvey <kt-use...@squeakydolphin.com>
Reply to this Message
Roedy Green - 25 Mar 2008 05:13 GMT
On 24 Mar 2008 21:00:28 GMT, "Kenneth P. Turvey"
<kt-usenet@squeakydolphin.com> wrote, quoted or indirectly quoted
someone who said :

> Can an applet get access to the cookies stored by
>the surrounding browser?  

see http://mindprod.com/jgloss/authentication.html
Signature


Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com

Reply to this Message
Chase Preuninger - 01 Apr 2008 01:45 GMT
A don't think an applet can do those things on the normal security
manager.

_____________________________________________________________________________________________________________________________________
Hi, I just started a Facebook and Google group for anyone interested
in Java.  You can use both for discussions, but the Google group also
will give you the ability to upload code, and other files.

http://www.facebook.com/group.php?gid=10839808670

http://groups.google.com/group/java-software-develoupment/members_invite?hl=en
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.