javasecurityappletaccesscontrolexceptionpolicyfiles

Applet runs in eclipse but not in browser - java security


Below is applet code, it uses jna.jar (https://github.com/twall/jna) to access a DLL file in system32.

import javax.swing.*;
import javax.print.*;

import java.security.*;
import java.util.ArrayList;
import com.sun.jna.Library;
import com.sun.jna.Native;
import java.awt.*;
import java.awt.event.*;
import java.io.PrintWriter;
import java.io.StringWriter;

import com.sun.jna.Pointer;
import com.sun.jna.platform.win32.WinDef.HWND;
import com.sun.jna.platform.win32.WinUser;
import com.sun.jna.platform.win32.WinUser.WNDENUMPROC;
import com.sun.jna.win32.StdCallLibrary;

public class CallApplet extends JApplet implements ActionListener {

    /**
     * 
     */
    private static final long serialVersionUID = 4654357272074276081L;
    static JTextField output;
    private final String ButtonText = "Print";

    public void init() {

        Container contentHolder = getContentPane();

        contentHolder.setLayout(new BorderLayout(18,18));

        output = new JTextField(20);
        //add(output);

        contentHolder.add(output, BorderLayout.CENTER);

        JPanel buttonPanel = new JPanel();

        JButton b = new JButton(ButtonText);
        b.addActionListener(this);

        buttonPanel.add(b);
        contentHolder.add(buttonPanel, BorderLayout.SOUTH);
        validate();
    }

    public void actionPerformed(ActionEvent evt)
    {
        //get the text of the button that was pushed
        String command = evt.getActionCommand();

        output.setText(command);

        // if myButton was pressed, output a message
        if(ButtonText.equals(command)) {
            try {
                this.mprintt("TSC TTP-244 Plus");
            } catch (Exception e) {

            }
        }
    }

    public void setMessage(String message) {
        output.setText(message);
    }

    public interface TscLibDll extends Library {
        TscLibDll INSTANCE = (TscLibDll) Native.loadLibrary ("TSCLIB", TscLibDll.class);
        int about ();
        int openport (String pirnterName);
        int closeport ();
        int sendcommand (String printerCommand);
        int setup (String width,String height,String speed,String density,String sensor,String vertical,String offset);
        int downloadpcx (String filename,String image_name);
        int barcode (String x,String y,String type,String height,String readable,String rotation,String narrow,String wide,String code);
        int printerfont (String x,String y,String fonttype,String rotation,String xmul,String ymul,String text);
        int clearbuffer ();
        int printlabel (String set, String copy);
        int formfeed ();
        int nobackfeed ();
        int windowsfont (int x, int y, int fontheight, int rotation, int fontstyle, int fontunderline, String szFaceName, String content);
    }

    public void mprintt(String printer) {

        try {
            //TscLibDll.INSTANCE.about();
            TscLibDll.INSTANCE.openport(printer);
            //TscLibDll.INSTANCE.downloadpcx("C:\\UL.PCX", "UL.PCX");
            TscLibDll.INSTANCE.sendcommand("REM ***** This is a test by JAVA. *****");
            TscLibDll.INSTANCE.setup("35", "15", "3", "8", "0", "3", "-1");
            TscLibDll.INSTANCE.clearbuffer();
            //TscLibDll.INSTANCE.sendcommand("PUTPCX 550,10,\"UL.PCX\"");
            TscLibDll.INSTANCE.printerfont ("290", "8", "3", "0", "1", "1", "ARTICLE NO");
            TscLibDll.INSTANCE.barcode("290", "35", "128", "50", "1", "0", "2", "2", "123456789");
            //TscLibDll.INSTANCE.windowsfont(400, 200, 48, 0, 3, 1, "arial", "DEG 0");
            //TscLibDll.INSTANCE.windowsfont(400, 200, 48, 90, 3, 1, "arial", "DEG 90");
            //TscLibDll.INSTANCE.windowsfont(400, 200, 48, 180, 3, 1, "arial", "DEG 180");
            //TscLibDll.INSTANCE.windowsfont(400, 200, 48, 270, 3, 1, "arial", "DEG 270");
            TscLibDll.INSTANCE.printlabel("1", "1");
            TscLibDll.INSTANCE.closeport();
            output.setText("printed");
        } catch (Exception e) {
            StringWriter sw = new StringWriter();
            PrintWriter pw = new PrintWriter(sw);
            e.printStackTrace(pw);
            output.setText(sw.toString());
        }
    }
}

My Html code

<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<applet codebase ="." code="CallApplet.class"
        archive="CallApplet.jar,jna.jar,platform.jar"
        height="100" width="100"/>
</body>
</html>

I can see the applet loaded and all swing elements in browser when i try to click print it just wont do anything. In eclipse run it works fine.

I know this is security issue so i have also added policy (C:\Program Files\Java\jre7\lib\security\java.policy file)

grant codeBase "http://localhost:8080/appletproj/*" {
    permission java.security.AllPermission;
};

Stacktrace

Exception in thread "AWT-EventQueue-7" java.lang.NoClassDefFoundError: com/sun/jna/Library
    at java.lang.ClassLoader.defineClass1(Native Method)
    at java.lang.ClassLoader.defineClass(Unknown Source)
    at java.security.SecureClassLoader.defineClass(Unknown Source)
    at java.net.URLClassLoader.defineClass(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
    at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at java.lang.ClassLoader.loadClass(Unknown Source)
    at CallApplet.mprintt(CallApplet.java:185)
    at CallApplet.actionPerformed(CallApplet.java:60)
    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
    at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
    at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
    at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
    at java.awt.Component.processMouseEvent(Unknown Source)
    at javax.swing.JComponent.processMouseEvent(Unknown Source)
    at java.awt.Component.processEvent(Unknown Source)
    at java.awt.Container.processEvent(Unknown Source)
    at java.awt.Component.dispatchEventImpl(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
    at java.awt.EventQueue.access$200(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.awt.EventQueue$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.awt.EventQueue$4.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
    at java.awt.EventQueue.dispatchEvent(Unknown Source)
    at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.run(Unknown Source)
Caused by: java.lang.ClassNotFoundException: com.sun.jna.Library
    at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at java.lang.ClassLoader.loadClass(Unknown Source)
    ... 55 more

But even this does not help. please guide me where am I going wrong.

SOLUTION

Frankly i did not got solution to work, rather it was not a security issue so creating new question with actual error

So to get the exact error i enabled java console (suggested by andrew), you can go here for how to do it.

UPDATE

After few days I got it working, the issue was jna.jar and platform.jar which were already signed so whenever i signed them using jarsigner it never worked and i never got any error (so i never looked at them), when i verified it using jarsigner i figured it out. Then i unsigned them and signed it using same key which i used with my jar (Hope it will help others)


Solution

  • ..also added policy .. But even this does not help.

    Policy files are rarely, if ever, a good idea. If the code needs to be trusted, digitally sign the archive(s).