Applets security: property write

=?iso-8859-1?Q?Adri=E1n_Allende?= (aallende@exa.unicen.edu.ar)
Wed, 23 Dec 1998 14:25:17 -0300

Hello

I'm trying to use Aglets in an Applet, but the following code fails due =
a exception trying to get and put system properties (Netscape=AE =
Communicator 4.5 ).

I send all the code for completness, but the code segment important is =
marked <<<< RELEVANT >>>>

Following the code, is the communicator java console output.

-------------------------------- begin java code

import java.awt.*;
import java.awt.event.*;
import java.applet.*;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.URL;
import java.util.Properties;
import java.util.Enumeration;

import java.net.URL;

import com.ibm.aglet.*;
import com.ibm.aglet.system.*;
import com.ibm.atp.daemon.Daemon;
import com.ibm.awb.util.Resource;
import com.ibm.awb.util.FileUtils;

public class alaa extends Applet=20
implements ActionListener=20
{

TextArea output =3D null;
Button button =3D null;

static private Resource atp_res;
static private Resource aglets_res;

public void init() {
button =3D new Button("Execute");
add(button);
button.addActionListener(this);
output =3D new TextArea(5, 40);
add(output);
}

public void actionPerformed(ActionEvent event) {
// call main
try { =20
main(); }
catch (Exception e) {
System.out.println("Exception: " + e ); }
}

public void start() {
//
}

static public void main() throws Exception {
String args[] =3D {"-defaultport","4434"};
System.out.println( "opt ");
if (importOptions(args) =3D=3D false) {
usage();
System.exit(1);
}
System.out.println( "opt pass");

//
// Create a daemon object and initialize it with arguments
//

//que argumentos van? copiarse del tahiti
//aparentemente pueden ir muchos pero por defecto solo va=20
// java Main -defaultport 434

Daemon daemon =3D Daemon.init(args);
System.out.println( "daemon ");

//copiado del tahiti, no se que es

atp_res =3D Resource.getResourceFor("atp");

String port =3D atp_res.getString("atp.port");
String sep =3D File.separator;
String log_dir =3D FileUtils.getLogDirectory();

daemon.setAccessLogFile(log_dir+sep+"access." + port);
daemon.setErrorLogFile(log_dir+sep+"error." + port);
daemon.setMessageLogFile(log_dir+sep+"message." + port);

//
// Obtain a runtime object and initialize it with arguments
//

//que argumentos van? copiarse del tahiti

AgletRuntime runtime =3D AgletRuntime.init(args);

aglets_res =3D Resource.getResourceFor("aglets");

//
// Check to see if this is a registered user.
//
/*
String name =3D aglets_res.getString("aglets.user.account", =
null);
if (name =3D=3D null) {
System.out.println( "name null ");
System.exit(1);
}
// default name...
String name =3D aglets_res.getString("aglets.user.account");
Object id =3D AgletsSystem.createOwnerIdentity(name);
*/

//
// Creates a named context. To dispatch to this context, you =
have to
// specify the destination, for example,
// "atp://aglets.trl.ibm.com:434/test"
//

AgletContext cxt =3D runtime.createAgletContext("");
System.out.println( "cxt created ");

ContextListener listener =3D new ContextAdapter () {
public void agletArrived(ContextEvent ev) {
AgletProxy proxy =3D ev.getAgletProxy();
try {
System.out.println("Aglet is arriving."+
proxy.getAgletInfo());
} catch (InvalidAgletException ex) {
ex.printStackTrace();
}
}
public void agletDispatched(ContextEvent ev) {
AgletProxy proxy =3D ev.getAgletProxy();
try {
System.out.println("Aglet is leaving."+
proxy.getAgletInfo());
} catch (InvalidAgletException ex) {
ex.printStackTrace();
}
}
} ;

cxt.addContextListener(listener);
System.out.println( "cntx list added ");
//
// Create a daemon initialized with args
//
try {=20
daemon.start("aglets");
System.out.println( "dmd started ");
}
catch (Exception e) { System.out.println( "something wrong =
:"+e); }

//
// Start a context
//
try {=20
cxt.start();
System.out.println( "cxt started ");
}
catch (Exception e) { System.out.println( "something wrong =
start:"+e); }

startupAglets(cxt);
System.out.println( "startup aglets called ");

/*
//crear un aglet hello para mandar al contexto con el tahiti
AgletProxy myaglet =3D null ;
try {=20
myaglet =3D cxt.createAglet(null,"HelloAglet", null);
myaglet.sendMessage(new Message("startTrip"));
}
catch (Exception e) { System.out.println( "something wrong "); }
*/ =20
}

=20
static void startupAglets(AgletContext context) {
Resource r =3D Resource.getResourceFor("aglets");
String[] startup_aglets =3D =
r.getStringArray("aglets.startupAglets",
" \t\n");
if (r.getBoolean("aglets.startup", false) && startup_aglets !=3D =
null) {
System.out.print ("Startup Aglets antes del for");
for(int i=3D0; i<startup_aglets.length; i++) {
URL codebase =3D null;
String name =3D startup_aglets[i];
try {
int del =3D name.lastIndexOf('/');
if (del>0) {
codebase =3D new URL(name.substring(0,del));
name =3D name.substring(del+1);
}
} catch (java.net.MalformedURLException ex) {
ex.printStackTrace();
}
try {
context.createAglet(codebase, name, null);
System.out.print ("Created the \"Startup\" =
Aglet:");
System.out.println("[" + codebase + "] [" + name + =
"]");
} catch (Exception e) {
System.err.println("Failed to create the \"Startup\" =
Aglet:" + e.getMessage());
System.err.println("[" + codebase + "] [" + name + =
"]");
e.printStackTrace();
}
}
System.out.print ("Startup Aglets fin for");

}
}

static public boolean importOptions(String args[]) throws =
IOException {
if (args =3D=3D null) {
return true;
}
System.out.println("getpropini");
<<<< RELEVANT >>>>
Properties props =3D System.getProperties();
<<<< RELEVANT >>>>
System.out.println("getpropfin");
for(int i =3D 0; i < args.length ; i++) {
String option =3D args[i].trim();

if (option.equalsIgnoreCase("-help")) {
return false;

//
// for debugging
//
} else if (option.equalsIgnoreCase("-debug")) {
com.ibm.awb.util.Debug.debug(true);

} else if (option.equalsIgnoreCase("-err")) {
i++;
System.setErr(new java.io.PrintStream(new =
java.io.FileOutputStream(args[i])));
} else if (option.equalsIgnoreCase("-out")) {
i++;
System.setOut(new java.io.PrintStream(new =
java.io.FileOutputStream(args[i])));

//
// ATP
//
} else if (option.equalsIgnoreCase("-defaultport")) {
try {
i++;
int port =3D Integer.valueOf(args[i]).intValue();
if (port < 0 ) {
throw new =
IllegalArgumentException("-defaultport: Illegal or missing port =
number.");
}
props.put("atp.defaultport", String.valueOf(port));

} catch (NumberFormatException nfe) {
throw new IllegalArgumentException("-defaultport: =
Illegal or missing port number.");
}
} else if (option.equalsIgnoreCase("-port")) {
try {
i++;
int port =3D Integer.valueOf(args[i]).intValue();
if (port < 0 ) {
throw new IllegalArgumentException("-port: =
Illegal or missing port number.");
}
props.put("atp.port", String.valueOf(port));
} catch (NumberFormatException nfe) {
throw new IllegalArgumentException("-port: Illegal =
or missing port number.");
}
} else if (option.equalsIgnoreCase("-resolve")) {
props.put("atp.resolve", "true");
} else if (option.equalsIgnoreCase("-domain")) {
i++;
props.put("atp.domain", args[i]);

//
// AGLETS
//
} else if (option.equalsIgnoreCase("-username")) {
i++;
props.put("aglets.user.account", args[i]);
} else if (option.equalsIgnoreCase("-viewer")) {
i++;
props.put("aglets.viewer", args[i]);
} else if (option.equalsIgnoreCase("-verbose")) {
props.put("atp.verbose", "true");
props.put("verbose", "true");
} else if (option.equalsIgnoreCase("-nosecurity")) {
props.put("aglets.secure", "false");
} else if (option.equalsIgnoreCase("-nogui")) {
props.put("aglets.viewer","");
} else if (option.equalsIgnoreCase("-commandline")) {
props.put("aglets.viewer",
"com.ibm.aglets.tahiti.CommandLine");

// NOT PUBLICALLY AVAILABLE
} else if (option.equalsIgnoreCase("-startup")) {
i++;
props.put("aglets.startup", "true");
props.put("aglets.startupAglets", args[i]);
} else if (option.equalsIgnoreCase("-enablebox")) {
props.put("aglets.enableBox", "true");
} else {
System.out.println("unknown option :[" + option + "]");
return false;
}
}
return true;
}

static public void usage() {
String name =3D System.getProperty("program-name",
"java =
com.ibm.aglets.tahiti.Main");
System.err.println("usage: " + name + " [-options] \n" +
"where options include: \n" +
" -help print out this message \n" +
" -verbose turn on verbose mode\n" +
" -port <port> set the port used by deamon\n" +
" -viewer <class> set the viewer class\n" +
" -resolve use fully qualified hostname by =
resolving reverse lookup\n" +
" -nosecurity disable security manager\n" +
" -commandline use command line interface.\n" +
" -nogui no gui/cui.\n" +
" -domain set the domain name");
}

}

-------------------------------- end java code

----------------------------- begin java console output

Netscape Communications Corporation -- Java 1.1.5Type '?' for =
options.opt getpropini# Security Exception: =
checkpropsaccessnetscape.security.AppletSecurityException: =
security.checkpropsaccess at =
netscape.security.AppletSecurity.checkPropertiesAccess(AppletSecurity.jav=
a:466) at =
java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:925)=
at java.lang.System.getProperties(System.java:370) at =
alaa.importOptions(alaa.java:220) at alaa.main(alaa.java:54) at =
alaa.actionPerformed(alaa.java:42) at =
java.awt.Button.processActionEvent(Button.java:267) at =
java.awt.Button.processEvent(Button.java:240) at =
java.awt.Component.dispatchEventImpl(Component.java:1789) at =
java.awt.Component.dispatchEvent(Component.java:1715) at =
java.awt.EventDispatchThread$EventPump.dispatchEvents(EventDispatchThread=
.java:83) at =
java.awt.EventDispatchThread.run(EventDispatchThread.java:135) at =
netscape.applet.DerivedAppletFrame$AppletEventDispatchThread.run(DerivedA=
ppletFrame.java:911)Exception: =
netscape.security.AppletSecurityException: security.checkpropsaccess
# UniversalPropertyWrite privilege not enabled: Modifying sensitive =
information stored in your computer
----------------------------- end java console=20

note there is no jit compiler, in accordance with
sectn3.html
titled
SECURITY PREFERENCES FOR COMMUNICATOR=20
Alec B. Plumb, Technology Evangelist=20
(don't know the URL!)

That says "Rename the JIT library "jit3240.dll" "

Also, the prefs.js has the following

user_pref("signed.applets.local_classes_have_30_powers", true);=20
user_pref("signed.applets.codebase_principal_support", true);=20
user_pref("signed.applets.verbose_security_exception", true);
user_pref("security.lower_java_network_security_by_trusting_proxies", =
true);
user_pref("signed.applets.simulate_signatures_on_system_classes", true);
user_pref("security.lower_java_network_security_by_trusting_proxies", =
true);

I think there is a possibility to use the applet because the text in the =
java console:
"UniversalPropertyWrite privilege not enabled".

Can you help me?

Thanks !

Adri=E1n Allende
UniCen
Fac. de Cs. Exactas