Kbase 20108: SecurityExceptionEx Running a Java Applet to Connect AppSvr
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
07/02/2011 |
|
SUMMARY:
This solution explains some of the Java security exception errors which might occur as you work with applets to connect to a Progress AppServer broker, and offers ways to solve them.
EXPLANATION:
When you try to run an open client application built within a Java applet in the Microsoft IE5 browser, you might encounter the following errors:
com.ms.security.SecurityExceptionEx[com/progress/ubroker/client/Broker
System.initLogger]: Unable to access system property: BrokerSystemLog
In a general way, some of the exceptions that can be thrown by the Security Manager are:
com.ms.security.SecurityExceptionEx[classname.methodname]
or,
com.ms.security.SecurityExceptionEx[Host].
In most cases, these exceptions are thrown because the applet attempts to perform a trusted operation and the applet is not trusted. The term "trusted" means that the code is no longer confined to the Java sandbox. The sandbox restricts untrusted code from successfully performing the trusted operations like:
- Calling native code
- Connecting to remote computers
- Printing
- Using JDBC
- Creating top-level windows that do not have the applet warning,
etc.
A SecurityExceptionEx[Host] occurs if the web browser invokes a method that performs trusted operation and that method did not first assert its permission to perform the trusted operation. This situation occurs if your applet performs trusted operations in the applet's default constructor, init, start, stop or destroy method without first asserting its permissions.
SOLUTION: One way to solve this exception is by asserting the
permissions using the PolicyEngine Class in the applet. The
lifetime of PolicyEngine.assertPermission is the same lifetime as
the method with which it is called.
A SecurityExceptionEx[classname.methodname] will occurs if your applet attempts to perform a trusted operation and is not trusted.
SOLUTION: You must sign the applet to enable it to perform
operations outside the Java sandbox. Classes to run with
permissions higher than the sandbox level must be delivered to
the client computer inside a signed cabinet (CAB) file.
One way to be able to run an applet in IE5 without signing it up,
is to set some options in the browser with the following steps.
In the IE5 browser:
1) Choose the Tools Menu.
2) Choose Internet options.
3) Choose Local Intranet.
In the Java Section:
1) Choose Custom.
By choosing this option, you enable the Java Custom Settings.
2) Choose Java Custom Settings.
3) Choose the Edit Permissions label.
4) In the section Run Unsigned Content:
0) Run in Sandbox
0) Disable
Choose 0) Enable.
With this option set, the applet loads without signing it
up.