Date: Tue, 9 Feb 1999 01:14:32 -0800 (PST)
From: Joel Parker Henderson <jhenderson@ndmail.eng.sun.com>
To: java-security@java.sun.com
Subject: SWAN Java security problems
Hi,
I am a Sun employee, and the Sun JavaSoft NetDynamics webmaster.
Can you help me solve a Java applet security DNS issue on SWAN?
The goal is for this webpage to work:
http://www.netdynamics.com/java/lib/htxedit.html
The applet works fine if I am dialed in to a typical service provider,
including AOL and Netcom, but it fails if I am on SWAN. However, if
I use the IP address instead of the hostname, it works on SWAN:
http://216.121.32.170/java/lib/htxedit.html
When I use the machine name, here's the error message
from the Java2 Activator Plug In:
Java(TM) Plug-in
Using JRE version 1.2
User home directory = C:\WINNT\Profiles\jhenderson
Proxy Configuration: Manual Configuration
Proxy: http=webcache.ebay.sun.com:8080;https=webcache.ebay.sun.com:8080;ftp=webcache.ebay.sun.com:8080
Proxy Overrides: *go,*go.eng,*go.eng.sun.com,*localhost,*lps.central,*razmtaz.corp,*sslps.ebay,*sunlegal.corp,*think,*think.eng.sun.com,*shamash.eng.sun.com,*webfix.eng,*webfix.eng.sun.com,*webcache.eng.sun.com,*eng.sun.com,*grand.central.sun.com
JAR cache enabled.
Opening http://www.netdynamics.com/java/lib/net/school/htx/edit/main.class proxy=webcache.ebay.sun.com:8080
Opening http://www.netdynamics.com/java/lib/net/school/htx/edit/main.class proxy=webcache.ebay.sun.com:8080
java.security.AccessControlException: access denied
(java.net.SocketPermission www.netdynamics.com resolve)
at java.security.AccessControlContext.checkPermission(Compiled Code)
at java.security.AccessController.checkPermission(Compiled Code)
at java.lang.SecurityManager.checkPermission(Compiled Code)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1004)
at sun.plugin.protocol.jdk12.http.HttpURLConnection.connect(HttpURLConnection.java:163)
at sun.plugin.protocol.jdk12.http.HttpURLConnection.getInputStream(HttpURLConnection.java:191)
at sun.applet.AppletClassLoader.getBytes(Compiled Code)
at sun.applet.AppletClassLoader.access$1(AppletClassLoader.java:216)
at sun.applet.AppletClassLoader$1.run(AppletClassLoader.java:139)
at java.security.AccessController.doPrivileged(Native Method)
at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:136)
at java.lang.ClassLoader.loadClass(ClassLoader.java:280)
at sun.applet.AppletClassLoader.loadClass(AppletClassLoader.java:110)
at java.lang.ClassLoader.loadClass(ClassLoader.java:237)
at sun.applet.AppletClassLoader.loadCode(AppletClassLoader.java:363)
at sun.applet.AppletPanel.createApplet(AppletPanel.java:532)
at sun.plugin.AppletViewer.createApplet(AppletViewer.java:759)
at sun.applet.AppletPanel.runLoader(AppletPanel.java:468)
at sun.applet.AppletPanel.run(Compiled Code)
at java.lang.Thread.run(Thread.java:479)
I have tried a variety of things like editing the
c:\winnt\system32\hosts file to try to bypass my
local system's DNS.
I have also tried editing the JRE java.policy file by prepending this:
grant {
permission java.net.SocketPermission "*.netdynamics.com", "accept,connect,resolve";
};
Unfortunately, nothing seems to make a difference. Thanks in advance for
any insight. This problem is blocking me from deploying a Java applet that
our JavaSoft marketing department uses to update the Sun NetDynamics
website, so it's business-critical for us that I find a solution quickly.
Cheers,
Joel
____________________________________________________________________________
Joel Parker Henderson 800-558-2197 voice Learn about NetDynamics,
jhenderson@netdynamics.com 650-617-5920 faxes and our merger with Sun at
Internet Operations Manager 415-215-5306 mobile http://www.netdynamics.com