How to sign in Applet?

Hello,
How to sign in the Applet? I have try many way to do this but still not successfull.
I need a webpage that really have the step by step instructions. thanks a lot. ( sorry for saying that, because I really tired to follow those instruction that not complete or confusing )
What is the certificate? where can I get this? Is it keystore = certificate?
Do I need to connect to the Internet when I signing up my Applet?
Why sign in Applet?
Thanks.

see if helps,
http://forum.java.sun.com/thread.jsp?forum=54&thread=103843

Similar Messages

  • How to sign java applet policy to end user?

    i have putted my applet class on server, i want all end users can access it on server, how to sign the java.policy to there JRE?
    can anyone help me?

    I found this some where else. It shows how to sign an applet.
    START OF DOC
    How To Sign a Java Applet
    The purpose of this document is to document the steps required to sign and use an
    applet using a self-signed cert or CA authorized in the JDK 1.3 plugin.
    The original 9 steps of this process were posted by user irene67 on suns message forum:
    http://forums.java.sun.com/thread.jsp?forum=63&thread=132769
    -----begin irene67's original message -----
    These steps describe the creation of a self-signed applet. This is useful for testing purposes. For use of public reachable applets, there will be needed a "real" certificate issued by an authority like VeriSign or Thawte. (See step 10 - no user will import and trust a self-signed applet from an unkown developer).
    The applet needs to run in the plugin, as only the plugin is platform- and browser-independent. And without this indepence, it makes no sense to use java...
    1. Create your code for the applet as usual.
    It is not necessary to set any permissions or use security managers in
    the code.
    2. Install JDK 1.3
    Path for use of the following commands: [jdk 1.3 path]\bin\
    (commands are keytool, jar, jarsigner)
    Password for the keystore is any password. Only Sun knows why...
    perhaps ;-)
    3. Generate key: keytool -genkey -keyalg rsa -alias tstkey
    Enter keystore password: *******
    What is your first and last name?
    [Unknown]: Your Name
    What is the name of your organizational unit?
    [Unknown]: YourUnit
    What is the name of your organization?
    [Unknown]: YourOrg
    What is the name of your City or Locality?
    [Unknown]: YourCity
    What is the name of your State or Province?
    [Unknown]: YS
    What is the two-letter country code for this unit?
    [Unknown]: US
    Is CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
    correct?
    [no]: yes
    (wait...)
    Enter key password for tstkey
    (RETURN if same as keystore password):
    (press [enter])
    4. Export key: keytool -export -alias tstkey -file tstcert.crt
    Enter keystore password: *******
    Certificate stored in file tstcert.crt
    5. Create JAR: jar cvf tst.jar tst.class
    Add all classes used in your project by typing the classnames in the
    same line.
    added manifest
    adding: tst.class(in = 849) (out= 536)(deflated 36%)
    6. Verify JAR: jar tvf tst.jar
    Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/
    68 Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/MANIFEST.MF
    849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class
    7. Sign JAR: jarsigner tst.jar tstkey
    Enter Passphrase for keystore: *******
    8. Verifiy Signing: jarsigner -verify -verbose -certs tst.jar
    130 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/MANIFEST.MF
    183 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.SF
    920 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.RSA
    Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/
    smk 849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class
    X.509, CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
    (tstkey)
    s = signature was verified
    m = entry is listed in manifest
    k = at least one certificate was found in keystore
    i = at least one certificate was found in identity scope
    jar verified.
    9. Create HTML-File for use of the Applet by the Sun Plugin 1.3
    (recommended to use HTML Converter Version 1.3)
    10. (Omitted See Below)
    -----end irene67's original message -----
    To make the plug-in work for any browser you have two options with the JDK 1.3 plugin.
    1) Is to export a cert request using the key tool and send it to a CA verification source like verisign.
    When the reponse comes back, import it into the keystore overwriting the original cert for the generated key.
    To export request:
    keytool -certreg -alias tstkey -file tstcert.req
    To import response:
    keytool -import -trustcacerts -alias tstkey -file careply.crt
    An applet signed with a cert that has been verified by a CA source will automatically be recognized by the plugin.
    2) For development or otherwise, you may want to just use your self-signed certificate.
    In that case, the JDK 1.3 plugin will recognize all certs that have a root cert located in the JDK 1.3 cacerts keystore.
    This means you can import your test certificate into this keystore and have the plugin recognize your jars when you sign them.
    To import self-signed certificate into the cacerts keystore, change directory to where the JDK plugin key store is located.
    For JDK 1.3.0_02: C:\Program Files\JavaSoft\JRE\1.3.0_02\lib\security
    For JDK 1.3.1: C:\Program Files\JavaSoft\JRE\1.3.1\lib\security
    Import your self-signed cert into the cacerts keystore:
    keytool -import -keystore cacerts -storepass changeit -file tstcert.crt
    (the password is literally 'changeit')
    Now, regardless of which method you use, the applet should be recognized as coming from a signed jar. The user can choose to activate it if he / she chooses. If your applet uses classes from multiple jars, for example Apache's Xerce's parser, you will need to sign those jars as well to allow them to execute in the client's brower. Otherwise, only the classes coming from the signed jar will work with the java.security.AllPermission setting and all other classes from unsigned jars will run in the sandbox.
    NOTE: Unless otherwise specified by the -keystore command in all keytool and jarsigner operations, the keystore file used is named '.keystore' in the user's home directory.
    The first time any keystore is accessed (including the default) it will be created and secured with the first password given by the user. There is no way to figure out the password if you forget it, but you can delete the default file and recreate it if necessary. For most operations, using the -keystore command is safer to keep from cluttering or messing up your default keystore.

  • I don't understand how to sign an applet

    Hi
    could you indicate me how to sign an applet or documentation which deals with this subject...
    Thanx

    I assume that by now your applet is signed and that it can be loaded into the browser and that the Java-plug-in will do something with your applet.
    Look into the Java console after your applet has stopped running. (There is a coffee mug at the lower right corner of the screen).
    For debugging an applet this Java console is quite practical.
    If issued from within an applet, statements like
    System.out.println("Some info for debugging\n");
    will print into the Java console. You can also use that in a catch-part of a try-catch-finally construct:
    try {
        // some method which may raise an exception
    catch( Exception e ) {
        System.out.println(" * ooops * " + e.getMessage() + "\n");
    }

  • How to sign the applet with verisign certificate?

    Hi,
    I got a test certificate from the Verisign.
    Now I want to know, how to sign my applet with that certificate?
    Thanks,
    Siva E.

    Hi!
    You have to create a keystore wich contains the certificate. I think you call keystore -import "verisign.cert"Try the command, and it will tell you what it needs.
    To do the acutal signing of an applet (jar-file), you write somehting like this:
    jarsigner  -keystore "NameOfKeystore" -keypass "PasswordToPrivKey"  -storepass "PasswordToStore" "YourJarFile.jar" "CertAlias"The cert alias is an alias you created when importing the certificate. Hope it Helps!
    Henrik

  • How to sign an applet?

    i want to know how to sign an applet and what's root certs?

    Check this URL ..it might help you
    http://developer.java.sun.com/developer/qow/archive/99/index.html

  • How to get my applet signed

    Hi
    I have an applet which has the functionality to print images.when i am working with appletviewer on local machine it works. when i tried to print through browser i am getting access denied error...i came to know that my applet has to get signed so that it prints data to printer. Pls tel me how to achieve it...
    And one more thing is i want to run my applet in a JSP so that i can access the file from different machine.
    For this i tried using jsp:plugins..but it is also giving error...
    Can u suggest me at this moment. how to get my applet signed...and how to resolve the plugin error...
    thanks
    type Exception report
    Error message :.....................
    description The server encountered an internal error () that prevented it from fulfilling this request.
    exception
    org.apache.jasper.JasperException: /view.jsp(9,0) jsp:plugin not closed
         at org.apache.jasper.compiler.DefaultErrorHandler.jspError(DefaultErrorHandler.java:94)
         at org.apache.jasper.compiler.ErrorDispatcher.dispatch(ErrorDispatcher.java:428)
         at org.apache.jasper.compiler.ErrorDispatcher.jspError(ErrorDispatcher.java:126)
         at org.apache.jasper.compiler.Parser.parsePlugin(Parser.java:643)
         at org.apache.jasper.compiler.Parser.parseAction(Parser.java:669)
         at org.apache.jasper.compiler.Parser.parseElements(Parser.java:803)
         at org.apache.jasper.compiler.Parser.parse(Parser.java:122)
         at org.apache.jasper.compiler.ParserController.parse(ParserController.java:199)
         at org.apache.jasper.compiler.ParserController.parse(ParserController.java:153)
         at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:227)
         at org.apache.jasper.compiler.Compiler.compile(Compiler.java:369)
         at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:473)
         at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:190)
         at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
         at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
         at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
         at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
         at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
         at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
         at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2415)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
         at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
         at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
         at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
         at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
         at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
         at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
         at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
         at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
         at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:594)
         at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:392)
         at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:565)
         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:619)
         at java.lang.Thread.run(Thread.java:536)

    Don't know about your second question but signing applets:
    http://forum.java.sun.com/thread.jsp?forum=63&thread=524815
    second post

  • How do I sign an applet?

    Hi! I have an applet that is writing and reading files. How do I sign the applet so that I can do this?

    Hi there Virum....
    Funny I was just answering a similar question about signing an applet - see link below:
    http://forum.java.sun.com/thread.jsp?forum=31&thread=220356
    I have write a file I/O demo applet that you can take a look at:
    http://home.attbi.com/~aokabc/FileIO/FileIOdemo.htm
    You said your applet does some writing.....if it's writing to the user's disk and the user grants you the permission, you will be able to do it..but if writing to the server is what you wanted to do, then you will need help from a server-side software like a servelet, ASP or cgi.
    How are you coming along with your game design!
    ;o)
    V.V.

  • How to sign a java applet using iPlanet SSL certificate?

    Dear all,
    I have a IPlanet web server with SSL installed,
    can I use the SSL certificate to sign my java applet which will run on the server? how to sign a java applet in this scenario? somebody please help me! thanks!
    yours sincerely
    dashel

    Why can't you create jar files?

  • How can I sign My applet for IE and Netscape without JavaPlugIn?

    I think we can sign our applets with Javasigner.exe but this certificate is not being
    supported by IE and Netscape. If you want to use this certificate with IE and Nets.
    you must install JavaPlugIn to all users. I dont want to choose this way.
    I think we have one alternative for this purpose.
    For Netscape: Signing Tool
    For IE: The program that included SDK-Java
    But I could not find SDK-Java any where.
    I think Microsoft have gave up to support the Java certification...
    I am not sure.
    How can I prepare signed applet that can be run on IE and Netscape?
    This applet will have some permissions.

    The tool you need for signing cab files for the MS JVM is signtool.exe. I beleive that the .NET version of this tool can be used, as the signing process was not Java specific. You do need certificates in a different format than for jarsigner or the netscape signing tool. Verisign will happily sell you two different certificates, but there is probably a way to convert between formats using openssl or similar.
    You'll also need to package your files in a cab instead of a jar. cabarc.exe is what we use here. Again, it does not seem to be Java specific, so you can probably still find it despite Microsoft no longer making their Java tools available.

  • How to 'deploy' an Applet when class files are on client machine?

    Hi all,
    I've searched through these forums and I can't find where my specific question has been asked before, so please accept my apologies for any duplication.
    I am trying to develop an applet for use on an intranet. (The specific requirement is that the applet must operate a scanner, and upload the scanned images to the database - we want it to be an applet so that it seamlessly integrates with the rest of the web application from the user's POV).
    Therefore the applet needs to run outside of the sandbox, but I don't want to go to all the hassle of getting a certificate from Verisign and signing the applet - that doesn't seem like it should be necessary, since there is no problem getting access to the client PC to install the class files by hand!
    I have read on this tutorial page that applets "that are loaded from the local file system (from a directory in the user's CLASSPATH) have none of the restrictions that applets loaded over the network do," so I don't think I am barking up the wrong tree:
    http://java.sun.com/docs/books/tutorial/deployment/applet/security.html
    That is exactly what I want to do! But whenever I try to run the applet, I get a no class definition found exception. However, if I run the applet as a standalone application (using its static main method) then the JRE has no trouble locating the class file - so I know that my CLASSPATH environment variable is set ok.
    Therefore I think the problem must be in my JNLP file. This is what mine looks like at present:
    <?xml version="1.0" encoding="UTF-8"?>
    <jnlp spec="1.0+" codebase="http://localhost:8080/JGNS008" href="http://localhost:8080/JGNS008/scanner-applet.jnlp">
        <information>
            <title>Scanner Applet Prototype</title>
            <vendor>Fooware</vendor>
        </information>
        <resources>
            <!-- Application Resources -->
            <j2se version="1.6+" href="http://java.sun.com/products/autodl/j2se" />
            <jar href="ScannerApplet.jar" main="false" />
        </resources>
        <applet-desc
             name="Scanner Applet Prototype"
             main-class="uk.co.fooware.ScannerApplet"
             width="72"
             height="20">
         </applet-desc>
         <update check="background"/>
    </jnlp>How do I rewrite this so that it doesn't try to download the class files from the network?
    Many thanks,
    Richard.

    richardwild wrote:
    ..I am trying to develop an applet for use on an intranet. (The specific requirement is that the applet must operate a scanner, and upload the scanned images to the database - we want it to be an applet so that it seamlessly integrates with the rest of the web application from the user's POV).
    Therefore the applet needs to run outside of the sandbox, but I don't want to go to all the hassle of getting a certificate from Verisign and signing the applet - that doesn't seem like it should be necessary,.. Code can be digitally signed without a 'verified' certificate from Versign.
    ..since there is no problem getting access to the client PC to install the class files by hand!
    I have read on this tutorial page that applets "that are loaded from the local file system (from a directory in the user's CLASSPATH) have none of the restrictions that applets loaded over the network do," so I don't think I am barking up the wrong tree:
    http://java.sun.com/docs/books/tutorial/deployment/applet/security.html
    Huh. I had never heard of that, but since I do not have access to my end user's classpath it is not that important to me.
    BTW - I am guessing they mean the path indicated by [http://pscode.org/prop/all.html?prop=java.class.path].
    And putting classes into JRE folders seems very hackish to me.
    That is exactly what I want to do! But whenever I try to run the applet, I get a no class definition found exception. However, if I run the applet as a standalone application (using its static main method) then the JRE has no trouble locating the class file - so I know that my CLASSPATH environment variable is set ok.Huh?
    Therefore I think the problem must be in my JNLP file. Huh?!? Why not deploy the applet using a standard applet element? The only way to configure an applet using a JNLP is ..
    a) If the applet is intended to be free floating.
    b) If the applet is intended to be embedded in a plug-in2 architecture JRE. Why impose that restriction, when it seems unnecessary and unproductive?
    Note that the second option is very new, and I would not expect all the things mentioned in the document you linked, to apply equally to JNLP embedded applets. If you want this applet embedded, I suggest you drop the entire JNLP approach and use a standard applet element.

  • How to run an applet with JDBC connectivity on a web browser

    I've created an Applet in Java with SQL connectivity...i.e. it retrieves certain data from a table in SQL and puts in the TextField.....
    Now, the problem is that this Applet works in NETBEANS....but fails to work when I use a web-browser..or the "appletviewer" command....
    It says that it doesn't have permission to access local files....On Research, i've found that it is somethin' related to the concept of "Signed Applets", "Permissions" & "Security Policies" in java which doesn't allow any applet (without Certificate) to access Local Files.....
    Can Somebody please tell how to overcome this problem.....?

    I'm going to be blunt with you. You are most likely going to have to redesign your application from scratch. And if it turns out you don't have to then you should anyway because it's a bad idea and fraught with peril.
    Anyway here the major touchpoints on this discussion. You can be the judge of how these various points apply to you.
    - Applets are restricted. - Yes Applets have a number of security restrictions on what they can or cannot do. This is designed to protect users from malicious applets. By signing your applet you can request permission from the user to do certain activities that are otherwise restricted. But not all.
    - If you are using the JDBC-ODBC bridge then you need a different driver. If you sign your applet it might work in some limited scenarios but it will be hairy and is discouraged.
    - If you are using Access or another file based database (CSV Excel etc) then you are doomed. You'll have to get yourself a different database. A non file based one. It doesn't matter if you sign your applet or not. You're still doomed.
    - If you are trying to connect to a database server that is not at the same physical address as your web server you are doomed. Signing the applet will not help
    - Connecting directly to a database from an applet is extremely risky business. Starting with now anyone can steal your username and password for your database quite easily.
    What you should do in the redesign is put all the database accessing code in a Servlet. This Servlet does not have to be Java, it could be PHP, Perl, ASP, etc. It doesn't matter. Just put it on the server side. Then have your applet connect to this code via a webservice to do what is required.

  • How to load an applet with older version of JRE?

    Hi All,
    I'm writing an applet which should read the username from the user's system using System.getProperty("user.name") method. I've JRE 1.4.2 in my browser, and it's throwing a AccessControlException whenever the applet is trying to read the "user.name" system property. So, I want to load this particular applet with an older version of JRE, say JRE 1.3. I've tried various approaches like,
    <jsp:plugin type="applet" code="LoginApplet.class" archive="login.jar"
         jreversion="1.3"     iepluginurl="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,0,0">
    </jsp:plugin>
    and also tried OBJECT tag,
    <OBJECT
    classid="clsid:CAFEEFAC-0013-0000-0000-ABCDEFFEDCBA" codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,0,0"
         width="200" height="200" align="baseline" >
    <PARAM NAME="code" VALUE="LoginApplet.class">
    <PARAM NAME="archive" VALUE="login.jar">
    <PARAM NAME="type" VALUE="application/x-java-applet;version=1.3">
    <PARAM NAME="scriptable" VALUE="true">
    No Java 2 SDK, Standard Edition v 1.3 support for APPLET!!
    </OBJECT>
    I've not tried the simple APPLET tag because we can't specify a java plugin using the APPLET tag.
    In both the above methods, I'm still getting AccessControlException. In Java console, I'm seeing Java Plugin as 1.4.2.
    Can someone tell me is it possible to read the "user.name" system property from user's machine using Applets? If yes, how?
    Thanks,
    Tarun.

    Applets are prevented from doing certain things - reading data is one - to maximize security. You can either add permissions to the computer that the applet is running on, or you can sign the applet.
    See
    http://java.sun.com/docs/books/tutorial/security1.2/tour1/step2.html
    and
    http://forum.java.sun.com/thread.jspa?threadID=686184&tstart=45

  • How to close an applet ????

    I have created an applet, and have an exit button to exit/close the applet. However, System,Runtime,destroy() methods do not work and give security exceptions. How can I code the exit button so that it closes the applet?
    Is it necessary to use multithreading to close the applet?

    U have to sign your applet for do that,
    U can produce an your own certificate using keytool & jarsigner
    Sun documentaton provide a very usefull example for use that tools

  • How to sign a java class file!

    My applet program performs file i/o,loadlibrary operations.so i create a jar file which contains the all java class files of my appln and signed this jar file.My applet prgm works fine.
    But now my plm is, i should not create a jar file.how to sign class files? if anybody knows,plz help me.....

    Why can't you create jar files?

  • How do I grant applets access to local resources?

    Hi:
    I know that for a remotely loaded applet to access local resources the applet must be signed. But, creating a jarfile and signing it for every step in the development is tideous. Is it possible for a locally loaded applet to access local resources without signing the applet?
    Secondly, I found some resources mention that signing is not enough. Is this true? if so, how do I request access to a particular resource?
    Thanks, Erik

    Things work on the command line but fail as applet. I need to figure out why.
    One problem seems that calling applet methods from a java script run on the onload event fail because the applet is not yet initialized. But moving the function to a user initiated event did not solve the problem.
    I need to get access to a smart card reader and load the card, I do really simple stuff: check if the card is inserted and get the length of the ATR code.
    So, there is some missing link and I suspect it may be managing the security parameters. I know about signing but nothing else. What do I need to do to grant my applet access to local resources?
    Thanks, Erik

Maybe you are looking for