Hello,
I've been going in circles all day trying to use HttpClient in an untrusted
applet to download data from the server through a proxy. Finally, I found a
way to obtain the proxy information in the applet, but the information cannot
be put to use without generating an AccessControlException.
The old version of our code that uses a simple URLConnection works
transparently. It just inherits the settings from the browser. HttpClient
apparently needs the info to be explicitly set, but applet security constraints
get in the way. Is HttpClient not meant to be used in applets? Or only with
trusted applets?
Here's an example of what I'm trying to do:
String urlSpec =
"http://servername/mediawiki/index.php?title=somewikipage";;
HttpClient client = new HttpClient();
try {
// Get the proxy information. This works.
// System.getProperty() calls generate AccessControlExceptions.
ProxyInfo info[] = ProxyService.getProxyInfo(new URL(urlSpec));
if(info != null && info.length > 0 && info[0] != null) {
String proxyHost = info[0].getHost();
int proxyPort = info[0].getPort();
if (proxyHost != null && proxyHost.length() > 0 && proxyPort >
0) {
// Set the proxy info in the host configuration.
client.getHostConfiguration().setProxy(proxyHost,
proxyPort);
}
}
}catch (Exception ex) {
ex.printStackTrace();
System.err.println(
"could not retrieve proxy configuration, attempting direct
connection.");
}
GetMethod method = new GetMethod(urlSpec + "&action=edit");
int responseCode = 200;
String responseBody = null;
// Manually set the cookies.
method.getParams().setCookiePolicy(CookiePolicy.IGNORE_COOKIES);
// Call method which returns the cookies as one string.
String cookies = getCookieString();
if (cookies.length() > 0) {
method.setRequestHeader("Cookie", cookies);
}
try {
responseCode = client.executeMethod(method);
// ... Do stuff with the response.
} finally {
method.releaseConnection();
}
Here are the relevant parts of the stack trace. Note that the
AccessControlException occurs when the get method is executed, not when the
proxy information is set.
Caused by: java.security.AccessControlException: access denied
(java.net.SocketPermission 127.0.0.1:8081 connect,resolve)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at
org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80)
at
org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122)
at
org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at
org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at < -- from: "responseCode = client.executeMethod(method);" -->
Any help would be greatly, greatly appreciated!
Randy S
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
