Question

I am trying to write a small java applet to read user browsing history. Thus all I need to do is to read files on the user's local filesystem.

I haven't succeeded in it though. When I try to use JNLP API's ExtendedService openFile(), the getInputStream() fails with an IOException. I tried to use the FileOpenService openFileDialog(), but when the dialog opens, directories appear either empty, or with a non-accessible icon.

Screenprints here : http://timewitnesser.com/publisher/screenshot1.png and here http://timewitnesser.com/publisher/screenshot2.png

Some details on how I built and deployed it : I basically followed Java applet's deployment guidelines here : docs.oracle.com/javase/tutorial/deployment/applet/deployingApplet.html

  • I used a jnlp file to launch the applet. I tried both with security set to all-permissions or not specified. Here's the code of jnlp file :

    <?xml version="1.0" encoding="UTF-8"?>
    <jnlp spec="1.0+" codebase="" href="">
        <information>
            <title>History Reader</title>
            <vendor>QualityWeb</vendor>
        </information>
        <resources>
            <j2se version="1.7+"
                href="http://java.sun.com/products/autodl/j2se" />
            <jar href="HistoryReaderApplet.jar" main="true" />
        </resources>
        <security>
            <all-permissions/>
        </security>
        <applet-desc 
             name="History Reader Applet"
             main-class="historyreaderapplet.HistoryReaderApplet"
             width="300"
             height="300">
         </applet-desc>
         <update check="background"/>
    </jnlp>
    
  • In my html page, I launch it with this code :

    <script src="https://www.java.com/js/deployJava.js"></script>
    <script> 
    var attributes = {
       code:'historyreaderapplet.HistoryReaderApplet',  width:300, height:300} ; 
    var parameters = {jnlp_href: 'historyreader_applet.jnlp'} ; 
    deployJava.runApplet(attributes, parameters, '1.7');
    </script>
    
  • I build the jar using the jar command, including a manifest in which I specify the 3 lines mentioned in the java guidelines, including the "Permission one". The command I use is jar cvfm HistoryReaderApplet.jar mymanifest.txt historyreaderapplet

  • I sign the jar using jarsigner, although I have generated my keys myself with keytool, I don't have a certificate signed by a certificate authority
  • I have even tried to set my local java machine security settings to medium and I have added my domain to the list of trusted domains.
  • I have tried both running the page from a local server, and uploading to a remote server
  • When I run the page, it prompts with an authorization box, where I allow the app. When I run in sandbox mode, when it reaches the fileopendialog thing, it prompts me again for whether I want to authorize the app to read and write on local file system, which I do. But then even with all these confirmations, it doesn't work.

Any idea what could be the problem?

EDIT : Here is the report from Janela, I included only the red parts :

cvc-complex-type.2.4.a: Invalid content was found starting with element 'security'. One of '{resources, application-desc, applet-desc, component-desc, installer-desc}' is expected.
cvc-complex-type.2.4.a: Invalid content was found starting with element 'security'. One of '{resources, application-desc, applet-desc, component-desc, installer-desc}' is expected.
Codebase '' is a malformed URL!  Defaulting to http://timewitnesser.com/publisher/historyreader_applet.jnlp
Codebase '' is a malformed URL!  Defaulting to http://timewitnesser.com/publisher/historyreader_applet.jnlp
Codebase '' is a malformed URL!  Defaulting to http://timewitnesser.com/publisher/historyreader_applet.jnlp
Codebase '' is a malformed URL!  Defaulting to http://timewitnesser.com/publisher/historyreader_applet.jnlp

It seems to me that the first lines could be the reason, but I don't understand them. Isn't the "security" tag supposed to be direct child of the jnlp tag ?

No correct solution

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top