I need to access the local running LDAP via applet for authenticating users from their own organization security.
But when i click the login button and applet tries to connect to the 10.0.215.45 server it gives following exception
network: Connecting http://qa.mycompany.com/loginldap/jndi.properties with proxy=DIRECT
network: Connecting http://qa.mycompany.com/loginldap/jndi.properties with cookie "__utma=3105202.1962924881.1410333072.1410351890.1411365879.4; __utmz=3105202.1410333072.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _bcvm_vrid_3210241798524429162=9098969101660648460T0DA4F9342F9A96696C8032E97870412050BB1ADC5C79D4B5EAA03F617D96473191202EB66601664B00D33A3B14F5A765452D84B6F8C4149A8E9235E8EEFB41FE; inproducttranslatemode=false"
network: Connecting http:// 10.0.215.45 :389/crossdomain.xml with proxy=DIRECT
network: Connecting http:// 10.0.215.45 :389/ with proxy=DIRECT
java.security.AccessControlException: access denied ("java.net.SocketPermission" "10.0.215.45:389" "connect,resolve")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at sun.plugin2.applet.SecurityManagerHelper.checkConnectHelper(Unknown Source)
at sun.plugin2.applet.AWTAppletSecurityManager.checkConnect(Unknown Source)
I have self signed the applet jar during my build process
<target name="dist" depends="clean,compile" description="generate the distribution">
<mkdir dir="${dist}" />
<copy todir="${build}">
<fileset file="${src}/conf.properties" />
</copy>
<jar jarfile="${dist}/${module-jar-file}" basedir="${build}">
<manifest>
<attribute name="Permissions" value="sandbox" />
<attribute name="Codebase" value="*.mycompany.com" />
<attribute name="Application-Library-Allowable-Codebase" value="*.mycompany.com" />
<attribute name="Application-Name" value="Company - SSO" />
<attribute name="Main-Class" value="com.mycompany.authentication.sso.Application"/>
<attribute name="Entry-Point" value="com.mycompany.authentication.sso.applet.Applet" />
</manifest>
</jar>
<signjar jar="${dist}/${module-jar-file}" alias="signalias" keystore="keystore" storepass="storepass">
</signjar>
<copy todir="${dist}">
<fileset file="resources/index.html" />
</copy>
My overall architecture goes like
>>>>>>>>>>>>>> INTERNET <<<<<<<<<<<<<<<
+-------------------------+
+ +
+ +
+ qa.mycompany.com + <= applet is hosted here
+ SERVER +
+ +
+-------------------------+
**************************************************************************************
>>>>>>>>>>>>>> LOCAL NETWORK <<<<<<<<<<<<<<<
+-----------------------------------------------+
+ +
+ http://qa.mycompany.com/loginldap +
+ +
+-----------------------------------------------+
+ +
+ +
+ Client browser downloading applet + =======||
+ and running + ||
+ + ||
+-----------------------------------------------+ ||
||
|| (10.0.215.45)
|| +------------+
======>> + +
+ LDAP +
+ +
+------------+Here is how I made it working
<attribute name="Permissions"
value="sandbox" /> to <attribute name="Permissions"
value="all-permissions" />This atleast started and worked my applet in browser. Later for production environment I can have a proper SSL certificate and assign proper permissions as per my requirement.