I have a java applet which is trying to create a VNC connection to another host (note the host running the applet and the VNC host are NOT the same). More info on the code i'm working with can be found here
I got the code to compile into XenServerConsole.jar which I put in the root of my webserver along with the folder structure com/citrix/xenserver/console/. (the console folder has all the .java, .class and some .png files).
I signed the XenServerConsole.jar file like this:
keytool -genkey -validity 3650 -keystore pKeyStore -alias keyName
keytool -selfcert -keystore pKeyStore -alias keyName -validity 3650
jarsigner -keystore pKeyStore XenServerConsole.jar keyName
and I'm loading the applet in HTML like with this code:
<applet code="com/citrix/xenserver/console/Initialize.class"
archive="/XenServerConsole.jar"
width="800" height="600">
<PARAM NAME="SESSION" VALUE="<%= @console_session %>">
<PARAM NAME="URL" VALUE="<%= @console_url %>">
<PARAM NAME="USEURL" VALUE="true">
</applet>
For some reason I'm still getting a Socket Permission error, here's the console output:
Loading UI...
Initializing...
Starting main...
Creating controls...
Adding controls...
Starting...
Connection failed: access denied (java.net.SocketPermission 192.168.0.2:443 connect,resolve)
Connection closed
Reconnecting in 5 seconds...
I was thinking that signing the JAR file would throw up a warning when a user accessed the HTML page, and if they accepted it could connect to the other server fine. I'm getting the run / cancel prompt on windows (not OSX) but still the SocketPermission error.
Why would the code still be throwing the error?
I figured it out. First I found any time your working with applets you need to make sure your clearing your classloader cache with each test. To do this, get focus on the java console and press "x" (at least that's how it works on OS X - Safari).
Signing the applet as I listed above DID WORK, as seen in the comment on the original question after I flushed the classloader cache I didn't get the SocketPermission anymore but it still failed, here's why:
The Java applet, though served from a web server is running on your local computer, and in this instance the applet was trying to connect to a URL that my local computer didn't have access to, but the web server did. That is why I was getting the timeout / NPE error. (The server I was trying to VNC into is on the web server's lan, not accessible via web).
So what I need to do is create a tunnel from the web server to the VNC target and specify that connection information in my applet's HTML code. But all that is beyond the scope of this question.