I have a self signed applet running in the browser, this applet should create a directory on the client machine using this code.
boolean success = (new File("myDir")).mkdirs();
if (!success) {
System.err.println("Directory creation failed");
}
However, when I run it in the browser (under Apache) and after accepting all the security warnings I can't find myDir directory on my machine.
Am I doing something wrong?
I guess you are not looking at the right place...
Given your code snippet, this directory will be created in the current working directory. To be sure where that is on your machine just try to see what the following code gives out :
System.out.println(System.getProperty("user.dir"));
You're not giving it an absolute path so it's creating myDir in the working directory that the browser runs it in, probably a temp dir, or even a "sandbox" area in some browsers.
Because you run applet in sandbox, so You cannot access into user machine resource.
Please see document:
Applet security
Related
My java app runs fine stand-alone. But when I run it as a Java Web Start app, it starts up but fails when I click a certain button. I couldn't figure out how to debug it so thought I'd add logging. That caused permission denied error and wouldn't even start up.
To try and solve that problem, I added
permission java.util.logging.LoggingPermission "control"
to the C:\Program Files\Java\jre1.8.0-171\lib\security\java.policy file and the C:\Program Files\Java\jdk1.8.0-171\jre\lib\security\java.policy file. Restarted the Apache HttpServer and tried again. Same result.
Next I added the following line to the same two files:
permission java.security.AllPermission;
Same result.
Next I self-signed the jar file. Same result.
Next I added
<security><all-permissions/></security>
to the dynamically generated .jnlp file. This time I got a new message:
"unsigned application requesting unrestricted access to system"
A jarsigner verify confirms the jar file has been signed:
jarsigner -verify myjarfile.jar
jar verified.
I don't know what else to try. Suggestions?
First of all, there needed to be a ";" after "control". I don't know if that would have fixed the problem in itself but I found a parsing error for it in the log file. Meanwhile, I had changed all my "logger" commands back to System.out.println commands.
Next I checked "Enable tracing" and "Enable logging" in the Advanced tab of the Java Control Panel.
Then, in a DOS shell, I navigated to the location of myjnlp.jnlp file and entered the following commands:
set JAVAWS_TRACE_NATIVE=1
set JAVA_TOOL_OPTIONS=-Xdebug -Xnoagent -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=8000
javaws myjnlp.jnlp
That caused log files to be created in the home directory at C:\Users\Greg\AppData\LocalLow\Sun\Java\Deployment\log
where I could then see what was going on.
Unfortunately a new problem. See code below:
File source = new File(localFilename);
File dest = new File("C:/E360/CadIntegration/" +localFilename);
try {
Files.copy(source.toPath(),dest.toPath());
msg = "Because IP was blank, file was copied to C:/E360/CadIntegration";
} catch (IOException ex) {
msg = "problem copying " +source.toPath() +" to " +dest.toPath();
System.out.println("uploadCadChanges: " +msg +", IOException is "+ex.getMessage());
}
If I run the app using javaws, it works perfectly, the file is copied over successfully. But if I run it from the web page it fails with the IOException and ex.getMessage() just says "CadChanges.txt". Real helpful.
I found the reason. When run from a web page, the current working directory is changed to current dir = C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99 but when run from javaws, it isn't. The solution was to pass the current directory to the .jnlp file via an argument tag and have the app change the cwd to it.
I'm creating .csv file and placing it in one location.
String location = "/APPL_TOP2/IMDD/apps/apps_st/appl/xxfin/12.0.0/bin/xe.csv";
Using exact path working fine on Windows but I need it to work on Linux client too.
String location = "$XXFIN_TOP\\12.0.0\\bin\\xe.csv";
If I'm using relevant path on Linux it is not working, showing Error
SQL*Loader-500: Unable to open file(/APPL_TOP2/IMDD/apps/apps_st/appl/xxfin/12.0.0/bin/xe.csv)
SQL*Loader-553: file not found
SQL*Loader-509: System error: No such file or directory
" Client is asking any option to pass relevant path client machine is Linux"
Paths in Linux have slashes which go the other way. So it should be this:
$XXFIN_TOP/12.0.0/bin/xe.csv
I'm getting a different result for Files.exists(path) to path.toFile().exists() for a local file on Windows. I can see this file in Windows Explorer although I have (randomly) modified permissions and perhaps the permissions do not make sense.
However this doesn't explain why the old method returns true and the new methods returns false. The file definently exists but maybe it is invisible to the user running the Java code, so I'm not sure what the correct answer should be. Nor can I see how to see which user is running the code, there is only one real user Paul on the computer, but I'm wondering if whether if run as administrator or not effects things.
System.out.println("Path Exists(1):"+Files.exists(path));
System.out.println("Path Exist(2) :"+path.toFile().exists());
gives
Path Exists(1):false
Path Exist(2) :true
Also
System.out.println("Path readable(3) :"+Files.isReadable(path));
System.out.println("Path readable(4):"+path.toFile().canRead());
works in same way giving
Path readable(3) :false
Path readable(4):true
Permissions output
File C:\Code\jthink\opensrc\jaudiotagger\testdata\test157.dsf permissions
owner:PCLAPTOP\Paul
NT AUTHORITY\SYSTEM:READ_DATA/WRITE_DATA/APPEND_DATA/READ_NAMED_ATTRS/WRITE_NAMED_ATTRS/EXECUTE/DELETE_CHILD/READ_ATTRIBUTES/WRITE_ATTRIBUTES/DELETE/READ_ACL/WRITE_ACL/WRITE_OWNER/SYNCHRONIZE:DENY
BUILTIN\Administrators:READ_DATA/WRITE_DATA/APPEND_DATA/READ_NAMED_ATTRS/WRITE_NAMED_ATTRS/EXECUTE/DELETE_CHILD/READ_ATTRIBUTES/WRITE_ATTRIBUTES/DELETE/READ_ACL/WRITE_ACL/WRITE_OWNER/SYNCHRONIZE:DENY
BUILTIN\Administrators:READ_DATA/WRITE_DATA/APPEND_DATA/READ_NAMED_ATTRS/WRITE_NAMED_ATTRS/EXECUTE/DELETE_CHILD/READ_ATTRIBUTES/WRITE_ATTRIBUTES/DELETE/READ_ACL/WRITE_ACL/WRITE_OWNER/SYNCHRONIZE:ALLOW
NT AUTHORITY\SYSTEM:READ_DATA/WRITE_DATA/APPEND_DATA/READ_NAMED_ATTRS/WRITE_NAMED_ATTRS/EXECUTE/DELETE_CHILD/READ_ATTRIBUTES/WRITE_ATTRIBUTES/DELETE/READ_ACL/WRITE_ACL/WRITE_OWNER/SYNCHRONIZE:ALLOW
BUILTIN\Users:READ_DATA/READ_NAMED_ATTRS/EXECUTE/READ_ATTRIBUTES/READ_ACL/SYNCHRONIZE:ALLOW
NT AUTHORITY\Authenticated Users:READ_DATA/WRITE_DATA/APPEND_DATA/READ_NAMED_ATTRS/WRITE_NAMED_ATTRS/EXECUTE/READ_ATTRIBUTES/WRITE_ATTRIBUTES/DELETE/READ_ACL/SYNCHRONIZE:ALLOW
c:\Code\jthink\opensrc\jaudiotagger>attrib C:\Code\jthink\opensrc\jaudiotagger\testdata\test157.dsf
A R C:\Code\jthink\opensrc\jaudiotagger\testdata\test157.dsf
Update
I dont have a conclusion but thought this information could be useful.
I was running code in IntelliJ IDE without the IDE Run program as Administrator option enabled, enabling this did then cause the Java application to also get the administrator privileges.
Interesting for another file I didn't add any DENY privileges, I just disabled inherit permissions and remove READ permissions from all groups. Then when I ran as user without run as admin enabled it could not read the file and also this code could not any output any information
AclFileAttributeView view = Files.getFileAttributeView(path, AclFileAttributeView.class);
if (view != null)
{
sb.append("Owner:"+view.getOwner().getName()+"**");
for (AclEntry acl : view.getAcl())
{
sb.append(acl.principal()+"**");
for(AclEntryPermission aep:acl.permissions())
{
sb.append(aep.toString() + "**");
}
}
}
but when I run with Run program as adminstrator enabled it still couldnt read the file, but the above code did now output some of the permissions as follows:
Owner:BUILTIN\Administrators
NT AUTHORITY\SYSTEM:WRITE_DATA/APPEND_DATA/WRITE_NAMED_ATTRS/WRITE_ATTRIBUTES/SYNCHRONIZE:ALLOW
PCLAPTOP\Paul:WRITE_DATA/APPEND_DATA/WRITE_NAMED_ATTRS/WRITE_ATTRIBUTES/SYNCHRONIZE:ALLOW
BUILTIN\Administrators:WRITE_DATA/APPEND_DATA/WRITE_NAMED_ATTRS/WRITE_ATTRIBUTES/SYNCHRONIZE:ALLOW
as you can see even though Administrators do not have READ or READ PERMISSIONS options they can output the permissions whereas before they couldn't, perhaps due to BUILTIN/Administraor being returned as owner.
Try reading this:
https://docs.oracle.com/javase/tutorial/essential/io/check.html
It states that, Files.exists(path) returning false does not mean that it does not exist, so yeah it would seem there is a permission problem. Try the Files.notExists(path) as well and see what it returns. If it is false it means that it can not be determined whether the file exists, but if it returns true, there is probably some problem in your code.
Try running your file from the command line instead of netbeans. If you don't know how to do this you can just search google, there is tons of stuff on this, but basically what you want to do is to compile the .java file with javac myfile.java and then run it with java myfile. Do this with a normal command prompt and one you open as administrator and see what you get.
Theses are two different methods: Files.exists() and path.toFile().exists().
Files.exists() defines that file denoted by this abstract pathname exists. In other words that file exists and user has READ access to it.
path.toFile().exists() indicates the file exists then there is no guarantee that a subsequence access will succeed. In other words file exist without checking that user has READ access to it.
It really depends on user which runs the program. When you work under your ID (Paul) it works fine. Especially in command line where you gan you ATTRIB command.
However, when you use some other application to run your code it depends on the system configuration. Run this ATTRIB or similar command inside your application and you will see.
I think you run some web site under IIS. This way is usually configured for lowest level user in the system with almost no rights to prevent security breaks. Usually it is everyone or NT AUTHORITY. As I can see this particular access has no rights to read your file
NT AUTHORITY\SYSTEM:READ_DATA/...:DENY
Naturally you have 2 different answers - FALSE: user which ID is used by running application cannot read this file, TRUE: file physically exist.
Change running ID for your application or grant READ access to everyone for this particular file including all directories in its path and you will have the same result in this two methods which check different meanings.
We try to access file under some folder, in WinXP, that folder can be local disk or mapped network drive. But when we change our program to run on Windows 2008 R2, it can access local disk, but no mapped network drive. The mapped network drive had checked for login with proper user.
We try in explorer, the mapped drive can Read/Write as we wished, but Java just show "Folder doesn't exist"
Here is our code, any suggestion will be appreciated.
#import java.io.File;
...
File folder = new File(folderPath);
if(!folder.exists()){
// do something
log.debug("Folder doesn't exist");
} else {
// do something else
}
...
Mapped drive may be not found for current user. For example, if you start some jar executable as administrator it may not find network drive which was mapped under user credentials. In a word, it can be a user identification problem.
I've had this problem with Windows Server 2008 64bit and had no luck using a path with network letter (e.g. X:\EXAMPLE\PATH). Using full network paths (\\SERVER\EXAMPLE\PATH) was ok. The path should be accesible to the user who will run the program.
i am getting a problem
i have deployed a war file, when i run localy through tomcat it works fine but when i run on another system by giveing my system ip and then project folder e.g
http:\192.168.0.145\DllTest it loads the applet but when i click on a button to load the functionality it is throwing an exception
Exception in thread "AWT-EventQueue-3" java.lang.UnsatisfiedLinkError: Expecting an absolute path of the library: http:\192.168.0.145:8080\DllTest\lib\jinvoke.dll
while it is working fine localy but not in another system. Please tell me what is the problem.
Is it a rights issue or something else.
You cannot load a DLL on an external host. It has to be an absolute disk file system -as the exception message already hints. Your best bet is to download it manually, create a temp file and load it instead.
File dllFile = File.createTempFile("jinvoke", ".dll");
InputStream input = new URL(getCodeBase(), "lib/jinvoke.dll").openStream();
OuptutStream output = new FileOutputStream(dllFile);
// Write input to output and close streams the usual Java IO way.
// Then load it using absolute disk file system path.
System.loadLibrary(dllFile.getAbsolutePath());
dllFile.deleteOnExit();