java.security.AccessControlException when using java.awt.Robot class for screen capture in applet

Question

I require to capture a web page screen to store it on client's machine whenever client clicks print screen button. For this I googled and got that by embedding an applet with signature(trusted applet) in my jsp page i can do this. So I am trying with a simple applet for an standalone java class. On success I can try it for jsp after signing the applet. What I tried is:

import java.applet.Applet;  
import java.awt.Graphics;  
import java.util.Date;
import javax.imageio.ImageIO;
import java.awt.image.BufferedImage;
import java.io.File;
import java.awt.Dimension;
import java.awt.Rectangle;
import java.awt.Robot;
import java.awt.Toolkit;
import javax.swing.ImageIcon;
/* <applet code = MyApplet.class width="500" height="500">Java Applet for screen capture</applet>  */



public class MyApplet extends Applet {  

  /* Applet Life cycle Methods */  
  public void start()
  { 
   try{
   // capture the whole screen
   BufferedImage screencapture = new Robot().createScreenCapture(new Rectangle(Toolkit.getDefaultToolkit().getScreenSize()) );
   // Save as JPEG
   File file = new File("D:/screencapture.jpg");
   ImageIO.write(screencapture, "jpg", file);
   System.out.println("screen capture finished : ");
     }//try closing...
     catch(Exception e)
     {
       System.out.println("screen capture error : ");
       e.printStackTrace();
     }//catch closing...  
   }//start closing...

 public void stop()
  {  

  }   
}

I am getting this:

java.security.AccessControlException: access denied ("java.awt.AWTPermission" "createRobot")
        at java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
        at java.security.AccessController.checkPermission(AccessController.java:560)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at java.awt.Robot.checkRobotAllowed(Robot.java:170)
        at java.awt.Robot.init(Robot.java:134)
        at java.awt.Robot.<init>(Robot.java:96)
        at MyApplet.start(MyApplet.java:23)
        at sun.applet.AppletPanel.run(AppletPanel.java:474)
        at java.lang.Thread.run(Thread.java:722)

Any help, Any idea will be appriciated.

score 2 · Answer 1 · answered Oct 23 '14 at 13:58

i know i'm digging up a dinosaur a year after problem, but i've been facing the same problem. as someone said, changing policy file is very bad idea (also uncomfortable for some users, and as in my case, totally unacceptable solution).

I've been facing the same problem in signed applet with valid mannifest. the problem was in the way i was calling security related method. in this case you should replace line:

 BufferedImage screencapture = new Robot().createScreenCapture(new Rectangle(Toolkit.getDefaultToolkit().getScreenSize()) );

with

BufferedImage screencapture = AccessController.doPrivileged(new PrivilegedAction<BufferedImage >() {
    @Override
    public BufferedImage run(){
        return new Robot().createScreenCapture(new Rectangle(Toolkit.getDefaultToolkit().getScreenSize()) );
    }
});

that is clean way to do it. in appled signed using valid certyficate, with correct security entry in mannifest and jnpl file it works perfect.

score 0 · Accepted Answer · answered Mar 13 '13 at 10:31

0

I solved this problem. All I did is just pasted these lines in java.policy file(just search this file in your java installation folder and you will get it at 3 places and need to paste this at last in all files)

permission java.awt.AWTPermission "createRobot"; 
permission java.awt.AWTPermission "accessClipboard"; 
permission java.awt.AWTPermission "accessEventQueue"; 
permission java.awt.AWTPermission "showWindowWithoutWarningBanner"; 
permission java.awt.AWTPermission "readDisplayPixels", "read"; 
permission java.io.FilePermission "<<ALL FILES>>", "read, write, delete, execute";

answered Mar 13 '13 at 10:31

Shailesh Saxena

3,472
2
18
28

4

*"I solved this problem"* Not really. You've simply delayed the problem till production. At time of production, policy files will not be practical, and the app. will need to be digitally signed (by you) and trusted (by the end user) in order to use the `Robot`. – Andrew Thompson Mar 14 '13 at 01:49
@Andrew: I couldn't get you? Could you give some more explanation that why it is like "delayed the problem till production"? As I am working in a LIDAR technology based GIS Scanning company and for java development I am a one man army(No one is there to help me except online help). – Shailesh Saxena Mar 14 '13 at 03:45
1

You cannot expect the end user to go messing with policy files. It is unsafe, and way beyond their understanding. Therefore to get a trusted applet working on the machine of an end user, it needs to be digitally signed. Since it needs to be digitally signed, you might as well work that out now. An Ant build script can Jar and sign the classes each build. – Andrew Thompson Mar 14 '13 at 03:48
Please have a look at this and make me correct if I am misleading: http://www.coderanch.com/t/607189/Applets/java/Accessing-Trusted-Applet-JSP-page#2771590 – Shailesh Saxena Mar 14 '13 at 03:51

java.security.AccessControlException when using java.awt.Robot class for screen capture in applet

2 Answers2

Linked