Hello!
I’m having trouble setting my game Applet to work. I keep getting java.security exceptions:
[java]java.security.AccessControlException: access denied (java.util.PropertyPermission user.dir read)[/java]
That are thrown when I try to attach my loadled .obj model to the rootNode.
I’ve tried to sign my jars (data.jar, code.jar, lwjgl_util_applet.jar, lzma.jar) using keytool and jarsign (I used this example: Link) but it didn’t solve my problem.
What am I doing wrong?
Thanks!
When you attach the model to the rootNode? There is no reason why jme3 should try and access the user directory then. If the applet starts then jme3 works and extracted everything it needs to. You sure its not your code doing something with temp files or so?
You’re right, I didn’t saw a line in the stack trace.
The problem is here:
[java] File xmlFile = new File(“assets\Configuration\sceneLoader.xml”);
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
Document doc = db.parse(xmlFile);
[/java]
when I try to parse the XML file.
Yeah, you used a File instead of the AssetManager or class path to load that data. Generally this can only work in the SDK, accessing the assets folder directly like that (and only on windows for that matter) – there is no assets folder later in the game, its compressed into the assets.jar and added to the class path. Use this.getClass().getClassLoader().getResource(“Configuration/sceneLoader.xml”); (with proper forward slashes for the folder :P) to get an URL to the file. You could also register a text file loader with the AssetManager.
Ok, I’ve used the URL like:
[java]
URL fileURL = app.getClass().getClassLoader().getResource(“Configuration/sceneLoader.xml”);
Document doc = db.parse(fileURL.openStream());
[/java]
And although some Info is read, the final model gets all scrambled
So you probably have bugs in your software, the initial issue seems to be resolved.
Yes it is, thank you for the fast support!
Ok, so I replaced the loader code for:
[java]
Node currentObject = (Node) assetManager.loadModel("Models/Test2/Test2.obj");
[/java]
And generated the applet. When running I get the following error:
[java]
Exception in thread "LWJGL Renderer Thread" java.security.AccessControlException: access denied (java.util.PropertyPermission user.dir read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.io.Win32FileSystem.getUserPath(Unknown Source)
at java.io.Win32FileSystem.resolve(Unknown Source)
at java.io.File.getCanonicalPath(Unknown Source)
at java.io.File.getCanonicalFile(Unknown Source)
at com.jme3.asset.plugins.FileLocator.setRootPath(FileLocator.java:61)
at com.jme3.asset.ImplHandler.tryLocate(ImplHandler.java:120)
at com.jme3.asset.DesktopAssetManager.loadAsset(DesktopAssetManager.java:237)
at com.jme3.asset.DesktopAssetManager.loadModel(DesktopAssetManager.java:376)
at com.jme3.asset.DesktopAssetManager.loadModel(DesktopAssetManager.java:386)
at com.xxxSoft.residencetour.application.ResidenceTourApp.loadScene(ResidenceTourApp.java:80)
at com.xxxSoft.residencetour.application.ResidenceTourApp.simpleInitApp(ResidenceTourApp.java:224)
at com.jme3.app.SimpleApplication.initialize(SimpleApplication.java:230)
at com.jme3.system.lwjgl.LwjglAbstractDisplay.initInThread(LwjglAbstractDisplay.java:129)
at com.jme3.system.lwjgl.LwjglAbstractDisplay.run(LwjglAbstractDisplay.java:205)
at java.lang.Thread.run(Unknown Source)
[/java]
Can someone please help me to solve this?
Since you have “at com.jme3.asset.plugins.FileLocator.setRootPath(FileLocator.java:61)” in that you still seem to register a FileLocator with the assets folder. As said, the assets from the assets folder are on the class path, no need to register a locator.
I was having trouble signing the generated code.jar but I’ve passed that problem, wich solved that exception. But now I have a different one:
[java]
Exception in thread “LWJGL Renderer Thread” java.lang.IllegalArgumentException: Given root path “C:\Users\joao\AppData\Local\Google\Chrome\Application\14.0.835.187\assets” not a directory
at com.jme3.asset.plugins.FileLocator.setRootPath(FileLocator.java:63)
at com.jme3.asset.ImplHandler.tryLocate(ImplHandler.java:120)
at com.jme3.asset.DesktopAssetManager.loadAsset(DesktopAssetManager.java:237)
at com.jme3.asset.DesktopAssetManager.loadModel(DesktopAssetManager.java:376)
at com.jme3.asset.DesktopAssetManager.loadModel(DesktopAssetManager.java:386)
at com.xxxSoft.residencetour.application.ResidenceTourApp.loadScene(ResidenceTourApp.java:80)
at com.xxxSoft.residencetour.application.ResidenceTourApp.simpleInitApp(ResidenceTourApp.java:224)
at com.jme3.app.SimpleApplication.initialize(SimpleApplication.java:230)
at com.jme3.system.lwjgl.LwjglAbstractDisplay.initInThread(LwjglAbstractDisplay.java:129)
at com.jme3.system.lwjgl.LwjglAbstractDisplay.run(LwjglAbstractDisplay.java:205)
at java.lang.Thread.run(Unknown Source)
[/java]
lalalalalalalalalalalalalalalalala
^— to me it feels I could have posted this as well, you don’t seem to read my posts.
Ok, you are right, at the first glance I miss interpret what you wrote. Please forgive me but I’m tired from a long working journey…
Ok I’m going to revive this thread…
I’ve been able to setup my applet correctly, so that if i tried to run it from a double-click on the index.html file, the applet is loaded in the browser.
My problem is when I put it into the www folder of my server and try to access it via IP. When I do this, all the jars are loaded and at the end I get this error:
[java]
This occurred while ‘Extracting downloaded packages’
Unable to validate certificate chain. Chain differs in length [1 vs 4]
java.lang.Exception: Unable to validate certificate chain. Chain differs in length [1 vs 4]
at org.lwjgl.util.applet.AppletLoader.validateCertificateChain(AppletLoader.java:1439)
at org.lwjgl.util.applet.AppletLoader.extractNatives(AppletLoader.java:1414)
at org.lwjgl.util.applet.AppletLoader.run(AppletLoader.java:748)
at java.lang.Thread.run(Unknown Source)
[/java]
I have all my jars signed with the same certificate that I’ve created with:
Create the keystore: [java]keytool -genkey -keystore myKeyStore -alias mycert[/java]
Create the certificate: [java] keytool -selfcert -keystore myKeyStore -alias mycert[/java]
And then, for all my jars, I use jarsigner to sign them:
[java]jarsigner -keystore myKeyStore jarfile.jar mycert[/java]
What am i doing wrong?
Why do you want to sign it with your own key? The current nightly is using the latest version of the lwjgl applet which comes with a valid key that reads “lwjgl”. Anyway, applets are not meant to write stuff to the users disk. You simply should not do that from an applet. You can use the new SaveGame class or java.util.Preferences to save data. Also, you have to sign the jars in the “dist/Applet” directory, not the normal application jar files.
If I just build my project and get on the Applet contents inside dist folder, and place them into my server, the problem remains the same.
The signing part was an attempt to solve the problem.
I’m using an out of the box WAMP server, can the problem be in the server configs?
As I said the problem isn’t with the applet its with your attempt to write to user directories. What you want to do works much better with WebStart applications. For a primer on Applets and restricted access see the oracle homepage: http://download.oracle.com/javase/tutorial/security/tour1/index.html
For info about signing parts of the lwjgl app see the lwjgl homepage: http://lwjgl.org/forum/index.php?topic=3003.0
joaocartaxo said:
[java]
This occurred while 'Extracting downloaded packages'
Unable to validate certificate chain. Chain differs in length [1 vs 4]
java.lang.Exception: Unable to validate certificate chain. Chain differs in length [1 vs 4]
at org.lwjgl.util.applet.AppletLoader.validateCertificateChain(AppletLoader.java:1439)
at org.lwjgl.util.applet.AppletLoader.extractNatives(AppletLoader.java:1414)
at org.lwjgl.util.applet.AppletLoader.run(AppletLoader.java:748)
at java.lang.Thread.run(Unknown Source)
[/java]
...
What am i doing wrong?
That error usually means that some jars are signed by more than one certificate. Do remember resigning a jar with a different certificate won't clear out any existing certificates but will add to the number of certificates in the jar. The above error tells you that lwjgl_util_applet.jar has one certificate while windows_natives.jar has four certificates hence the failure. Multiple certificates in a jar file are bad as they will lead to multiple security dialogs shown to end users (one for each certificate), at most you only want to show them one.
The easiest way to just clear out the certificates from a jar is open it in a zip program and delete the 'META-INF' folder this will clear all certificates from the jar. Then you can just resign it.
p.s. Just an observation, it seems you are using an old version of the LWJGL AppletLoader (lwjgl_util_applet.jar) probably from LWJGL 2.7.1, the one from 2.8+ will give you a different message.
you can also try to loosen the permissions in your jnlp file by including a security section:
[xml] <security> <all-permissions/> </security>[/xml]
I’m sorry for the late response,
The problem is solved, I realized that if I used the Complete Server Name instead of the :80, the certificate problem did not show and the applet loaded correctly.
Now I’m using the applet out-of-the-box as it’s generated from the jmp.
Thank you all for the help!