Where to place java applet policy file?

StackOverflow https://stackoverflow.com/questions/2612895

  •  25-09-2019
  •  | 
  •  

Question

I am working on an artificial intelligence project which is a logic game and aims two user connecting to the server on the network who acts as an Admin and then start to play one by one.

In order to create connections, i have a server code which is just listening on localhost:8000 and assigning team values to the clients as they arrive. After connecting, clients make their move under Admin's control.

The question is that when i try to put my code to work in the browser it fails with the following error:

java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:8000 connect,resolve)

Even though i have created my own policy, first granting only Socket access permission to the codebase of my project folder (file:///home/xxx/projects/-), after it didn't work i granted all permissions from all codebase. I tried placing my policy file both in the home directory and in the same directory where my applet code resides.

Appreciate any tips, thanks.

Was it helpful?

Solution

by default I think it looks for a file named .java.policy in your home directory

you can check the file /lib/security/java.security to see where it looks. check the keys named policy.url.n

OTHER TIPS

You can set the location of the security policy file by using this command-line option

-Djava.security.policy=policyfilepath

with the java command.

Or you can even set this propery using the System.setProperty() procedure.

Place the policy file where the JRE is.

For instance, my policy file is located at C:\Program Files\Java\jre1.6.0_01\lib\security

I strongly suggest respecting the same-origin policy. Security implications are not necessarily obvious at the best of times. Also, an applet with standard permissions has better usability and should be easier to maintain.

If you grant a permission to a specific JAR (codebase), this only works if the whole execution stack from the start of the thread to the method invocation is in that codebase/protection domain.

If your method is alibrary, and you are sure that you access the operation safely, you can use a Priveledged Block, which essentially makes sure the part of the stack calling your block is not considered in the access calculation.

Privileged Block, as described here:

http://docs.oracle.com/javase/6/docs/technotes/guides/security/doprivileged.html

Greetings Bernd

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top