Applet security


I have done a small application that I just converted to an applet. I signed it with a certificate I generated myself. When I load the html page I get a popup asking me to accept the certificate so everything seems fine there. What makes this even more strange is that it has worked a few times, however most of the times I get the message listed below, even though the certificate should have given me allpermission(s) right?

Would appreciate any help or suggestions.


Elias access denied (java.util.PropertyPermission java.home read)

at 4)


at java.lang.SecurityManager.checkPermission(

at java.lang.SecurityManager.checkPropertyAccess(

at java.lang.System.getProperty(

at org.jivesoftware.smack.ConnectionConfiguration.(

at jabberClient.connect(

at jabberClient.init(



forgot a few relevant details. The jabber server I am contacting in the script is on the same domain as where the html+applet is. By default java should allow me to open socket towards this server so signing should not even be necessary.

I have unjared smack and “rejared” it together with my .class file to make sure everything is signed aswell.

Would appreciate any hints if anyone has had similar problems,


Got some more info, my applet works now but only if the xmppconnection is called by a native java method.

I tried to create a java function that creates the xmppconnection and then call it with javascript and then I get the same problem.

I guess I can workaround this by having the applet fetch userdetails from javascript instead of the other way around but it would be nice to be able to pass userdetails in a javascript call.

Another applet security issue.

When I try to call this function from a javascript I get a security violation aswell:

public void joinMUC(String nick, String room)




MultiUserChat muc = new MultiUserChat(connection,room);


muc.sendMessage(“hi there”);

/- if I remove theese lines below it works to pass the message-/

PacketListener pl = new PacketListener()


public void processPacket(Packet packet)


callback(“MUCMessage”,packet); //register callback handler for incomming message







catch(XMPPException xmppe)


System.out.println(“could not join room:”+xmppe.toString());



The error I get is below, everything in the jar packet is totally unjared and rejared and signed: java.lang.reflect.InvocationTargetException

at Method)

at sun.plugin.liveconnect.SecureInvocation$

at Method)

at sun.plugin.liveconnect.SecureInvocation.CallMethod(

at sun.plugin.navig.motif.AThread.handleRequest(Native Method)

at sun.plugin.navig.motif.AThread.JNIHandleLoop(


Caused by: java.lang.reflect.InvocationTargetException

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.ja va:25)

at java.lang.reflect.Method.invoke(

at sun.plugin.javascript.invoke.JSInvoke.invoke(

at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.ja va:25)

at java.lang.reflect.Method.invoke(

at sun.plugin.javascript.JSClassLoader.invoke(

at )

… 7 more

Caused by: java.lang.SecurityException: class “jabberClient$1”’'s signer information does not match signer information of other classes in the same package

at java.lang.ClassLoader.checkCerts(

at java.lang.ClassLoader.preDefineClass(

at java.lang.ClassLoader.defineClass(


at sun.applet.AppletClassLoader.findClass(

at java.lang.ClassLoader.loadClass(

at sun.applet.AppletClassLoader.loadClass(

at java.lang.ClassLoader.loadClass(

at java.lang.ClassLoader.loadClassInternal(

at jabberClient.joinMUC(

… 17 more

java.lang.ClassCastException: org.jivesoftware.smack.packet.DefaultPacketExtension

at org.jivesoftware.smackx.muc.MultiUserChat.getMUCUserExtension(MultiUserChat.jav a:1955)

at org.jivesoftware.smackx.muc.MultiUserChat.access$600(

at org.jivesoftware.smackx.muc.MultiUserChat$8.processPacket( 75)

at org.jivesoftware.smack.PacketReader$ListenerWrapper.notifyListener(PacketReader .java:822)

at org.jivesoftware.smack.PacketReader.processListeners(

at org.jivesoftware.smack.PacketReader.access$100(

at org.jivesoftware.smack.PacketReader$