Applet will not work with SFTP

Question

Applet will not work with SFTP

asked Aug 27, 2006 in Java FTP by RLord321 (560 points)

I'm getting this error when I tried to use the SFTP client in an Applet:

Could not read property 'edtftp.log.level' due to security permissions
Could not read property 'edtftp.log.log4j' due to security permissions
...
...
Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission license.key read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at com.enterprisedt.util.license.LicenseProperties.A(Unknown Source)
at com.enterprisedt.util.license.LicenseProperties.A(Unknown Source)
at com.enterprisedt.util.license.LicenseProperties.<init>(Unknown Source)
at com.enterprisedt.net.ftp.ssh.SSHFTPClient.<clinit>(Unknown Source)
... 3 more

I'm fully aware of applet permissions and the rules, but this applet IS signed. How are you reading this property? I have both the JAR files on the webserver and they are downloaded with my signed applet (or jar ).

Is there a way to disable logging so it won't attempt to read this property or is there any support with connecting from an Applet -- without modifying a policy file on a client's machine since that defeats the whole purpose of an applet.

(Sorry for the bombardment of questions, but I'm about to purchase the PRO product that includes SFTP, but it needs to run in an applet)

Thanks,

11 Answers

Page:

EDT Support · Answer 1 · 2006-08-27T14:11:45+0000

This appears to be a weakness in the library which should be quite easy to remedy. Could you please contact support by e-mail so that we can send you a new jar-file to test?

- Hans (EDT)

RLord321 · Answer 2 · 2006-08-27T15:05:33+0000

I downloaded the new JAR, and I'm getting this error in the Java Console:

Could not read property 'edtftp.log.level' due to security permissions
Could not read property 'edtftp.log.log4j' due to security permissions
Could not read property 'edtftp.log.log4j' due to security permissions
Could not read property 'edtftp.log.log4j' due to security permissions
Could not read property 'edtftp.log.log4j' due to security permissions
Exception in thread "Thread-13" java.security.AccessControlException: access denied (java.security.SecurityPermission putProviderProperty.CryptixEDT)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkSecurityAccess(Unknown Source)
at sun.plugin.security.ActivatorSecurityManager.checkSecurityAccess(Unknown Source)
at java.security.Provider.check(Unknown Source)
at java.security.Provider.put(Unknown Source)
at com.enterprisedt.cryptix.provider.Cryptix.<init>(Unknown Source)
at com.enterprisedt.net.puretls.LoadProviders.init(Unknown Source)
at com.enterprisedt.net.j2ssh.SshClient.<init>(Unknown Source)
at com.enterprisedt.net.ftp.ssh.SSHFTPClient.<init>(Unknown Source)

Can this SFTP be used in an Applet without client modifications?

EDT Support · Answer 3 · 2006-08-28T03:01:08+0000

I'm not sure what you mean by 'client modifications'. edtFTPj/PRO can work inside a signed applet. I know for certain that it can work if you include the contents of license.jar and edtftpj-pro.jar in the same signed jar file that contains your applet code. If you do this then the user will be prompted when the application is loaded. If they opt to trust your applet then SFTP should work. I've just tried this and it worked fine.

Is that what you are trying to do or am I misunderstanding something? If that is what you're trying to do and you're still having trouble then I can send you a sample SFTP applet that you can test on your system. Just write to our support address if you would like a copy.

- Hans (EDT)

RLord321 · Answer 4 · 2006-08-28T13:26:30+0000

Client modifications as in modifying policy files, etc.

In my applet example, I did not include your JAR with my JAR, but I added it in the ARCHIVE, along with my jar.. like this:

<applet>
...
archive="myapplet.jar, license.jar, edt...jar (forgot the exact name)"
...
</applet>

I am signing my jar -- Self signing it (not with Thwarte or Verisign). But yes, that is what I want to do, connect to my OpenSSH server via an applet. I'll have to try it later on today, but I will send the email to get the sample you created.

apawar · Answer 5 · 2009-02-13T17:58:52+0000

so whats the right solution, including the content of edtftpj-pro and license in my applet's jar?

I am about to buy the license, but want to get it to work before proceeding.

Help!

support2 · Answer 6 · 2009-02-13T21:21:35+0000

We've now modified edtFTPj/PRO so that the license can be set programmatically.

e.g.

com.enterprisedt.util.license.License.setLicenseDetails("YourName", "xxx-xxx-xxx-xxx");

so the jar file isn't required any more.

If you are using the trial edition (which has a trial jar):

1) rename license.jar to license.zip
2) unzip it
3) look in the properties file to get the owner ("trialuser") and the key
4) insert into the code above

apawar · Answer 7 · 2009-02-13T21:51:41+0000

I was able to progress from the previous blocker. Thanks.

Here is the new exception I am getting.

Please let me know if any more changes i need to make

java.security.AccessControlException: access denied (java.security.SecurityPermission putProviderProperty.CryptixEDT)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkSecurityAccess(Unknown Source)
at java.security.Provider.check(Unknown Source)

EDT Support · Answer 8 · 2009-02-14T09:19:43+0000

There aren't really any clues as to what's wrong in this stack trace. Does this happen (1) when the class is loaded, (2) when you connect to a server, or (3) when you transfer a file?

When you enable logging to console (see dev-guide), is anything written to the Java console? If so, please post the log.

If you're really stuck then you might like to send us a sample project illustrating this problem.

- Hans (EnterpriseDT)

apawar · Answer 9 · 2009-02-17T21:23:41+0000

I was initially using "com.enterprisedt.net.ftp.ssl. SSLFTPClient" which was throwing that error.
After going through other FTP options - I changed it to "com.enterprisedt.net.ftp.pro.ProFTPClient"
This got rid of the error, but my applet was still not deployed, due to inconsistency of certificates being used.

Since its an applet, with other jars. EDTFTPj-pro has its own certificate.
All these jars had to be consolidated to use one certificate. I created a fake certificate for development.

After correcting that, I was able to deploy the applet succesfully

Thanks
Abhishek

Applet will not work with SFTP

Please log in or register to add a comment.

Please log in or register to answer this question.

11 Answers

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Categories