Date: Mon, 16 Mar 1998 15:26:44 -0800 (PST)
From: Marianne Mueller <Marianne.Mueller@Eng>
Subject: Re: Problems reading a server file through the internet
To: java-security@web4.javasoft.com, mop21299@mail.telepac.pt
In your example,
// abre o ficheiro (open file to read)
try {
/* ----------------------- Here the problem begins ----------------*/
// this url doesn't work properly through the internet
// url = new URL("http://www.multi.pt/icc-consult/pv/biggraf/portucel.icc");
url = new URL("file://c:/icc/pv/biggraf/portucel.icc");
// and this one works just fine at my home computer
url.openConnection();
input = new DataInputStream(new FileInputStream(url.getFile()));
}
catch ( MalformedURLException mal ) {
System.err.println( " URL invalido...\n"+
mal.toString());
}
catch ( IOException e ) {
System.err.println( " O ficheiro nao foi aberto correctamente\n"+
e.toString());
System.exit(1);
}
catch ( Exception ex ) {
System.err.println( " URL nao autorizado...\n"+
ex.toString());
}
it looks like you are trying to have the applet connect to a server
that is different from the server the applet comes from. One of
the restrictions on applets downloaded over the net is that they
can only make network connections to the machine they were downloaded
from.
Are you using JDK 1.2 yet? There is a good general purpose solution
for this problem with JDK 1.2. You can specify which code is allowed
which permissions, and express that policy in an external policy file
(NOT hardcoding it into your program.)
For a brief and somewhat old desription of the restrictions placed
on JDK 1.x untrusted applets, refer to
http://java.sun.com/sfaq/
The general security page is
http://java.sun.com/security
Some Q&A is at
http://java.sun.com/security/hypermail/java-security-archive/index.html
--Marianne