Bug 52901

Summary: Loading Java applet at https://www.netbank.nordea.dk/netbank/index.jsp never completes
Product: [Applications] konqueror Reporter: Jesper Juhl <jesper.juhl>
Component: kjavaAssignee: George Staikos <staikos>
Status: RESOLVED DUPLICATE    
Severity: normal CC: magnus.kessler
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Jesper Juhl 2003-01-12 02:01:23 UTC 
Version:            (using KDE KDE 3.0.99)
Installed from:    Compiled From Sources
Compiler:          gcc 2.95.3 
OS:          Linux

Go to this page : https://www.netbank.nordea.dk/netbank/index.jsp

A Java applet is supposed to appear on the page, and it starts to load just fine, but it never finishes.

I'm testing right now with Konqueror from KDE3.1rc6 and in the area where the applet is supposed to appear I get a flashing icon (a JavaBean ?? ;) and below it the text "Loading Class: com.ibm.cbt.slight.CbtKeyToken..."  sometimes it stops with some other class name, but this one's the most common. It never gets any further (the applet loads fine with IE on Windows)...

In the JavaConsole I have this : 

Java VM version: 1.4.0_01
Java VM vendor:  Sun Microsystems Inc.
KJAS: JSObject.getWindow
KJAS: JSObject.ctor: [WINDOW]
KJAS: JSObject.getMember: [WINDOW].navigator.appVersion
KJAS: evaluate (".navigator.appVersion")
KJAS: JSObject.getWindow
KJAS: JSObject.ctor: [WINDOW]
KJAS: JSObject.getMember: [WINDOW].navigator
KJAS: evaluate (".navigator")
java.lang.NullPointerException
	at com.ibm.cbt.thinclient.CbtApplet.isIE(CbtApplet.java)
	at com.ibm.cbt.thinclient.netbank.LogonApplet.initAddOn(LogonApplet.java)
	at com.ibm.cbt.thinclient.netbank.LogonApplet.init(LogonApplet.java)
	at org.kde.kjas.server.KJASAppletStub$2.run(KJASAppletStub.java:198)
	at java.lang.Thread.run(Thread.java:536)

My Java version is : 

bash-2.05a$ java -version
java version "1.4.0_01"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0_01-b03)
Java HotSpot(TM) Client VM (build 1.4.0_01-b03, mixed mode)

The page seems to use a lot of JavaScript as well, but I assume the real problem is with Java and not the JavaScript bits.
Comment 1 George Staikos 2003-02-14 07:13:19 UTC 
This could possibly be fixed with a recent patch to 3.1 branch and HEAD.  Please verify.
Comment 2 George Staikos 2003-02-14 07:27:30 UTC 
(So far I think this is fixed, but I need to test with a non-broken jre)
Comment 3 Magnus Kessler 2003-02-14 23:38:28 UTC 
No, the last patches don't solve the problem. The applet in question is a signed applet, and 
Mozilla/JavaPlugin show a dialog when this is first loaded asking for permission to give full 
access to your machine to the applet. Konqueror/kjava do no such thing and let the applet 
silently run into a security exception. Konqueror/kjava should handle signed applets better! 
 
Java VM version: 1.4.0_01 
Java VM vendor:  Sun Microsystems Inc. 
KJAS: JSObject.getWindow 
KJAS: JSObject.ctor: [WINDOW] 
KJAS: JSObject.getMember: [WINDOW].navigator.appVersion 
KJAS: evaluate (".navigator.appVersion") 
KJAS: value=5.0 (compatible; Konqueror/3.1) (type=S) 
KJAS: JSObject.getWindow 
KJAS: JSObject.ctor: [WINDOW] 
KJAS: JSObject.getMember: [WINDOW].navigator 
KJAS: evaluate (".navigator") 
KJAS: value=[object Navigator] (type=1) 
KJAS: JSObject.ctor: [object Navigator] 
KJAS: JSObject.getMember: [object Navigator].appVersion 
KJAS: evaluate (".appVersion") 
KJAS: value=5.0 (compatible; Konqueror/3.1) (type=S) 
KJAS: Exception java.security.AccessControlException: access denied 
(java.util.PropertyPermission user.home read) during applet initialization 
java.security.AccessControlException: access denied (java.util.PropertyPermission user.home 
read) 
	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270) 
	at java.security.AccessController.checkPermission(AccessController.java:401) 
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:542) 
	at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1291) 
	at java.lang.System.getProperty(System.java:572) 
	at com.ibm.cbt.config.CbtConfigGlobal.<init>(CbtConfigGlobal.java) 
	at com.ibm.cbt.config.CbtConfiguration.newInstance(CbtConfiguration.java) 
	at com.ibm.cbt.thinclient.CbtApplet.readAppletConfiguration(CbtApplet.java) 
	at com.ibm.cbt.thinclient.netbank.LogonApplet.initAddOn(LogonApplet.java) 
	at com.ibm.cbt.thinclient.netbank.LogonApplet.init(LogonApplet.java) 
	at org.kde.kjas.server.KJASAppletStub$2.run(KJASAppletStub.java:199) 
	at java.lang.Thread.run(Thread.java:536)
Comment 4 George Staikos 2003-06-13 02:29:49 UTC 
The site is changed.  I get the source for the page instead of the rendered page now.  
It's returning the wrong mimetype I think.  Any way to reproduce this still?
Comment 5 George Staikos 2003-07-02 18:16:25 UTC 
Ok it loads with HEAD now, but gives a security manager exception because it tries 
to read user.home.  AFAIK this is expected.
Comment 6 Koos Vriezen 2003-11-08 02:59:45 UTC 

*** This bug has been marked as a duplicate of 65602 ***