Results 1 to 16 of 16
  1. #1
    solarflow99 is offline Member
    Join Date
    Nov 2014
    Posts
    3
    Rep Power
    0

    Default security settings to run an applet

    I have an old applet that basically runs a telnet/ssh sesion in a web browser. I used HTML tags to launch the applet, but now that java 8 automatically blocks applets that are considered insecure like this, what are my options? I read through the docs, but i'm not a java expert.

    Thanks,

  2. #2
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    Eastern Florida
    Posts
    19,966
    Rep Power
    31

    Default Re: security settings to run an applet

    There are controls and an exception list in the Java Control panel.
    If you don't understand my response, don't ignore it, ask a question.

  3. #3
    solarflow99 is offline Member
    Join Date
    Nov 2014
    Posts
    3
    Rep Power
    0

    Default Re: security settings to run an applet

    Quote Originally Posted by Norm View Post
    There are controls and an exception list in the Java Control panel.

    no, I wish it was that easy. the newer java jvm's only allow security level of high and very high, so even adding it to an exception list won't work.
    Besides I was hoping every user visiting the site not to require adding to the exception list.

  4. #4
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    13,541
    Rep Power
    26

    Default Re: security settings to run an applet

    That's the purpose of those though.
    If you could easily get past those security blocks then so could the people who write the stuff that those things are trying to block in the first place.
    Please do not ask for code as refusal often offends.

    ** This space for rent **

  5. #5
    gimbal2 is offline Just a guy
    Join Date
    Jun 2013
    Location
    Netherlands
    Posts
    5,114
    Rep Power
    12

    Default Re: security settings to run an applet

    You should take the hint: applets are not of this day and age. They are of an age where internet security was not a big thing and you could easily just make a browser expose the local client. They can still be used - in environments where security is an accepted necessary evil, such as corporate environments. Exactly the target of most Java appliances.

    Nowadays browsers need to be secure and any piece of third party technology you dump into it that might break that security is going to have to go through very strict security measures. If those security measures are something that make or break your user's experience, do not use the technology (or Flash, or Silverlight).
    "Syntactic sugar causes cancer of the semicolon." -- Alan Perlis

  6. #6
    jim829 is offline Senior Member
    Join Date
    Jan 2013
    Location
    Northern Virginia, United States
    Posts
    6,226
    Rep Power
    13

    Default Re: security settings to run an applet

    Quote Originally Posted by gimbal2 View Post
    You should take the hint: applets are not of this day and age.
    You have said that before. So what do you recommend to replace them?

    Regards,
    Jim
    The JavaTM Tutorials | SSCCE | Java Naming Conventions
    Poor planning on your part does not constitute an emergency on my part

  7. #7
    solarflow99 is offline Member
    Join Date
    Nov 2014
    Posts
    3
    Rep Power
    0

    Default Re: security settings to run an applet

    Quote Originally Posted by gimbal2 View Post
    You should take the hint: applets are not of this day and age. They are of an age where internet security was not
    ok, ok. So then you tell me what I should replace applets with then?? And how about HOW I can make an applet secure, does it take JNLP signed from a trusted CA for big $$ bucks or what.

  8. #8
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    13,541
    Rep Power
    26

    Default Re: security settings to run an applet

    Quote Originally Posted by solarflow99 View Post
    no, I wish it was that easy. the newer java jvm's only allow security level of high and very high, so even adding it to an exception list won't work.
    Besides I was hoping every user visiting the site not to require adding to the exception list.
    The exception list is still used in 8, though.
    The Medium setting had nothing to do with the exception list.
    If it's not working then something else is up.

    But yes, in answer to your current question, it does cost to get a certificate.
    These days (where "these days" goes back a while) you'd do it in HTML/Javascript, possibly talking to a server.
    Please do not ask for code as refusal often offends.

    ** This space for rent **

  9. #9
    gimbal2 is offline Just a guy
    Join Date
    Jun 2013
    Location
    Netherlands
    Posts
    5,114
    Rep Power
    12

    Default Re: security settings to run an applet

    Quote Originally Posted by jim829 View Post
    You have said that before. So what do you recommend to replace them?

    Regards,
    Jim
    The right tool for the right job. Generally a telnet/SSH client is the right tool to open a telnet/SSH session.
    "Syntactic sugar causes cancer of the semicolon." -- Alan Perlis

  10. #10
    KevinWorkman's Avatar
    KevinWorkman is offline Crazy Cat Lady
    Join Date
    Oct 2010
    Location
    Washington, DC
    Posts
    4,143
    Rep Power
    14

    Default Re: security settings to run an applet

    I mostly agree with Gimbal. Applets are dead and should probably be replaced by runnable jars or packaged executables. If you really want to run your program directly in the browser, then you should be using html5 and javascript, not Java. This definitely sucks, and I'd be ecstatic if a fix came about, but for now it's the basic truth. Cross-compiling to html5 and javascript like libGDX is very promising, so hopefully more of that type of technology starts popping up. Until then, we're stuck either exporting as runnable jars or packaged executables, purchasing a certificate (even that is not a great solution), or changing to another language (GWT is worth checking out, since you're still writing in Java).

    As for OP's problem, it shouldn't have anything to do with Java 8. Java 8 still has the Medium setting, and it still has the exception site list, which circumvents your security level anyway.

    I believe you still have to sign your applet, even if you're in the exception site list or on the medium security setting. You also have to add certain attributes to the manifest. Maybe you're missing some of those?

    But if you have the option to redeploy as a runnable jar or packaged executable, that's probably the way to go, imho.
    How to Ask Questions the Smart Way
    Static Void Games - GameDev tutorials, free Java and JavaScript hosting!
    Static Void Games forum - Come say hello!

  11. #11
    jim829 is offline Senior Member
    Join Date
    Jan 2013
    Location
    Northern Virginia, United States
    Posts
    6,226
    Rep Power
    13

    Default Re: security settings to run an applet

    Quote Originally Posted by KevinWorkman View Post
    I believe you still have to sign your applet, even if you're in the exception site list or on the medium security setting. You also have to add certain attributes to the manifest. Maybe you're missing some of those?
    I don't believe so. I have some applets I wrote and adding the site to exception list solves the problem. Nothing special in the manifest either. I also notice that Oracle continues to use quite a few applets in their tutorials.

    Regards,
    Jim
    The JavaTM Tutorials | SSCCE | Java Naming Conventions
    Poor planning on your part does not constitute an emergency on my part

  12. #12
    KevinWorkman's Avatar
    KevinWorkman is offline Crazy Cat Lady
    Join Date
    Oct 2010
    Location
    Washington, DC
    Posts
    4,143
    Rep Power
    14

    Default Re: security settings to run an applet

    Maybe I'm thinking that you still have to self-sign even when you're on the medium setting?

    Either way, OP needs to tell us his settings and the exact error he's seeing for us to be able to help him.
    How to Ask Questions the Smart Way
    Static Void Games - GameDev tutorials, free Java and JavaScript hosting!
    Static Void Games forum - Come say hello!

  13. #13
    gimbal2 is offline Just a guy
    Join Date
    Jun 2013
    Location
    Netherlands
    Posts
    5,114
    Rep Power
    12

    Default Re: security settings to run an applet

    Well let me try to at least add something marginally constructive to this thread: probably the only way to go is:

    1. have proper documentation on how to setup the exception list: https://www.java.com/en/download/exception_sitelist.jsp
    2. Add troubleshooting documentation for this particular applet for Java 7/8 users so they are guided to configure the exception

    And the alternative is probably to pay for a proper signed certificate to sign the applet with.
    "Syntactic sugar causes cancer of the semicolon." -- Alan Perlis

  14. #14
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    Eastern Florida
    Posts
    19,966
    Rep Power
    31

    Default Re: security settings to run an applet

    My recent testing with a couple of applets:
    I have just installed java version:
    java version "1.8.0_25"
    Java(TM) SE Runtime Environment (build 1.8.0_25-b18)
    Java HotSpot(TM) Client VM (build 25.25-b02, mixed mode, sharing)
    I got a new Web Hosting site yesterday and uploaded a couple of applets (old and not signed) for testing.
    I have an entry in my Java Security exclusion list for the site.
    When I try to load one of the applets, I get a dialog box "Security Warning" with a Run button. I press the Run button and the applet executes.

    EDIT: The new Java install has caused one of my tools to fail. The install added this path to the front of the PATH variable:
    PATH=C:\ProgramData\Oracle\Java\javapath;

    I haven't tracked down why there is a problem yet. I was using java.exe without a path before. I added the full path and it works.
    Attached Thumbnails Attached Thumbnails security settings to run an applet-securitywarning.png  
    Last edited by Norm; 11-04-2014 at 08:16 PM.
    If you don't understand my response, don't ignore it, ask a question.

  15. #15
    KevinWorkman's Avatar
    KevinWorkman is offline Crazy Cat Lady
    Join Date
    Oct 2010
    Location
    Washington, DC
    Posts
    4,143
    Rep Power
    14

    Default Re: security settings to run an applet

    Good to know. What happens if you remove the site from your exception list and change your security to medium?
    How to Ask Questions the Smart Way
    Static Void Games - GameDev tutorials, free Java and JavaScript hosting!
    Static Void Games forum - Come say hello!

  16. #16
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    Eastern Florida
    Posts
    19,966
    Rep Power
    31

    Default Re: security settings to run an applet

    There is no Medium setting with 8u25. Only High and Very High.

    The site's URL is visible in the image. Can you try it?
    Here is the URL: http://normsstuff.x10host.com/WayPoints.html
    If you don't understand my response, don't ignore it, ask a question.

Similar Threads

  1. Replies: 2
    Last Post: 01-16-2014, 09:08 AM
  2. Applet Security Settings
    By dendeezen in forum Java Applets
    Replies: 12
    Last Post: 05-24-2013, 04:42 PM
  3. Replies: 3
    Last Post: 11-01-2012, 02:42 PM
  4. Applet to access clients printer settings
    By ajayd3v in forum Java Applets
    Replies: 0
    Last Post: 09-03-2012, 09:44 AM
  5. CLDC VM Security Settings Directory
    By beezerbutt in forum CLDC and MIDP
    Replies: 0
    Last Post: 04-16-2009, 06:47 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •