Date: Mon, 10 May 1999 09:59:07 -0400
From: "Erik D. Fields" <efields@skyline.external.hp.com>
To: java-security@java.sun.com
Subject: java name resolution problem
I have a question involving JDK1.1.5 running under Netscape 4.5
on any platform. Here is our scenario:
We have a webserver named "1stop.blah.blah.com". There is a
dns server named "ns.blah.blah.com". There is a client named
"client.blah.blah.com". A user connects to the webserver fine,
and gets an applet. The applet then opens a URL connection
to get an Image (using ImageIcon from swing1.1), using the
following URL: "http://1stop.blah.blah.com/images/image.gif".
The JVM throws a security violation:
Couldn't resolve IP for 1stop.blah.blah.com
Here's the kicker: if you do a nslookup or ping from the client
on 1stop.blah.blah.com, it finds it without a problem. Why is
there a security violation? Is it because the hostname starts
with a "1" (1stop)?
Other notes: If you rename the URL to "larry.blah.blah.com",
a security violation is not thrown. If you use the IP address,
no violation. NOTE: The machine's name is larry.blah.blah.com,
but we are using virtual servers, with one being "1stop.blah.blah.com".
-- Erik D. Fields SW Engineer (contract non-HP employee), Hewlett Packard EMAIL (h): erik_fields@mindspring.com EMAIL (w): efields@skyline.external.hp.com PHONE (w): (404)-774-4023