It seems that with the current 6u5 (Consumer JRE) and 7 builds, intermittent problems with signed applets are occurring. The symptom is that the applet occasionally acts as though it is unsigned, failing in operations like querying system properties or connecting to a server which it should be allowed to. It is hard to isolate exactly when this problem was introduced, but it seems to be present in 6u5 and 7 and not in what used to be 6u3 b02.

Attached are two stack traces from the Iris application (http://swinglabs.org/iris/). One shows that the (signed) JNLPAppletLauncher, which is used to launch one of the demo's two applets (the Editor applet), is unable to fetch a system property. The other shows that the other signed applet on the page, the Toolbox applet, is unable to connect to Flickr.

These problems don't occur all of the time and seem to be present either mostly or completely on the Firefox browser.

It's unclear whether there might be a new race condition in certificate checking somehow related to the presence of the two signed applets on the page, or something similar.

Removing the Sun certificate from the accepted certificates list seems to fix the problem for the first launch after the removal (when the security dialogs are displayed), but the problem seems to occur afterward.
Posted Date : 2007-08-21 23:20:31.0

N/A

There is a race condition may happened here, maybe it is introduced during our new thread model in 6u5, I will add synchnozied block to workaround race condition.
Posted Date : 2007-10-04 19:43:28.0

will Sun provide a Fix for this bug. If so when will the fix be available?

I think the problem occurs also in unsigned applets. See the discussion in 'http://forum.java.sun.com/thread.jspa?threadID=5216152&messageID=9911082'
Is there an workaround for this bug?

The problem also affects unsigned applets, it is a critical bug, please fix it ASAP !

I have this problem as well.  I have been able to work around it by telling users to access the server with its IP address instead of its host name.

Even with that, it is definitely a critical issue!

Yes
We want bug fix! We want it now!

I can confirm the problem as well with unsigned applets.  Upgrading to 1.6.0_03 from 1.6.0_02 now denies applet http connection back to originating host (AccessControlException).  Renders my application useless for all users who upgrade to 1.6.0_03.

Bug 6622150 seems related if not the same.

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6622150

This shows up on my unsigned applet that tries to connect back to the originating server, but only using Seamonkey (Mozilla).  If I connect using the fqdn in the URL I get the problem.  If I use the ip address in the URL it works OK.

Used to work fine in previous releases.  Still works fine in IE.  Is this perhaps a bad interaction between Seamonkey and Java 1.6.0_03?

This problem occurs 100% of the time for my company's unsigned applet with 1.6.0_03 and FireFox.  Problem was not present prior to 1.6.0_03.  We advise our customers to not update to 1.6.0_03 because of ths bug.

The same error occurs in IE7, Java Plug-in 1.5.0_14, using a signed Applet. Most of the time the Applet works, but from time to time the AccessControlException occurs.