Re: applet security using WSAD4 and WAS4 -- WDSCI-L

Patrick,

Applets run in a very restrictive security model ("sandbox".)  This is
designed to protect the end user from downloading "untrusted" code from the
Internet and having it read / delete local files, etc...  What you are
likely encountering is the rule that prohibits applets from opening socket
connections to remote hosts other than the one where they originated from
(where you are running the HTTP server.)

The good news is that you can configure (i.e. relax) the security model
through a policy file.  The bad news is that this has to be done on every
PC that runs the applet.  Here is some more information from the SUN Java
site:

http://java.sun.com/docs/books/tutorial/security1.2/tour1/index.html

Don Yantzi
WebSphere Development Studio Client for iSeries
IBM Toronto Lab
Phone: (905) 413-4476
IBM internal:  IBMCA(yantzi)  -  Internet: yantzi@ca.ibm.com




                      P.Goovaerts@Clipp
                      er.Be                    To:       wdsci-l@midrange.com
                      Sent by:                 cc:       web400@midrange.com
                      wdsci-l-admin@mid        Subject:  [WDSCI-L] applet 
security using WSAD4 and WAS4
                      range.com


                      09/30/2002 04:56
                      AM
                      Please respond to
                      wdsci-l





This is a multipart message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
We have created an applet which gets data from the iSeries.  Tests while
developing were ok.  Now I included the applet in an html-document so it
can
be loaded from the Internet.  I added 'Basic Authentication' on the
html-files and when I try to access them, WAS asks me signon-info.  After
this, the applet is started but it cannot make any connection to our
iSeries
because of security issues.  (we use jt400.jar for all our access to
iSeries).

When loading, following error appears in java-console.  Lines with '---'
are
messages send from within the appletcode.

--- createComponents started.
--- getDataTables started.

Netscape security model is no longer supported.
Please migrate to the Java 2 security model instead.

access denied (java.net.SocketPermission ISERIESNAME resolve)
--- Connectionstatus = Connection for access denied
(java.net.SocketPermission ISERIESNAME resolve)
--- getting Trade information

Netscape security model is no longer supported.
Please migrate to the Java 2 security model instead.

Netscape security model is no longer supported.
Please migrate to the Java 2 security model instead.

--- Problem with ProgramCall : ProgramCall (system: AS400 (system name:
'ISERIESNAME' user ID: 'userid'):com.ibm.as400.access.AS400@6f144c
program:
/QSYS.LIB/COEXPORT.LIB/URSCHSITJ.PGM):com.ibm.as400.access.ProgramCall@1da4f

c
--- JavaError = java.security.AccessControlException: access denied
(java.net.SocketPermission iSeriesName resolve)
java.lang.NullPointerException
 at vesselschedule.VesselSchedule.getDataTables(VesselSchedule.java:352)
 at
vesselschedule.VesselSchedule.createComponents(VesselSchedule.java:101)
 at vesselschedule.VesselSchedule.init(VesselSchedule.java:380)
 at sun.applet.AppletPanel.run(Unknown Source)
 at java.lang.Thread.run(Unknown Source)



"   I don't have problems, only challenges...  "

Patrick Goovaerts
WebMaster
Clipper Support nv
TEL : 0032 (0)3 5453991
GSM: 0498 610 325
WEB: www.conti7.be
_______________________________________________
This is the Websphere Development Studio Client for iSeries  (WDSCI-L)
mailing list
To post a message email: WDSCI-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/wdsci-l
or email: WDSCI-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/wdsci-l.