JRE :: Changing Default Security Levels
Dec 21, 2014
I have several Windows 7 Enterprise machines that have already been deployed via image and need to lower the security settings for use on internal web based applications.
Is there an easy way to manipulate the configuration (a file) so that I may simply make the changes by overwriting the current configuration settings instead of, having to go to each device, opening the Java console, and changing the security settings that way?
I have attempted to login as the machine administration, make the changes on the Java console with the hopes this configuration would have migrated to all user profiles that log into the PC. Is there a "public profile" configuration file I can change and if so, what should I do.
View Replies
ADVERTISEMENT
Apr 6, 2014
I am trying to write a code for a game HiLo, where i want to add 3 different levels:
easy (1-10)
medium (1-100)
hard(1-1000)
Where the user can choose before the game starts. After that the game is finished i want even to write how many guesses the player used on the screen.
View Replies
View Related
May 22, 2015
I am a beginning programmer and was learning how to make an XML. It was for a simple game and only needs to hold the highscores of three different levels. Here is what I coded:
try {
OutputStream fout= new FileOutputStream("highScores.xml");
OutputStream bout= new BufferedOutputStream(fout);
OutputStreamWriter out = new OutputStreamWriter(bout, "8859_1");
[code]....
My issue is that I run this code every time I create the program and the scores are reset to 0. How can I make a small change so that I only run this block of code and create the XML the first time the program is run?
View Replies
View Related
Apr 25, 2014
I will try to explain what i want to code , a HiLo game where the user can choose up to 3 different levels(1-10, 1-100, 1-1000) with these 3 methods
public static void main(String[] args) {...}
public static int playGame(int maxNumber) {...}
public static void giveResponse(int answer, int guess) {...}
with no Random , i will use the:
int number = (int)(Math.random() * max) +1; to generate numbers
I have tried so many times , but i don't get it ....
My code so far :
import java.util.Scanner;
public class HL{
public static void main(String[] args ){
Scanner s = new Scanner(System.in);
[Code] ....
View Replies
View Related
Feb 26, 2014
I have a simple applet that doesn't stray outside the sandbox. It used to work fine before Java 7 but now it craps out with security warnings. It does nothing but play a game, it doesn't even save the state of the game. This is the applet, it's a very simple chess program.
The warnings and popups I'm getting are:
activate javaTM platform SE 7U?allow now?activation blocked by security settings - I never changed any security settings and as I said, this applet stays firmly in the sandbox so I can't see what the issue is.Viewing the java error window I see
Java Plug-in 10.51.2.13
Using JRE version 1.7.0_51-b13 Java HotSpot(TM) Client VM
User home directory = C:UsersMike
----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
[code]....
why it shows the C:UsersMike directory in the above listing, there is no access to files etc.The applet plays fine if I run it in appletviewer.What do I need to do to make this simply work in anyone's browser? I have a similar problem with a (rather funky) Connect 4 program I wrote. It worked fine for years and then just stopped with the Java 7.
View Replies
View Related
Jan 29, 2015
I know that Servlets are meant to do the JDBC tasks, JSP are only for displaying the final information forwarded by the Servlet.
JSP are Servlets too, but I heard an idea that it is safer to make database operations in a Servlet.
The idea is that I have a few JSP that use JSTL tags to retrieve some database information. By doing this I was concerned that this may be bad design, though I really wanted to get in fit with the JSTL tags.
Are there any security weaknesses if doing some JDBC stuff in a JSP, by using JSTL or plain Java code in <%...%>?
P.S. In my JSP I only retrieve data, not modifying it.
View Replies
View Related
May 12, 2014
I have JSP application naming myProject ,which has been deployed in webapp folder in tomcat. I want to provide security for myProject folder. I mean, I want to protect it from copying by someone else. Is there any way to do the same. I tried by hiding the folder using one of hiding software, but when I do that, I was not able to access those files in web browser.
View Replies
View Related
Jun 3, 2015
I wanna run apps using an outdated version of Java and not have it stop me for security certificates.
View Replies
View Related
Dec 8, 2014
I have made a very simple Java applet.
<HTML>
<BODY>
<CENTER>
<APPLET CODE="HelloWorldApp.class" WIDTH="862" HEIGHT="512"></APPLET>
</CENTER>
</BODY>
</HTML>
But when i try to open it i get the message: Application Blocked. Click for details.
- The list i see doesn't work
- If i click Ignore nothing happens
- If i click reload nothing happens
When i read and search the net i have to change my java security settings. The security setting are HIGH and i cannot change that.But i can fill in an Exception Site List...The hello.html file is on my NAS : file:///X:/Lantronix/hello.html..I fill this in the exception Site list -> I get a message that it is a security risk to add this location.
View Replies
View Related
Nov 13, 2014
I've been building out a course lab project over the last few weeks, and at the time (with what we knew), it made sense to use a session level ResourceBundle to facilitate translations.
In order to validate if there is a session level ResourceBundle, I have a filter running (checking if the bundle exists, creating one if not, etc...).
The problem I now have is the final step of the project (the part most recently taught), is to add Declarative Security.
Of course, when that happens the login.jsp is called and the Filter doesn't run. It's not a problem for most scenarios, except for someone who bookmarks a link inside the secure part of the site. Then, the ResourceBundle doesn't exist and the login.jsp content that should be translated is "".
Is there a way to indicate via the web.xml that a specific Filter should be allowed before the login.jsp is displayed?
I imagine JSTL:FMT is probably the best solution, but we don't cover that until after the lab is due. I have a (messy) short-term solution of creating a temporary ResourceBundle in the login.jsp via a scriplet if the session scope ResourceBundle is null, but I was wondering if I missed something with the web.xml.
View Replies
View Related
Feb 12, 2014
I am using AES/CBC/PKCS5Padding algorithm to encrypt/decrypt, it works fine across machines, since i am not using a Facrtory to create the secret . I am using constant SecretKeySpec and iv for the ciphers. This of course heart the security , and doesn't prevent the "man of the middle" problem .
I saw that there are ways with key generation with MAC , and RSA symmetric encryption , but i am not sure how to implement it , and how to it depends on local certificates or files .
View Replies
View Related
Oct 6, 2014
I have an FX application which invokes a REST JSON webservice. It works perfect if I run it standalone. But if I try to run it over browser, it throws java security exception.
It also works fine in web if I comment some lines that invokes the webservice (code that calls the webservice using jackson.)
Java version used is JDK 1.7u67
IE plugin version : 7.0.670.1
Error log :
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessDeclaredMembers")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
[Code] .....
Jnlp File:
<?xml version="1.0" encoding="utf-8"?>
<jnlp spec="1.0" xmlns:jfx="http://javafx.com" href="uibuilder.jnlp">
<information>
<title>UI Builder</title>
<vendor>javafx.com</vendor>
<description>XEye UI Builder</description>
[Code] ....
View Replies
View Related
Dec 15, 2014
I need to write a simple client to access a WS. Things I can not do :
Modify the serverAdd external jars
The client will be part of a command line call and will run as a stand alone.
I've been searching all day and have found hundreds of vague, overly complex examples, mostly based on SOAPHandler (which tells me I need to install server components which I cannot do). I grasp the general requirements but am having difficulty figuring out how to add the security elements to the header.
What do I need to do to add the username and password tokens to the header?
This is where I am so far.
package findingLetter;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import javax.xml.namespace.QName;
import javax.xml.soap.MessageFactory;
[Code] ....
View Replies
View Related
Apr 10, 2014
I have been trying to implement a alphanumeric security code in JAVA. Here are my specifications:
1) Numbers and letters
2) There is user input
3) In the format of NNN-LL-NNNN where N=Numbers and L=UPPERCASE letters
4) If it is incorrect print out INVALID CODE
5) If it is correct print out VALID CODE
Here is what I have produced so far...
import java.util.*;
import java.io.*;
//Class Declaration
class WorkingWithStrings
{
//Main Method
public static void main(String[] args)
{
//Takes input from user
[Code]...
I have taking the approach of invoking a separate method that will check the validity of the security code. However I am having an issue with creating a statement that checks if the middle two characters of the security code are capital letters. This could possibly tie in with my understanding of strings.
View Replies
View Related
Jan 30, 2014
I have to validate security number based on tHIS REQUEST
If the SECURITYNNUBER IS INVALID UNDER THE SECURITYNUMBER attribute,it must reject(Date & algorith). To override the normal validation,the subject must contain INVALIDSECURITYNUMBER. The incorrect ID number must still reflect in the SECURITYNUMBER attribute.
THE FIRST 6 DIGIT IS DATE
EXAMPLE 7701205334086
public boolean val_SECURITYNUMBER()
{
boolean flag = true;
String u_Securtynr = transactionFile.getS_securtynumber();
// 1. Invalid securty number if completed
if(!isBlank(u_Securtynr))
[Code] .....
View Replies
View Related
Jul 10, 2012
I have been trying to find all day long a way to secure my .ear file from modifications made by third parties... My product is packaged as an .ear file which i send for deployment to other administrators. What i am looking for is a way to "sign" my version of .ear versus the deployed version of .ear to be sure that no modification has been made to my code...
View Replies
View Related
Nov 27, 2013
I have followed the Java tutorial on JAAS Authentication and Authorization. All the sample code in the tutorials works fine also when running under a security manager. Now I am trying to modify the LoginModule class, so that it uses a password file to look up users and passwords, but as soon as I try to run the code under a security manager, I get a Security Exception. I suppose it has something to do with the code havent been granted any access to read the password file? So I tried to add this to the policy file:
grant codebase "file:./sample/module/-" {
permission java.io.FilePermission "sample/module/passwords.txt", "read";
};
It didn't do any difference. why I get this Security Exception?
The only difference from my code to the tutorial code, is that I have added the lines:
Scanner scanner = null;
try {
scanner = new Scanner(new File("src/sample/module/passwords.txt"));
} catch (FileNotFoundException e) {
e.printStackTrace();
}
to the login() method of the SampleLoginModule class...
View Replies
View Related
Aug 15, 2014
I am working on an Eclipse based project that uses WTP Eclipse plugin. Since I have switched security on in that plugin (by checking "Enable Security" check box on) I'm having multiple problems. I get a stack of security errors - attached in this post. I also show my java.policy file. Because the of the mass exceptions I list only the top, although I have attached a docx file with full thing.
Here is my java.policy file:
grant codeBase "file:${catalina.base}/wtpwebapps/App/WEB-INF/lib/hibernate-core-4.3.5.Final.jar" {
permission java.util.PropertyPermission "*", "read, write";
};
grant codeBase "file:${catalina.home}/lib/catalina.jar" {
permission java.lang.RuntimePermission "*";
[Code] ....
Exceptions:
15/08/2014 10:12:43 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path:
C:Javajdk1.6.0_33�in;C:WINDOWSSunJava�in;
C:WINDOWSsystem32;C:WINDOWS;
[Code] .....
View Replies
View Related
Sep 12, 2014
I have tried running the java application without adding the site to site list in java security tab. But I get a sand box message as APPLICATION BLOCKED BY SECURITY SETTINGS. How to run the java application without adding the site to site list in java security tab.
View Replies
View Related
Nov 2, 2014
The LocalStudent class inherits the Student class. The IDE states an error of "no default constructor in Student class".I understand that if a LocalStudent object is created, the default constructor of its superclass (aka Student class) will be called implicitly.there is no LocalStudent object being created, so why is the default constructor of Student being called ?
The default constructor of LocalStudent is also overloaded by the created no-arg constructor containining subjects = null; . So there is no call to the superclass default constructor from the default constructor of LocalStudent.
public class Student {
private char year1;
public Student(String name, char year){
year1 = year;
}
public char getYear(){
return year1;
[code]...
View Replies
View Related
Mar 28, 2015
I am new in java. Is there any difference between protected or default when we are talking about one package?
View Replies
View Related
Feb 4, 2014
Will I'm tying in my code to set a default number for the JTextField that when the user decide not to put any numbers. Like let say that I want the textfield set to 0 , so then the user do not file it it won't make any problem to the program because its already has a default number.
if (stringGQ != null && stringGW != null && stringGP != null){
stringGQ = gMQ.getText();
stringGW = gMW.getText();
stringGP = gMP.getText();
weightPrice_1M = Double.parseDouble(stringGW) * Double.parseDouble(stringGP);
[Code] .....
Note: This is a small part of my code. when I leave it empty it take the 0 as a value, However, when I write in text field it also take the value of a 0 and the finalTotal is also = to 0.what I'm doing wrong.
View Replies
View Related
Mar 31, 2014
what is default literal for Boolean data type?
View Replies
View Related
Oct 8, 2014
ArrayList l = new ArrayList();
System.out.println(l.size());
When I running the above code in eclipse the console show me the result as "0". So how to rectify this code to find default size as 10.
View Replies
View Related
Feb 7, 2014
interface I1{
void show();
void display();
default void put(){
System.out.println("I am from interface I1");
[Code] ....
This code is not working..
View Replies
View Related
Mar 21, 2014
class Course
{
String courseName;
}
class Entry
{
public static void main(String[] args)
{
Course c = new Course();
c.courseName="java";
System.out.println(c.courseName);
}
}
I have defined these two classes under same java project in Eclipse IDE with no package. Above two class are having default classes. class Course is also having a instance variable courseName with default access. So when we try to compile the Entry class it will give the errors while accessing the instance variable courseName on Line 6 and 7. As both the classes are having default access modifier. class Course is not visible to class Entry, then why we do not get any compilation error while creating the object of class Course on line 5?
View Replies
View Related
