Re: Axis and Applet coexistence?

[Bjørn Magnus Mathisen]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi firstly i have two questions, what is "Job Console" and how does one sign a applet? On another note, im working on this from a different angle, im going to hack org.apache.axis.components.logger.LogFactory to not do a "doPrivileged" and also hack it to simply return a fake implementation of org.apache.commons.logging.Log, just in case Log actually needs the doPrivileged thing. as many of you will notice, i have no clue about privileged actions or why they are used, but this is not my main target, i am simply trying to get this to work so that i can test something else:) regards Bjørn Magnus Mathisen Telenor ASA R&D Luis Rivera wrote: > Hi, > > Well, now I found out that I had a bad certificate and a bad > configuration or instalation of the Job Console. After generating a > new certificate and reinstalling my browser I found out that > signing the applet and using the All Permited Seucrity Manager > allows it to work "without the custom security policy file". You > still need to security manager, which is not exactly good and I am > still hoping that this temporal solutions is acceptable for the > clients of out WS. > > Still, I am going to rebuild axis to see if I can get rid of the > logger dependencies that create so much problems for applets. Of > course, if somebody knows an easier way or a shortcut, let me know > :). > > --Luis R. > >> From: Bjørn Magnus Mathisen <[EMAIL PROTECTED]> Reply-To: >> axis-user@ws.apache.org To: axis-user@ws.apache.org Subject: Re: >> Axis and Applet coexistence? Date: Thu, 14 Jul 2005 12:34:38 >> +0200 >> > hi > > i'm currently working on a project heading in the same direction; a > applet running axis-osgi client SOAP calls. i would be really > interested in a source patch or something alike, if you get this > working :) > > regards Bjørn Magnus Mathisen Telenor ASA R&D > > Luis Rivera wrote: > >> Thanks for the reply. I actually did. Using the allow all custom >> security manager that only overrides those two methods work fine >> when the applet is allowed to set a new security manager. But >> that's the problem, to allow the applet to do this I still have >> to add a couple of lines to the policy file or use a new one that >> has those permissions and is loaded when the applet is loaded >> too. > >> I know that should not be a problem if I had complete control of >> what I can install and modify in the client. But in our case, I >> have been told that's a no no, I have to make and break axis to >> let it work in the sandbox What I don't understand is why not to >> alow an option in axis to prevent it from doing things like >> createClassLoader and that kind of stuff that is just prohibited >> in an applet. It works beautifully outside of the applet, no >> problem (ok, after loading and deploying the right stuff in the >> right place). > >> Now I have to make it work in an applet, because the alternative >> cost $2000 bucks per client, so I have to make it work. If any of >> you have any advise that will make my task easier, I will >> greatly appreciate it :). > >> Thanks again, --Luis R. > > >>> From: "Baker, Jay" <[EMAIL PROTECTED]> Reply-To: >>> axis-user@ws.apache.org To: <axis-user@ws.apache.org> Subject: >>> RE: Axis and Applet coexistence? Date: Wed, 13 Jul 2005 >>> 16:43:48 -0500 > >>> Yeah, I don't think the sandbox is going to go for that. I'm >>> pretty sure that you can't give a policy file to your client in >>> an applet. > >>> Did you override #checkPermission (both methods - it is >>> overloaded) with a no-op? That's what worked for us ... along >>> with the signing of course. > >>> -----Original Message----- From: Luis Rivera >>> [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 13, 2005 >>> 4:04 PM To: axis-user@ws.apache.org Subject: RE: Axis and >>> Applet coexistence? > > > >>> Hi, > >>> Well, it seems that with a custom security manager I still have >>> the problem of having to modify the security policy file to >>> allow the applet to use the new security manager. However, in >>> my case I don't think I can go into each axis client's machine >>> to install this new file. > >>> So, I want to ship it (custom policy file) with the cient jar >>> file and if possible upload it along the applet when it is >>> loaded by the browser. However I don't know how to do this, or >>> even if it is possible. It is possible to pass the policy file >>> as a parameters to the appletviewer, but how do you pass it >>> when it is loaded by the browser each time the applet is >>> loaded? > >>> Thansk in advance for any help, --Luis R. > >>>> From: "Baker, Jay" <[EMAIL PROTECTED]> Reply-To: >>>> axis-user@ws.apache.org To: <axis-user@ws.apache.org> >>>> Subject: RE: Axis and Applet coexistence? Date: Mon, 11 Jul >>>> 2005 17:24:50 -0500 >>>> >>>> That's what we did. We installed a custom security manager >>>> that >>>> >>> just grants >>>> access to all. YOu might run into other issues, but the >>>> sandbox >>>> >>> end of >>>> things should be solvable with this kind of an approach. >>>> >>>> -----Original Message----- From: Luis Rivera >>>> [mailto:[EMAIL PROTECTED]] Sent: Monday, July 11, 2005 >>>> 5:21 PM To: axis-user@ws.apache.org Subject: Axis and Applet >>>> coexistence? >>>> >>>> >>>> Hi all, >>>> >>>> I have been reading the posts regarding applets and axis. It >>>> looks >>> like >>>> there is a solution but I am not sure I understand how. I >>>> have a >>> signed >>>> applet and I even unpacked all the library jars files into a >>> single huge >>>> jar file, which I signed and I am using to start the applet. >>>> However, the LogFactory created by the Logging mechanisms is >>>> breaking the >>> applet ... >>>> seems like I need to either hack the library or to use a new >>>> security policy? ... would it be enough to use a custom >>>> security manager? >>>> >>>> Thanks in advance, --Luis R. >>>> >>>> _________________________________________________________________ >>>> FREE pop-up blocking with the new MSN Toolbar - get it now! >>>> http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ >>>> >>>> > >>> _________________________________________________________________ >>> Express yourself instantly with MSN Messenger! Download today >>> - it's FREE! >>> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ >>> > > >> _________________________________________________________________ >> On the road to retirement? Check out MSN Life Events for advice >> on how to get there! >> http://lifeevents.msn.com/category.aspx?cid=Retirement > > >> > _________________________________________________________________ > Don?t just search. Find. Check out the new MSN Search! > http://search.msn.click-url.com/go/onm00200636ave/direct/01/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC23v9QRm7yJAC45gRAs/+AJ9m/Eblwi0ksJ513pbz/IaXWcm4VgCgjNiO 2TEIVz2mpq6YovevNTnK7eI= =w21p -----END PGP SIGNATURE-----