Capture and RTP on a SIGNED applet.

Similar Messages

• IIS, Javascript, Signed Applet and ASP Blank Page Problem

  Hi,
  I'm having a problem using a Signed Applet in a site that runs in a IIS (Windows Server 2003).
  My aspx web page uses the applet to read my smart card and get information from it.
  This applet uses an auxiliar dll (stored in a second Signed Jar file) in order to read the information from my smart card.
  The way the solution is design:
  1) Aspx page is asked from server
  2) Internet Explorer recieve the page and asks the server for it content (images, applet, javascripts, etc)
  3) After this the JVM runs (console opens)
  4) After the Aspx page render fully a javascript register onload fires and call an applet method
  5) Applet receive the call and run the logic of the method:
       - reads the smart card;
       - calls Javascript function in order to fill aspx fields with information from smart card
       - calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
  5) The server makes some logic with the information receive and responds to client registering in aspx page a call to another Javascrit function
  6) The client received the asnwer from server and runs the Javascript function registered on step 5)
       This Javascript calls another method from applet and runs the following logic:
       - reads more information from smart card;
       - call javascript function in order to fill more fields of aspx page with the information readed
       - calls Javascript function the simulates a click in a botton of aspx page (in order to call server side part sending data readed from smart card to server)
  7) The server makes some logic and call another pages with no Applets
  8) Client asks for a second page with the same applet and we start with another logic express on steps 1);2);3),4);5) and then 7).
  This is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
  When this happens the server just responds with a blank page.
       - with fiddler I can seer the request for the aspx page (that uses the applet)
       - but server responds with a blank html page
  The JVM doesn't fire.
  The IIS log don't show errors.
  The eventviewer doesn't show errors.
  The problem is solved with an IIS reset or a Application Pool reset.
  After a while the problem returns.
  This problem occours for other user in another machine, the server just stops responding correcly to request regarding pages with applets, the other pages still continue to work.
  If we disable Java Control Panel->Advanced->Java Plug-in->Enable the next-generation Java Plug-in the problem seend to stop, but we can't force all clients to disable this option right?
  Or there is a way to force the Applet to run with this option disabled?
  As anyone experience similar problem?
  Regards,
  OF

  This is all ok, until sometimes the server stop responding correcly for requests regarding this two pages with the Applet.
  When this happens the server just responds with a blank page.
  - with fiddler I can seer the request for the aspx page (that uses the applet)
  - but server responds with a blank html pageWell, if http requests look identical in case of success and failure (pay attention to cookies, etc) then it has to be something on the server side.
  It could be that server gets into this wrong state because of previous requests made by applet but it is hard to tell.
  I am not clear how old/new plugin can make a difference unless your applets run in the legacy mode (i.e. you are actually trying to reuse SAME instance of the applet when
  it is loaded next time).
  I'd start with
  1) carefully comparing good/bad sessions
  2) checking whether server will serve correct response to another client when it serves "bad" page for current client
  3) add debug statements to aspx - it is scripted page, may be some condition is not met and then it returns blank?
  4) record all http requests in one session until you get to "error" state and then use any http server testing tool to "replay" this set of requests.
  You should be able to get server into the same state without use of applet. Then you can try to tweak set of requests to see what makes a difference.

• Classloader caching in signed applet is very slow and weird

  I have a signed applet running in the 1.4.1_01 plugin environment, and
  I'm getting the following kinds of messages when I use debug mode 5 in the console:
  Connecting http:[myserver]/someclass.class with no proxy
  Connecting http:[myserver]/someclass.class with cookie "JSESSIONID=..."
  Sometimes, the classloader will say:
  WARNING: Unable to cache someclass.class
  Moreover, some classes will be repeated two or three times, as if the classloader is trying to get the same class two or three times.
  Some of these classes are even in the java.lang package!!
  The thing is, I'm actually trying to get the applet to use webservices, so I've signed the Apache Axis jar files (about 8 or so) and included them in the "cache_archive" parameter. The classes giving problems are from these archives, not from my main applet jar.
  The applet will eventually work, but the first time takes a LONG time to initialize because the classloader is trying to verify all the classes (i think). Subsequent runnings of the applet within the same browser will be much faster, but the same thing will happen if I start a new browser instance.
  My questions are:
  1) Why is the classloader trying to load from my http server rather than from the local jars? (they seem to be statically cached, I checked the plugin control panel)
  2) Why is the classloader reloading the same classes multiple times?
  3) Is the classloader verifying the signatures for each class, because it's taking a long time due to very many classes (100's).
  I can't seem to find ANY documentation for this at Sun or Google.
  Please help if you can!
  Andrew

  I've got the same problem with applet using SOAP based on jwsdp.
  But classloader only try to get classes from server that are used in SOAP calls.
  The only workaround I found is to move this classes to root package, but still there are problems with
  Connecting http://<host>/int.class with no proxy
  Connecting http://<host>/int.class with no proxy
  WARNING: Unable to cache http://<host>/int.class
  requests.
  Maybe this is a bug of Sun SOAP implementation?

• Signed applet and HTML parameters

  I've created a signed applet and everything works fine, except for the fact that i can't add parameters to the applet.
  Without the parameters in the HTML the applet inits and starts and can be used without problems. But when I add paramaters, the applet reports a "class not found exception".
  I used HTML-converter to convert the applet tag to object/embed tags.
  Has anyone had the same problem or knows what I'm doing wrong? I'd really appreciate some help.
  Thanks in advance,
  Erik
  My HTML source:
  <OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
  WIDTH = "600" HEIGHT = "400" codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,0,0">
  <PARAM NAME = CODE VALUE = "TNA" >
  <PARAM NAME = ARCHIVE VALUE = "TNA.jar" >
  <PARAM NAME="type" VALUE="application/x-java-applet;version=1.3.0">
  <PARAM NAME="scriptable" VALUE="false">
  <COMMENT>
  <EMBED type="application/x-java-applet;version=1.3.0" CODE = "TNA" ARCHIVE = "tna.jar" WIDTH = "600" HEIGHT = "400" scriptable=false pluginspage="http://java.sun.com/products/plugin/1.3/plugin-install.html"><NOEMBED></COMMENT>
  </NOEMBED></EMBED>
  </OBJECT>
  <!--
  <APPLET CODE = "TNA" ARCHIVE = "tna.jar" WIDTH = "600" HEIGHT = "400">
  </APPLET>
  -->

  Try this:
  OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
  WIDTH = "600" HEIGHT = "400" codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,0,0">
  <PARAM NAME = "java_code" VALUE = "TNA.class" >
  <PARAM NAME = "java_archive" VALUE = "TNA.jar" >
  <PARAM NAME = "java_type" VALUE="application/x-java-applet;version=1.3.1">
  <PARAM NAME="scriptable" VALUE="false">
  <COMMENT>
  <EMBED type="application/x-java-applet;version=1.3.0" CODE = "TNA" ARCHIVE = "tna.jar" WIDTH = "600" HEIGHT = "400" scriptable=false pluginspage="http://java.sun.com/products/plugin/1.3/plugin-install.html"><NOEMBED></COMMENT>
  </NOEMBED></EMBED>
  </OBJECT>
  <!--
  <APPLET CODE = "TNA" ARCHIVE = "tna.jar" WIDTH = "600" HEIGHT = "400">
  </APPLET>

• WebService call from signed applet and MS Vista

  Hi.
  I'M developing a system that needs to call web services from a signed applet.
  I have made the solution like this.
  The applet starts by checking that the 12 needed libs is present under the <java home>\lib\ext folder. if not it will download the files automatically and restart the browser.
  This works fine in Windows XP because the signed applet gives me read/write access to the whole machine, but in Vista this isn't possible anymore (as i understand it).
  My question: Is it possible to put these libs in another folder that the ext lib? I have tried to define the "archive" tag in my Object tag but i get the class not found exception thrown in my face.
  If there is a solution to this i would very much like some pointers!
  If not what can i do to get access to the <java home>\lib\ext folder under Vista?
  Regards
  Michael Pallesen

  When invokin applet methods via javascript, you are accessing privileged actions from an unsafe source.
  Depending on your needs, you could either load the system variables in applet init into class variables and return the information contained in the class variables to javascript or wrap the method calls inside AccessController.doPrivileged() calls.

• Problem with a signed applet and a user machine.

  Hello. I´m having some problems with a signed applet with some dependences.
  In one particular computer the applet doesn´t load.
  The java version installed in that computer is 1.6.0_25.
  The invocation tag:
  <applet name=applet id="applet" code=Applet/RequestApplet.class width=155 height=21 archive="RequestApplet.jar " MAYSCRIPT>
     <param id="parametro1" name="usuario" value="<Computed Value>">
  </applet>The RequestApplet.jar and dependences:
     bcmail-jdk13-145.jar(signed by bouncy castle), jce-ext-jdk13-145.jar(signed by bouncy castle), AbsoluteLayout.jar, plugin.jar, RequestApplet.jar(signed by me)*this files are all in the same folder.
  The requestApplet.jar manifest:
  Manifest-Version: 1.0
  Ant-Version: Apache Ant 1.7.1
  X-COMMENT: Main-Class will be added automatically by build
  Class-Path: bcmail-jdk13-145.jar jce-ext-jdk13-145.jar plugin.jar Abso
  luteLayout.jar
  Created-By: 10.0-b23 (Sun Microsystems Inc.)
  Main-Class: Applet.RequestApplet
  Name: Applet/ResponseApplet$1.class
  SHA1-Digest: fO5IPiwEH3OhvlprhBecmMIAVJI=
  Name: Applet/NewJApplet.class
  SHA1-Digest: 6XSpm7lQEQRi39TegoUYv2aFJrk=
  Name: Applet/ResponseApplet.class
  SHA1-Digest: v1EbKUFB+QdvO05xx8UzAMNIyRs=
  Name: Applet/ResponseApplet$4.class
  SHA1-Digest: XH4I67psXZTelpz0AMAYc/Ej8QY=
  Name: Applet/RequestApplet$1.class
  SHA1-Digest: KAP5sAC4Thv/6GClkFAdGUVzgYA=
  Name: Applet/ResponseApplet$5.class
  SHA1-Digest: CVPnKrW2SgNEkRzYnVnQe3KGrIU=
  Name: Applet/ResponseApplet$3.class
  SHA1-Digest: SjfW1k1K7BA9m3AxmHi+jvRE+9o=
  Name: Applet/ResponseApplet$2.class
  SHA1-Digest: 3Pu18CZMLuEh7/n3y7XxFSkuNQY=
  Name: Applet/RequestApplet.class
  SHA1-Digest: Tky85es5+o371adetH9XVEI2Z+o=The error:
  java.lang.RuntimeException: java.lang.NoClassDefFoundError: org/bouncycastle/jce/provider/BouncyCastleProvider
       at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
       at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
  Caused by: java.lang.NoClassDefFoundError: org/bouncycastle/jce/provider/BouncyCastleProvider
       at java.lang.Class.getDeclaredConstructors0(Native Method)
       at java.lang.Class.privateGetDeclaredConstructors(Unknown Source)
       at java.lang.Class.getConstructor0(Unknown Source)
       at java.lang.Class.newInstance0(Unknown Source)
       at java.lang.Class.newInstance(Unknown Source)
       at sun.plugin2.applet.Plugin2Manager$12.run(Unknown Source)
       at java.awt.event.InvocationEvent.dispatch(Unknown Source)
       at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
       at java.awt.EventQueue.access$000(Unknown Source)
       at java.awt.EventQueue$1.run(Unknown Source)
       at java.awt.EventQueue$1.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
       at java.awt.EventQueue.dispatchEvent(Unknown Source)
       at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
       at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
       at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
       at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
       at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
       at java.awt.EventDispatchThread.run(Unknown Source)
  Caused by: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.BouncyCastleProvider
       at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
       at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
       at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
       at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClass(Unknown Source)
       ... 20 more

  Thanks. I´ll try with your tips. But if i put all the dependences in archive I get this error.
  The tag:
  <applet name=applet id="applet" CODEBASE="." code="Applet/RequestApplet.class" width=155 height=21 archive="bcmail-jdk13-145.jar, jce-ext-jdk13-145.jar, AbsoluteLayout.jar, plugin.jar, RequestApplet.jar " MAYSCRIPT>
     <param id="parametro1" name="usuario" value="<Computed Value>">
  </applet>The error:
  Java Plug-in 1.6.0_25
  Usar versión JRE 1.6.0_25-b06 Java HotSpot(TM) Client VM
  Directorio local del usuario = C:\Documents and Settings\Administrator
  c:   borrar ventana de consola
  f:   finalizar objetos en la cola de finalización
  g:   liberación de recursos
  h:   presentar este mensaje de ayuda
  l:   volcar lista del cargador de clases
  m:   imprimir sintaxis de memoria
  o:   activar registro
  q:   ocultar consola
  r:   recargar configuración de norma
  s:   volcar propiedades del sistema y de despliegue
  t:   volcar lista de subprocesos
  v:   volcar pila de subprocesos
  x:   borrar antememoria del cargador de clases
  0-5: establecer nivel de rastreo en <n>
  basic: Receptor de progreso agregado: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@f39b3a
  basic: Plugin2ClassLoader.addURL parent called for http://desarrollo.isaltda.com.uy/CertReq.nsf/bcmail-jdk13-145.jar
  basic: Plugin2ClassLoader.addURL parent called for http://desarrollo.isaltda.com.uy/CertReq.nsf/jce-ext-jdk13-145.jar
  basic: Plugin2ClassLoader.addURL parent called for http://desarrollo.isaltda.com.uy/CertReq.nsf/AbsoluteLayout.jar
  basic: Plugin2ClassLoader.addURL parent called for http://desarrollo.isaltda.com.uy/CertReq.nsf/plugin.jar
  basic: Plugin2ClassLoader.addURL parent called for http://desarrollo.isaltda.com.uy/CertReq.nsf/RequestApplet.jar

• Signed applets and dialogs

  hi all,
  question to clarify my understanding of signed applets.
  got a bog-standard applet. nothing clever or special.
  got myself a bog-standard cert from thawte.
  signed the applet and put it on a webserver.
  displays the correct security notice on first load. continue and "Always trust this company" etc...
  all runs fine.
  in the applet init, i've put in
  java.awt.AWTPermission perm = new java.awt.AWTPermission("showWindowWithoutWarningBanner");
  try {
    AccessController.checkPermission(perm);
    System.out.println("access allowed?");
  } catch (AccessControlException ex) {
    ex.printStackTrace();
  }open the main frame, and all is good. no banner or access denied exception.
  show a popup menu, or tooltip. no banner.
  display a dialog. oops, a banner "Java Applet Window" and the bottom section of the dialog is covered with the warning msg.
  so i'm confused.
  does this mean that this permission does not apply to dialogs? (if so, what?)
  even with a cert, this msg cannot be removed? (please tell me no)
  wrap and recode all dialog openings with AccessController.doPrivileged? (i dont wanna do this)
  or i missed something with the setup.
  i've been searching the forums for some info, but seem to be going in circles. editing the policy file on all client comps is not a valid option, unless there is sometrick i dont know about .
  tia
  -a

  hi,
  i got the answer from the link
  http://www.javaworld.com/javaworld/jw-12-2000/jw-1215-security.html

• JRE 1.4.x Plugin - Signed Applets and Weird Behaviour (Policy)

  Hello.
  I have recently experienced some strange behaviour related to signed applets and policy files in JRE 1.4.2-b28 ( a friend got the same behaviour in a flavour of 1.4.1-xx as well ). Both tests were on Windows 2000 Professional platforms.
  Initially my unsigned applet, which attempts socket connections to a server different from the download location, fails with security exceptions ( as expected ). Then I did the following to sign the applet jar and configure my environment
  Steps: 1) Import "trusted CA" certificate into ${java.home}/lib/security/cacerts. (JRE home outside the JDK)
  2) Signed the jar using jarsigner and a certificate generated from the "trusted CA" (Entrust CA and certificate).
  3) Imported the signing certificate into the Java plugin using import in the plugin control panel.
  4) Created a new keystore (keytool,jks) and imported the signing certificate into the keystore with alias "developer". The keystore is stored in the user home as .keystore.
  5) Created a .java.policy for the user and attaching the keystore in 4) to it. ( also stored in user home ).
  6) Used the policy tool to grant socketpermissions to the specific codebase ( testing with file:/C:/test/* initially ) signed by "developer"
  After this, when I ran the test page under IE 5.5SP2 and Netscape 7.1 it worked without any security exception. Ditto for using the appletviewer and the policy file I created for the user.
  The weird part occurred when I removed the policy entry from the user policy file. After doing this, Netscape and IE still allow the applet to execute - somehow remembering that it was granted permissions at some point. The appletviewer does not allow it to execute, generating security exceptions.
  It appears the old policy is being cached somewhere, but I cannot find where. If I replace the applet jar with an unsigned version it does fail in IE and Netscape. I tried cleaning the plugin cache and removing the "deployment.certs" files related to the users but still get the same behaviour.
  Does anyone know where the old policy information is being stored ? Does anyone know how to revoke the permissions so that I am restored to my original base environment ( no permissions for "designer" signed applets ) ? Would attempting to utilize the AccessController.doPriveleged( xxxx ) operations in JDK 1.4 avoid all of this confusion with policy files, keystores and certificate storage ? After all the messing about I would like a zero-footprint alternative ( or minimzed footprint anyway ).
  Any ideas would be most welcome.
  Regards,
  James.

  Hello Again.
  I am either enlightened or confused at this point. I found that as long as all of my related Jars are signed ( even by self-signed certificates ) I am granted SocketPermissions for calls outside of the originating server. Unsigned code is refused, but even when the Jars were signed using a self-signed certificate the Socket calls were allowed.
  Am I experiencing the appropriate behaviour in this case ( which would mean not having to utilize policy files to distribute an applet that uses calls to arbitrary servers - e.g. JavaMail ) or am I suffering from something damaged in my environment ?
  It has been a long time since I played with signed applets and I am having difficulty determining what operations require policy file entries/AccessController.doPrivileged() calls and which are granted when a user elects to trust a signed applet without policy.
  Any assistance in clearing up my confusion would be appreciated.
  Regards,
  James.

• Signed Applets And IE Security

  Hi, all!
  I have a signed applet (x.509) run in IE with plug-in 1.4.0b92. In most cases the behavior is as it is expected - a window prompting user to deny, allow or always alow the certificate in the applet appears. But there are some cases when this window doesn't appear and the users are able to run the applet. No certificates are previously installed or granted(at least there aren't any items in Certificates tab or in .keystore file in user home).
  Does anybody could say what is the normal behavior of the plug-in - does it always prompt the user when a signed content is run; does it depend on Security setting in the browser?
  Thanks in advance for any help or further information!
  Regards, Ivo Kolev

  Hi,
  Do you clear you Plug-in Cache explicity ?
  May be sometimes your IE uses the plug in to restore the applet from the cache.
  But I remember having observed the same problem when I used a signed applet. The dialog box appears 'mostly always' but sometimes it just doesnt :)
  if you are able to resolve the problem...let me know

• How to create signed applet and make it work with browser

  i hav an applet that needs to write a file to onto local system resource. i came to know that the applet needs to be signed. so i searched some guides to create a signed applet but most of them specify how to use it with applet viewer and not on a browser. plz help me with how to sign an applet and and allow it to write a file from within a browser.

  On linux, something like this:
  keytool -genkey -alias signSocket -keystore socketstore -keypass abc123 -dname "cn=your name" -storepass abc123
  jar cvf Socket.jar *.class
  jarsigner -keystore socketstore -storepass abc123 -keypass abc123 -signedjar SSocket.jar Socket.jar signSocket
  And in html:
  CODE = "YourClass.class"
  ARCHIVE = "SSocket.jar"
  ...

• Signing and checking signature of the applet

  hello everybody;
  i want to download a signed applet on the smart card, and check its signature;
  shall i check the signature off the card before the download or its to the card manager to do it
  thanks for help

  Signature generation and verification can be done on-card.

• Signed Applet and native code

  Hi all,
  I have an application which I deploy with webstart and includes native code. This all works perfectly with webstart. I now want to deploy it as an applet. This works accept for the native code. I have done heaps of searching and cannot determine the most appropriate way to make the native code visible to the applet.
  Ultimately I am at the point where i recieve a UnsatisfiedLinkError when calling loadLibrary(...) for the native code. Currently i have the native code (dll's for windows, so's for Solaris etc) in independent jars which are also signed (as needed for webstart).
  Could anyone give me some advise or a reference to more info on this topic.
  I am using Java 1.5 and am happy to use 1.6 if neccessary.
  Thanks,
  Dave

  Andrew - of course you were correct about the signed cert - I misspoke when the CA signed applet didn't show a warning. (You were also right that I must have checked 'always accept' the certificate on the server I had the CA signed cert on).
  I think you guys are on to something about the privileged actions. It would explain where one popup has the icon and the other doesn't. We have Javascript making calls into the applet and we do use JNI (although I don't think there are any calls back). We do wrap these calls in privileged actions but maybe we missed something. What I've seen before is a security exception is thrown if we don't wrap them - but maybe there are areas where we don't and it doesn't throw an exception or it does and we eat it somehow (and for whatever reason doesn't cause anything noticeable).
  Now that I know it could likely be the applet code and not necessarily a build issue with signing the jars, I have another place to look...
  I'll check it out and let you know what I find.

• Signed applet and security; a question

  I was wondering if you somebody has any experience packaging a signed applet within BEA? If so, Im wondering if I could ask you a few quick questions regarding MYAPP.
  MYAPP uses an applet that needs to be signed. This applet makes use of an external library for some of its client screens. Currently, I have packaged the applet classes, including the library contents as part of the root in the war file (i.e. exploded out of their archive and simply placed in the WAR file as fully path qualified classes).
  To sign the applet normally you would sign the jar file in which the applet is contained. But, when I place the jar file in the WAR file, the client cannot find the applet, even with the codebase and archive attributes filled in on the HTML page.
  My questions are as follows:
  Is there another mechanism for me to package the applet within the EAR file (i.e. a CAR file instead of the WAR?) such that I can package the applet within its JAR files and sign the JAR as I normally would?
  In lieu of anything on (1), how do I sign the applet? Should I be signing the WAR file or the individual classes?
  Please let me know if you would bee able to help, thanks much and again.
  Best regards,

  Thanks.
  The only server available we have is BEA 81 sp3
  appserver. We are not using webservers so we have to
  stick to BEA. Either it has a webserver included or you're screwed.
  Moreover, MYAPP.ear contains a huge amount of other
  JSPs and other stuff. My goal was to create a SINGLE
  ear file with MYWEBAPP and MYAPPLET contained in the
  same EAR file ?The point is that you have to point your applet's code base to a directory on the webserver. With dynamic web-app mapping and stuff you might not know where that is.
  So, is it doable to contain both MYWEBAPP and
  MYAPPLET in the same EAR file .... please correct me
  if iam wrong ?http://info.borland.com/techpubs/jbuilder/jbuilder9/webapps/webapps_context.html
  Look at the bottom of the page. Google is your friend.

• Signed Applet and certificate Expiration

  Hi,
  I have got an applet that was signed with a Thawte certificate because it must access printers and TCP/IP layer.
  It's running in a JRE 1.3.1.
  The certifcate will soon expire.
  What will happen ?
  Will my signed applet still keep on running ?
  Will I be able to renew my certificate once expired or must i do it before ?
  Thanks in advance.

  it'll run... fine... except that the user will be warned that the certificate has expired and they'll have to decide to let the applet run or not... so the user can have it not run.
  you can renew your certificate any time you want, and re-sign your jars with the new certificate.

• Signed applet and javascript communication

  Hi All,
  I have an (jar) signed applet which I use to access system properties (e.g user.home). I also have a javascript code that communicates (call to a public function) with the applet to get the property "user.home" from the applet. Everything works fine in Java plugin 1.3 but since I have installed the latest plugin 1.4.2_01 from http://www.java.com/en/download/windows_automatic.jsp website I can not access the system properties even though everything in the code is same.
  I can however still access public functions/variables from the same applet which do not access system properties in the new plugin 1.4.2_01.
  The browser I am using is IE and OS is Windows 2000.
  Does anybody know if Sun has changed the security policy for 1.4.2_01, in the new plugin for java-javascript communication to block access to functions which uses system property,fileIO, socket etc. even if they are signed applet??
  Thanks in advance..

  When invokin applet methods via javascript, you are accessing privileged actions from an unsafe source.
  Depending on your needs, you could either load the system variables in applet init into class variables and return the information contained in the class variables to javascript or wrap the method calls inside AccessController.doPrivileged() calls.