0

I have a Java applet which will establish a TCP connection with a local server and get some data. I self signed the applets, and when I run the applet in netbeans it works fine, but when I try to embed the applet into a webpage, I get this error: 

java.lang.SecurityException: trusted loader attempted to load sandboxed resource from file:/C:/Users/...
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.check(Unknown Source)
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.access$1500(Unknown Source)
    at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source)
...

HTML

<APPLET codebase="classes" archive="lib1.jar, lib2.jar" code="test/Test.class" width=350 height=200></APPLET>

I'm guessing that using the code attribute is causing the issue because only the jar files were signed, and those class files were generated by netbeans.

Roman C
  • 49,761
  • 33
  • 66
  • 176
Steven
  • 13
  • 4
  • *"I self signed the applets,.."* Why? A sand-boxed applet can connect back to the server it came from. BTW 1) Please don't forget to use code formatting, and check that your post appears as you expect in the preview are below the message posting form. 2) What is your question? – Andrew Thompson Aug 11 '11 at 18:56
  • `code="test/Test.class"` should be `code="test.Test"`. It is the fully qualified class name that is required, not the path. – Andrew Thompson Aug 11 '11 at 18:58

1 Answers1

1

I am not pretty sure because I cannot see the whole picture with all its details but as I can see here is mentioned a quite unusual exception as

trusted loader attempted to load sandboxed resource from file:/C:/Users/...

I may suggest that you are trying to load, as I can notice, two jars as...

archive="lib1.jar, lib2.jar

so

A) perhaps one (or both) of the jars is NOT SIGNED but do contain "security restricted code" so it is still controlled by applets' sandbox I guess you should sign all jars which may contain IO invokation

OR

B) Your jar location as file:/C:/Users/... is quite unusual as for applet because of file protocol... As a rule, all jars should be downloaded right from the applet native host but not a local file system... So I suggest you to deploy it and try again. ...Lets see what changes

OR

C) Just watch carefully all applet objects calls syntax especially in JS or HTML

P.S. Anyway, to tell more it would be better to see, at least, the whole stackTrace with its "cause by"

Good luck

user592704
  • 3,674
  • 11
  • 70
  • 107