Applet ignore sign

Similar Messages

• Java Applet Certificate Signing Window comes up BLANK!

  Hi Everyone I have a problem where
  Java Applet Certificate Signing Window comes up BLANK!
  It comes up as blank gray panel with the java logo on the upper left.
  the title bar says "Java Plugin Security Warning"
  And I can't figure out what to do to make it come up properly. I tried double clicking it dragging it around to make it repaint itself nothing happens.
  I have tried clearing temp files deleting files from IE, deleting cookies, clearing the history.
  Now i'm going to restart the computer and see if it works.
  It is supposed to give me buttons.
  1. Accept for this session
  2. Grant
  3. Deny
  4. View Certificate
  But does anyone have any idea how to address this issue ?
  Stephen

  You might try setting the trace level to 5 in the plugin's Java console and looking what it spits out while the applet is launching. I remember seeing loads of information in there including stuff relating to certificate validation. It might be helpful.
  The trick to getting this info during start up:
  1) get the plugin to load by directing your browser to page with a known applet. Write your own little stub applet and load it or go to http://java.sun.com/. There's an applet on that page.
  2) bring up the plugin's console if it's not already and then go to a blank page.
  3) set the trace level to 5 in the console. (just press the 5 key).
  4) go to the page that launches your applet. You'll have tons of information pour out in your console.
  Happy hunting.

• Applet Method Signed?

  Hello,
  I'm relativly new to the applet world so sorry if my question looks stupid.
  I'm currently working on a Java applet that performs a screencapture and save it to the client file system.
  To be able to capture the screen and write it , i had to sign the Applet.
  It is what i did using : Keytool and Jarsigner tools.
  So on my test applet , in the Init() method , i perform my screencapture and save it. It works well if the applet is signed , if not i have security exception that is normal.
  Then i tried to move my code to another method. I removed it from the Init() and create a new method i named CaptureScreen() . And i copied my previous code in that method.
  In my HTML Test page, i have embedded the applet using <APPLET> tag and add a HTML button that triggers a javascript that calls my method.
  MyApplet.Capture();
  My problem :
  When i call this method on the signed applet i got a security exception.
  java.security.AccessControlException: access denied (java.awt.AWTPermission createRobot)
  If the same code is called in the Applet's Init'() method i don't have it.
  So i guess i have to sign the Capture() method too. But how to do that? How to sign a specific method?
  Thanks a lot in advance for your help
  Youki

  Hi
  You don't sign methods. You sign the whole .jar file. So if you signed the file again after the adding the captureScreen() method, the applet .jar file should be OK.
  Not sure but I guess the problem occurs because the calling script is not signed.
  See http://java.sun.com/j2se/1.3/docs/guide/plugin/security.html
  (I can't find the same information in newer plugin developer guides though.)

• Exchange User Integration Pack ignores signed email

  Hi,
  I'm using SCORCH 2012 R2 /w the Exchange IP. It seems to ignore signed email.
  Steps to repro:
  Create a runbook with a single 'Get Items' activity. Configure the activity to check a subfolder of an arbitrary exchange account.
  Place a signed message in the subfolder via Outlook.
  Place an unsigned message in the subfolder via Outlook.
  Enable logging on the runbook.
  Run the runbook.
  Expected behavior:
  The runbook logs will show that Get Items returns two email objects.
  Actual behavior:
  The runbook logs show that Get Items only discovers the unsigned email.
  Other Information:
  The signed message is signed with a certificate generated by our enterprise PKI. The Scorch server trusts the root and intermediate CA's.
  Is there a way to make this work, so I don't have to resort to a different and more complicated approach?
  Thanks!
  John

  Is it working with iOS or Android or WP?
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Ignore signing, no permissions wanted

  I have a bunch of Jar-files which a want to be able to both run in an untrusted applet and launch with Java Web Start as an trusted application.
  Because of that all jar-files has to be signed. Now when the user displays the applet it gets all the certificate dialogs popping up even do the applet not really needs the extra permissions, which can be annoying.
  Is there any way to tell the browser/plugin that even do the jar files are signed ignore that fact and treat is as an untrusted applet, for instance using some attribute in the applet/object-tag or in the Manifest etc?

  I don't think this is currently possible. Please feel free to file an RFE. A more clear description of the use case would be helpful; personally, the code I write that I sign wouldn't work properly if it was run in an unsigned context.

• SunOne ignores signed jars -- bug?

  This is a follow-up to http://softwareforum.sun.com/NASApp/jive/thread.jsp?forum=69&thread=18672.
  The use of signedBy grant blocks appears to be broken, at least for signed jars that are deployed as part of an ear file. I created and signed a small jar that attemps to do a few normally forbidden things, then added these entries to the server.policy file:
  keystore "file:${/}C:${/}Sun${/}AppServer7${/}codesign.keystore";
  grant signedBy "codesign" {
  permission java.util.PropertyPermission "*", "read,write";
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
  Then I included the jar in a small enterprise app in which an EJB called the "forbidden" methods. In spite of the entires in server.policy, the code still fails due to AccessControlExceptions.
  Running with -Djava.security.debug=policy reveals:
  [04/Apr/2003:09:56:46] WARNING ( 2176): CORE3283: stderr: policy: getPermissions:
  [04/Apr/2003:09:56:46] WARNING ( 2176): CORE3283: stderr:      PD CodeSource: (file:/C:/Sun/AppServer7/domains/domain1/server1/applications/j2ee-apps/cms_3/./lib/SignedJarTest.jar <no certificates>)
  Note the <no certificates>
  Running the class from the command line -- using the exact same jar, and using the SunOne JVM and server.policy file -- is successful.:
  java -cp ./Sun/AppServer7/domains/domain1/server1/applications/j2ee-apps/cms_3/lib/SignedJarTest.jar -Djava.security.manager -Djava.security.policy=C:/Sun/AppServer7/domains/domain1/server1/config/server.policy -Djava.security.debug=policy com.seabase.scratch.crypto.SignedJarTest
  policy: getPermissions:
  PD CodeSource: (file:/C:/Sun/AppServer7/domains/domain1/server1/applicat
  ions/j2ee-apps/cms_3/lib/SignedJarTest.jar [
  Version: V1
  Subject: CN=Patrick Jones, OU=DOE Project, O=SEA, L=New Orleans, ST=Louisiana,
  C=US
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
  Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@72ffb
  Validity: [From: Tue Apr 01 12:34:18 CST 2003,
                 To: Sun Jul 20 01:34:18 CDT 2003]
  Issuer: CN=CA, OU=DOE Project, O=SEA, L=New Orleans, ST=Louisiana, C=US
  SerialNumber: [    4a821187 ]
  ... etc
  SunOne evidently ignores the fact that this jar is signed. This appears to be a bug.

  Java Plug-in 1.6.0_26
  Using JRE version 1.6.0_26-b03 Java HotSpot(TM) Client VM
  User home directory = C:\Users\dbladorn
  c:   clear console window
  f:   finalize objects on finalization queue
  g:   garbage collect
  h:   display this help message
  l:   dump classloader list
  m:   print memory usage
  o:   trigger logging
  q:   hide console
  r:   reload policy configuration
  s:   dump system and deployment properties
  t:   dump thread list
  v:   dump thread stack
  x:   clear classloader cache
  0-5: set trace level to <n>
  exception: exit(-1).
  ExitException[ 4]java.lang.RuntimeException: exit(-1)
       at com.sun.javaws.Main.systemExit(Unknown Source)
       at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
       at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
       at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source)
       at sun.plugin2.applet.JNLP2Manager.prepareLaunchFile(Unknown Source)
       at sun.plugin2.applet.JNLP2Manager.loadJarFiles(Unknown Source)
       at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
  Exception: ExitException[ 4]java.lang.RuntimeException: exit(-1)

• Signed applet : problem signing jar files that are in build path

  Hello,
  I have a problem while trying to create an ftp applet.
  I use org.apache.commons.net.ftp and i build path for commons-net-1.1.4.jar and then i build my classes.
  When i create a jar file with my classes and after signing it, it works under eclipse but not on a web page.
  I had signed commons-net-1.1.4.jar before to build the path in eclipse but commons-net-1.1.4.jar is not in my jar file.
  What is the way to sign applet correctly even if some jar ressources are in eclipse build path.
  Thank you

  You were right!!!
  I'm not sure what to write down in the formsweb.cfg (configuration file) , following the instructions on the on-line help of Developer Forms 10g , in step 9..
  The step 9 says...
  Because in this release the JACOB code is in an external Jar file and not incorporated into frmwebutil.jar, it needs to be downloaded. To do this, change the WebUtilArchive setting to read: webUtilArchive=/forms/webutil/frmwebutil.jar,/forms/webutil/jacob.jar
  The doudt is pointed to the fact that the frmwebutil.jar isn't in the ORACLE_HOME\forms\webutil path but it is ORACLE_HOME\forms\java path.
  Also , these paths referenced in webUtilArchive are physical paths in a Unix system or they are logical paths in a url?
  Simon

• Signed applet problem: signer information does not match...

  hi all,
  i am actually making a upload component using applets that
  would need to access the local file system for uploading
  files.
  I have created a signed applet(i have followed all the steps,
  such as those of creating a jar, creating a key/value pair
  using keytool and finally signed my jar file using
  jarsigner). when i try to access this applet in a browser,
  first the security certificate displays(which is fine),but
  then when i click on "grant permission", it gives me a error
  saying java.lang.SecurityException: signer information of
  a(particular class of mine)does not match with that of other
  classes in that......(rest is not visible)
  i don't understand why this is happening...i have tried to
  repeat all the steps..but still continues to give this error.
  can anyone help plz...? i am stuck bceauz of this..as the
  JFileChooser dialog box doesn't open up..from which i had to
  browse and select files..
  Thanks in advance
  sd76

  first the security certificate displays(which is fine),but then when i click on "grant
  permission"Not sure what you're talking about, when I sing an applet and open it with IE and jre 1.5
  I get a window titled "Warning - Security". It askes me if I trust the signed applet and
  gives me the options yes, no and allways. But never got the "grant permission dialog".
  Here is how I signed the applet and got it to read local file system:
  http://forum.java.sun.com/thread.jsp?forum=63&thread=524815
  second post

• Applets, databases, policies, signing, etc...

  Hello,
  Well, I am deploying an applet application which needs to connect with a postgres database.
  I put my application in my hosting then I changed my local java.policy file adding a line as
  permission java.net.SocketPermission "127.0.0.1:5432", "connect,resolve";And my applet works... but I don't want that the user needs to change his policies file.
  I read in somewhere in the forum if the applet is signed the user doesn't need to change anything... then I sign the applet. But it doesn't work. It looks to me that signing the applet is not enough to allows the connection.
  But I don't sure.
  Some body had had the same problem or am I doing some thing wrong?? Other Ideas
  By the way, sorry for my bad english, I hope you can understand what I am saying.
  Bye, and thanks by advance

  The standard AccessControlException:
  java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
  at java.security.AccessController.checkPermission(AccessController.java:401)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
  at java.lang.ClassLoader.getParent(ClassLoader.java:701)
  Or something like that.
  That's what I'm trying to solve, I wish to use the Java Security Policy system to allow my applet access to various resources, such as writing files. Now I've seen that signing an applet will give it full access (in my view, this is rather insecure, but anyway), however following the steps to sign an applet two or three times has still presented me with the same problem. The signing is ignored, and the exception is thrown.
  Applet signing aside, I fail to see any documentation stating how the policy file is used by the VM when running on a browser. I assumed it might be an entry in the Jar's manifest file, but again, I can find no documentation.
  It's all very annoying, and Sun have done quite a bad job at documenting this. For example, their example talkes about -D-Jjava.security.policy=.... being passed to appletviewer. Who on earth uses appletviewer! If policies only work with that, then they are useless. I want them to work with whatever browser the applet is being run within.
  Surely this isn't too much to ask? :)

• Applet signed w/ self-signed cert - different behaviors w different servers

  Folks,
  I'd really appreciate your help with the following.
  I'd like to deploy an applet as a signed jar. Probably at least in the beginning, and maybe indefinitely, I'd like to sign it with a self-signed cert. When I've tested this under Linux, loading the applet in a browser running on my desktop, from an apache2 webserver also running on the desktop, I get the expected behavior - I get a security dialog reporting that the applet was signed by an unrecognized CA, but allowing me to accept the applet's signature. However, when I try loading the applet from my server (i.e, browser still running on my desktop, but now loading the applet from the real webserver, which is also apache2), I don't get a security dialog, and the applet fails silently.
  Is there some way of configuring the webserver so that the security dialog is presented for a self-signed applet? What explains this difference?
  Thanks much,
  Matthew Fleming
  DermVision, LLC

  Double post answer has been given and ignored:
  http://forum.java.sun.com/thread.jspa?threadID=569012&messageID=2812525#2812525

• How can I access the Server file system without using any signed applet?

  Is it possible for me to run an applet on the client machine such that the client can view my server file system and perform uploading and downloading of files through the applet without signing the applet?

  Add the following in your java.policy file, your plug in accesses.
  grant {
  permission java.permission.AllPermission;

• File read access denied for signed applet

  Hi:
  I have a signed applet with a certificate generated with the keytool. Yet, I keep getting this error:
  java.lang.Exception: java.security.AccessControlException:
      access denied (java.io.FilePermission C:\WINDOWS\system32\aetpkss1.dll read)The error is produced when the method loadKeyStore(pin) below is called.
      private KeyStore ks;
      private Provider provider;
      private static final String providerName    = "PKCS11";
      private static final String providerLibrary = "aetpkss1.dll";
      public void loadKeyStore(String pin) throws IOException,
       CertificateException, KeyStoreException, NoSuchAlgorithmException {
       if (provider == null)
           registerProvider(providerLibrary);
       try {
           ks = KeyStore.getInstance(providerName,provider);
       } catch (Exception e) {
           throw new KeyStoreException("Failed get keystore instance\n"
                           + e.getMessage());
       try {
           ks.load(null, pin.toCharArray());
       } catch (Exception e) {
           throw new KeyStoreException("Failed load keystore\n"
                           + e.getMessage());
      public void registerProvider(String library)
       throws FileNotFoundException, KeyStoreException {
       String fileName;
       if (new File(library).isAbsolute())
           fileName = library;
       else
           fileName = getAbsolutePath(library);
       if (!(new File(fileName).exists()))
           throw new FileNotFoundException("No such file: " + fileName);
       String config = "name = " + providerName + "\n"
           + "library = " + fileName;
       ByteArrayInputStream confStream =
           new ByteArrayInputStream(config.getBytes());
       try {
           provider = new sun.security.pkcs11.SunPKCS11(confStream);
           Security.addProvider(provider);
       } catch (Exception e) {
           throw new KeyStoreException("Can initialize " +
                           "Sun PKCS#11 provider. Reason: " +
                           e.getCause().getMessage());
      private String getAbsolutePath(String lib) throws FileNotFoundException {
       String[] searchPath;
       /* NOTE: This should be modified to suit different versions of   *
        *       Windows and not just Windows XP                         */
       if (System.getProperty("os.name").matches("^(?i)Windows.*")) {
           searchPath = new String[] { "C:\\WINDOWS\\system32" ,
                           "C:\\java" };
       } else {
           searchPath = new String[] { "/usr/local/lib/" };
       for (int i = 0; i < searchPath.length; i++) {
           if ((new File(searchPath[i] + File.separator + lib).exists()))
            return (searchPath[i] + File.separator + lib);
       throw new FileNotFoundException("Library not in search path " + lib);
      }The above code is called by a java script, the class' constructor is empty.
  The error appears not to be caught by my code. I have tried to insert try/catch statements everywhere to figure out where this error is produced.
  The code is write off of the applet for signing with a smart card by Svetlin Nakov - and his applet works!
  I have also made a CLI application that uses the above code and it works perfectly.
  So: Something is wrong either with my certificate, the signing method, signature verification or something completely different. Any hints?
  The certificate I generated with
  keytool -genkey -keystore mystore -alias me
  keytool -seflcert -keystore mystore -alias meI have tired both with and without the selfcert step.
  Thanks! Erik

  The problem has been identified: Placing registerProvider() in the constructor the error no longer occurs, instead an error is produced when the key store is loaded.
  It appears that the javascript code is not trusted and so, even though the applet is signed, access privileges are restricted to those of the java script.
  A solution to this problem is not clear, but possibly, serving the pages from a trusted server, the java script will be trusted, some documentation seem to indicate.

• Signed applet does not grant AudioPermission "record"

  From what I gather, if I have a trusted signed applet sitting on a webpage and
  the visitor accepts (runs) the applet, then they should not need to have:
  grant {
  permission javax.sound.sampled.AudioPermission "record";
  in their java policy file. Well I have done all this (with a certificate from
  Thawte) and posted a thorough example at:
  http://www.livesite.net/JavaSoundTest
  At the bottom of that page there is a "Check permissions" link which will alert
  true/false if we have record permission. Clicking any "Record" link will
  attempt to open a TargetDataLine.
  My experience (and problem) is: record permission must be granted even though
  the applet is signed by a trusted CA.
  I would very much appreciate any help.
  Are you able to record/playback (without granting record permission in your
  java policy files) with the JavaSoundTest applet webpage?
  Is there something I am missing?
  ------ More information ------
  Java Control Panel -> Advance -> Security
  'allow user to grant permissions to signed content' is checked
  Reproducable on:
  MS NT4 w/ IE6
  MS Windows 2000 w/ Firefox 1.5
  MS Windows XP w/ Firefox 1.5
  MS Windows XP w/ IE6
  Fedora FC6 w/ Firefox 2.0
  Also, this happens with a commented-out record permission in the user
  .java.policy file, or when the policy file does not exist.
  ------ Source code: opening the target data line ------
  Using the JavaSoundTest applet page without granted permission, clicking a
  record link will yield this exception in the java console:
  java.security.AccessControlException: access denied (javax.sound.sampled.AudioPermission record)
  at java.security.AccessControlContext.checkPermission
  at java.security.AccessController.checkPermission
  at java.lang.SecurityManager.checkPermission
  at com.sun.media.sound.JSSecurityManager.checkRecordPermission
  at com.sun.media.sound.DirectAudioDevice$DirectDL.implOpen
  at com.sun.media.sound.AbstractDataLine.open
  at net.livesite.jsound.Recorder.run(Recorder.java:161)
  while opening a TargetDataLine as:
  23 private static TargetDataLine line;
  157 line = (TargetDataLine) AudioSystem.getLine( lineInfo );
  158
  159 try
  160 {
  161 line.open( format, (int) format.getSampleRate() );
  162 }
  ------ Source code: Using the security manager ------
  The "Check permissions" link on the TestJavaSound applet page calls this method:
  191 public boolean hasSoundRecPriv()
  192 {
  193 boolean ret = false;
  194
  195 try
  196 {
  197 SecurityManager sm = System.getSecurityManager();
  198 if (sm != null)
  199 {
  200 sm.checkPermission(new AudioPermission("record"));
  201 }
  202 ret = true;
  203 }
  204 catch(SecurityException e)
  205 {
  206 ret = false;
  207 }
  208
  209 return ret;
  210 }
  (This is a continued post from JAVASOUND-INTEREST at SUN.COM)

  Is there something I am missing?1) Applets are not well supported by Sun,
  and are inherently problematic as a reult
  of that.
  2) My experience suggests that the diagnotics
  applet is not reliable for detecting JMF.
  3) I guess the JMF applet is doing checks of
  policy files, despite the signed code.
  You might circumvent most of these problems,
  by using web-start to launch an application.
  Here are some of my tests at launching
  JMF using web-start.
  http://www.javasaver.com/testjs/jmf/

• Self signing applets

  I am writing an applet at the moment, it involves the applet using the clipboard therefore for this to be allowed the applet needs signing. I don't want to pay for this facility as the applet will be none profit making. I believe you can sign your own applets for free. Can anyone give me some more information on this. Cheers, Dave.

  You can create a test certificate, which is signed only by yourself and which will bring up a lot of warnings when someone runs it.

• Calling1.4.1 signed applet from Javascript causes keyboard/focus problems

  Pretty sure there's a JRE bug here, but I'm posting to forums before I open one in case I'm missing something obvious :-)
  This issue may be specific to IE, I haven't tested elsewhere yet. Our web application is centered around a signed applet that is initialized with XML data via Javascript. We first noticed the problem when our users started upgrading from the 1.3.x plug-in to the 1.4.x plug-in. The major symptom was that shortcut keys stopped working. I debugged the problem off and on for about a month before I boiled it down to a very simple program that demonstrates the issue (included below). Basically, the program has a function that adds a JButton to a JPanel and registers a keyboard listener (using the new DefaultKeyboardFocusManager class) that prints a message to the console. This function is called by the applet's init() method, as well as by a public method that can be called from Javascript (called callMeFromJavascript()). I also included a very simple HTML file that provides a button that calls the callMeFromJavascript() method. You can test this out yourself: To recreate, compile the class below, JAR it up, sign the JAR, and put in the same dir with the HTML file. Load the HTML file in IE 5.0 or greater, and bring the console up in a window right next to it. Now click the button that says init--you should see the small box appear inside the button that indicates it has the focus. Now press some keys on your keyboard. You should see "KEY PRESSED!!!" appearing in the console. This is proper behavior. Now click the Init Applet from Javascript button. It has removed the button called init, and added one called "javascript". Press this button. Notice there is no focus occurring. Now press your keyboard. No keyboard events are registered.
  Where is gets interesting is that if you go back and make this an unsigned applet, and try it again, everything works fine. This bug only occurs if the applet is signed.
  Furthermore, if you try it in 1.3, signed or unsigned, it also works. So this is almost certainly a 1.4 bug.
  Anyone disagree? Better yet, anyone have a workaround? I've tried everything I could think of, including launching a thread from the init() method that sets up the components, and then just waits for the data to be set by Javascript. But it seems that ANY communication between the method called by Javascript and the code originating in init() corrupts something and we don't get keyboard events. This bug is killing my users who are very reliant on their shortcut keys for productivity, and we have a somewhat unique user interface that relies on Javascript for initialization. Any help or suggestions are appreciated.
  ================================================================
  Java Applet (Put it in a signed JAR called mainapplet.jar)
  ================================================================
  import javax.swing.*;
  import java.awt.*;
  import java.awt.event.*;
  public class MainApplet extends JApplet implements KeyEventDispatcher
      JPanel test;
      public void init()
          System.out.println("init called");
          setUp("init");
      public void callMeFromJavascript()
          System.out.println("callMeFromJavascript called");
          setUp("javascript");
      private void setUp(String label)
          getContentPane().removeAll();
          test = new JPanel();
          getContentPane().add( test );
          JButton button = new JButton(label);
          test.add( button );
          test.updateUI();
          DefaultKeyboardFocusManager.getCurrentKeyboardFocusManager().addKeyEventDispatcher(this);
      public boolean dispatchKeyEvent(KeyEvent e)
          System.out.println("== KEY PRESSED!!! ==");
          return false;
  }================================================================
  HTML
  ================================================================
  <form>
  <APPLET code="MainApplet" archive="mainapplet.jar" align="baseline" id="blah"
       width="200" height="400">
       No Java 2 SDK, Standard Edition v 1.4.1 support for APPLET!!
  </APPLET>
  <p>
  <input type="button" onClick="document.blah.callMeFromJavascript();" value="Init Applet via Javascript">
  </form>

  I tried adding the requestFocus() line you suggested... Same behavior.
  A good thought, but as I mention in my description, the applet has no trouble gaining the focus initially (when init() is called). From what I have seen, it is only when the call stack has been touched by Javascript that I see problems. This is strange though: Your post gave me the idea of popping the whole panel into a JFrame... I tried it, and the keyboard/focus problem went away! It seems to happen only when the component hierarchy is descended from the JApplet's content pane. So that adds yet another variable: JRE 1.4 + Signed + Javascript + components descended from JApplet content pane.
  And yes, signed or unsigned DOES seem to make a difference. Don't ask me to explain why, but I have run this little applet through quite a few single variable tests (change one variable and see what happens). The same JAR that can't receive keyboard events when signed, works just fine unsigned. Trust me, I'm just as baffled as you are.