Java-Gaming.org
Play Revenge of the Titans! The situation is critical. We need fancy commanders to defend Earth, the moon, Mars!
Featured games (78)
games approved by the League of Dukes 		Games in Showcase (404)
games submitted by our members 		Games in WIP (289)
games currently in development
News: Read the Java Gaming Resources, or peek at the official Java tutorials
 
    Home     Help   Search   Login   Register   
Pages: [1]
  ignore  |  Print  
  Servlet to Applet Communication  (Read 854 times)
0 Members and 1 Guest are viewing this topic.
Offline unco

Junior Newbie




Java games rock!
« Posted 2004-07-18 04:13:04 »
Hello,

I have figured out how to do Servlet to Applect and Applet to Servlet communication, but so far can only get it to read what is on the Servlet screen.  Is there any way to have the applet read variables or something other than the servlet browser window?   Huh The reason I am asking is because people will cheat if the information is posted on the screen.   Sad With the servlet to applet communication I will have to have a servlet open for every game, which I was planning to have several games going at the same time...is there a better way of doing this, since wouldn't this idea bog down the server.  Any suggestions or ideas are greatly appreciated.

Thanks,
Offline Backmask

Junior Member




586: The average IQ needed to understand a PC
« Reply #1 - Posted 2004-07-18 11:41:05 »
Hi

First of all I don't understand what an Servlet screen is? A servlet has no form of GUI as it only response with HTML/XML or other standardize formats. Could u post the applet code?

I am quessing that you want to send information from one applet to the other applets? Or is it just posting presitance highscore?

If your using servlets to distribute information to the other players applets, there is another more prefered way to do this, but it requires acces to the web server. An applet can by it's default security sandbox only connect to the server that host the applet. So by creating a java application server that opens a TCP connection on a know port on the server the applets can connect to this port with TCP and send the information this way instead of posting with HTTP and reciving with a servlet. But unfortunate if you don't own the server or has root access to it you will not be allowed to install the application and open a port.

So what can u do to make the communication between an applet and a servlet more secure? If your using URLConnection to post to the Servlet it is easy for a user to use a sniffer and see what information it send and write it's  own program to cheat. To aviod this there are numerous hash and cryptographically way to enforce a more secure communication. A simple way is to have a public and private key pair. The servlets has the private part and the applets has a copy of the public key. When a servlet is sending it's data it is being ciphered with the public key and sent. And the servlet decipher it with the private key. Then a possible cheater must get a hold of the private key which should be very time consuming. Search more on public-private keypair to read the basic math behind this. Also see the package java.security that has this implemented.

//Backmask
Backmask
http://www.umeweb.com/backmask
Offline blahblahblahh

JGO Coder


Medals: 1


http://t-machine.org
« Reply #2 - Posted 2004-07-18 12:10:02 »
Quote
Hi

First of all I don't understand what an Servlet screen is?


Ditto Smiley.

I suspect you have an applet loaded in a page which is generated by a servlet, and are using methods to read the HTML page from the applet (or similar) and not realising that the applet can simply send arbitrary commands / requests direct to the servlet, and the servlet can distinguish these from web-browsers and send back arbitrary data...

Quote

If your using servlets to distribute information to the other players applets, there is another more prefered way to do this, but it requires acces to the web server.


No need for this - you can upload arbitrary information to a servlet already. Just make the servlet accept POST, and make the servlet have a URL where requests get a list of all the data that's come in from the other applets.

Of course, I would suggest breaking up all these different aspects into unique servlets, since it would make it less confusing to edit...

Quote

it is easy for a user to use a sniffer and see what information it send and write it's  own program to cheat. To aviod this there are numerous hash and cryptographically way to enforce a more secure communication. ...Then a possible cheater must get a hold of the private key which should be very time consuming.


Not at all - you just made the first mistake of security: assuming that the cracker/cheater will simply attempt the hardest possible way of breaking the security. No, only a foolish or naive cracker would do that. Instead, most go for the weakest link...

Give me five minutes and a page with your applet on, and I'll have decompiled the java code and probably have whichever key(s) I need. The time-consuming bit is going to be remembering the name of a decompiler which does de-obfuscation (if you haven't obfuscated, I don't NEED that part, but it can make up for any bad coding conventions you're using by assigning more meaningful names to some of the methods, variables, etc - so that I can read your source more easily), and then reading through your source code to find whatever secrets I need.
malloc will be first against the wall when the revolution comes...
Games published by our own members! Check 'em out!
Play the free demo of Revenge of the Titans!
Offline misterX

Junior Member




java forever!
« Reply #3 - Posted 2004-07-18 13:00:47 »
may i suggest you exchange serialized objects between your servlet and applet instead of html content...
it's easier, more powerfull... and i guess it won't be displayable on screen but i'm not sure.
here is a nice tutorial.
Pages: [1]
  ignore  |  Print  
 
 
You cannot reply to this message, because it is very, very old.

  Check out our latest community projects!
Play Revenge of the Titans! The situation is critical. We need fancy commanders to defend Earth, the moon, Mars!
 
Featured Project
Browse for soundtracks for your game!
Picture of the Day
Work in Progress
Add your game!

Add your game by posting it in the WIP section,
or publish it in Showcase.

The first screenshot will be displayed as a thumbnail.
Shameless Plug!
The invasion has landed! On Mars! And you're there to beat 'em!
Latest pastebins
cubemaster21 (27 views)
2013-05-17 21:29:12
alaslipknot (37 views)
2013-05-16 21:24:48
gouessej (67 views)
2013-05-16 00:53:38
gouessej (66 views)
2013-05-16 00:17:58
theagentd (76 views)
2013-05-15 15:01:13
theagentd (70 views)
2013-05-15 15:00:54
StreetDoggy (111 views)
2013-05-14 15:56:26
kutucuk (134 views)
2013-05-12 17:10:36
kutucuk (134 views)
2013-05-12 15:36:09
UnluckyDevil (143 views)
2013-05-12 05:09:57
Medals in last month
HeroesGraveDev21x
Riven15x
davedes13x
newera318x
Vermeer8x
ctomni2316x
Jimmt6x
sproingie6x
matheus236x
Matzon5x
theagentd5x
alaslipknot4x
kevglass4x
Oskuro4x
princec4x
gouessej4x
Latest wiki revisions
Complex number cookbook
by Roquen
2013-04-24 12:47:31
2D Dynamic Lighting
by Oskuro
2013-04-17 16:46:12
2D Dynamic Lighting
by Oskuro
2013-04-17 16:45:57
2D Dynamic Lighting
by Oskuro
2013-04-17 16:23:20
Noise (bandpassed white)
by Roquen
2013-04-05 17:36:01
Noise (bandpassed white)
by Roquen
2013-04-03 16:17:38
Java Data structures
by Roquen
2013-03-29 13:21:12
Topic Request
by kutucuk
2013-03-22 21:42:01
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines | Managed by Enhanced Four Valid XHTML 1.0! Valid CSS!
Page created in 0.12 seconds with 20 queries.