3

The applet to initialise, read and write security tokens show the following Exceptions:

com.sun.deploy.security.BlockedException: User has denied the privileges to the code
sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
java.security.SecureClassLoader.defineClass(Unknown Source)
sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)

and

User has denied the privileges to the code

The code is as follows, the JTextArea is used to show the result.

public static void test(final JTextArea textArea) throws Exception {
    AccessController.doPrivileged(new PrivilegedAction() {
        @Override
        public Object run() {
            try{
                final String label = "Test123";

                textArea.setText(textArea.getText() + "\n\n\t" + Misc.getMethod());
                initializeToken(textArea, label, "123456".toCharArray());

                textArea.setText(textArea.getText() + "\n\n\t\tinit OK");
                writeDataToToken(label, new byte[]{0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, "123456".toCharArray());
                textArea.setText(textArea.getText() + "\n\n\t\twrite OK");
                byte[] dataRead = readDataFromToken(label, "123456".toCharArray());
                for (byte i : dataRead) {
                    System.out.println((int) i);
                }
                textArea.setText(textArea.getText() + "\n\n\t\tread OK");
            }
            catch(Exception e){
                textArea.setText(textArea.getText() + "\n\n\t\t" + Misc.getStackTrace(e));
            }
            return null;
        }
    });
}

The following is the applet code in HTML

<applet code = 'test.GUI' 

    archive = 'TestApplet.jar, lib/TestLib.jar' 
    width = 700 
    height = 500>

    <resources>
        <nativelib href="nativeLib.dll"/>
    </resources>
    <param name="permissions" value="all-permissions" />
</applet>

appletPolicy.txt

Permissions: all-permissions
Application-Name: TestApplet
Codebase: https://www.localhost.com:8443/TestApplet.jar

...which is then applied to the applet jar TestApplet.jar and resigned using the following:

jar ufm dist\TestApplet.jar appletPolicy.txt
jar ufm dist\lib\TestLib.jar appletPolicy.txt

jarsigner dist\TestApplet.jar -keystore web.jks" web -storepass password
jarsigner dist\lib\TestLib.jar -keystore web.jks" web -storepass password

How do I get rid of the Exception and make the applet work?

UPDATE: there are no problems with File IO operations - the Applet is able to read and write without causing any security Exception, even though the codes for File IO operations are not in the AccessController.doPrivileged() method.

I have also tried signing the nativeLib.dll, but it made no difference.

theAnonymous
  • 1,701
  • 2
  • 28
  • 62

0 Answers0