JApplet jar signing

Similar Messages

• Japplet jar file

  hi friends.....
  i have created an java project in which an japplet file is added. i searched allover in this folder but barring japplet class file and javafile there is not any other file created after running this japplet.
  actually my quary is how can i find japplet jar file and is there any need of it for running japplet in jsp??
  one mere question what is the role of html converter for running japplet in jsp and how can i find it??although i have read it from google but still not able to understand.
  any help is much appreciated

  URL url=myApplet.class.getResource("images/icons/up.gif");was giving null URL
  Works for me (jre 1.4+), see link shown below:
  http://home.attbi.com/~aokabc/ABC/Index.htm
  Just curious, which jre are you using?
  but
  myApplet.class.getClassLoader().getResource("images/icons/up.gif");
  works fineSo, problem solved?
  ;o)
  V.V.

• Applets, Policy Files, jar signing, JNI, etc

  Hi,
  I need an Applet to be able to connect to sockets and use some JNI. Hence, as far as I can tell, I need to use a Policy File. In a standalone application, I have written my policy file tried it out by switching on the security manager. However I am not sure how I do this with an applet.
  I have read many examples of Jar signing, yet every example uses appletviewer and the -J-Djava.security.policy to show the security policy in action.
  However I want this to work through a normal browser, so how do I achieve this?
  Do I specify a URL to the java.security.file in the embed/object/applet tags in the HTML?
  Do I put the policy file in the jar and reference it via the Manifest?
  Any ideas much appreciated,
  John B

  The standard AccessControlException:
  java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
  at java.security.AccessController.checkPermission(AccessController.java:401)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
  at java.lang.ClassLoader.getParent(ClassLoader.java:701)
  Or something like that.
  That's what I'm trying to solve, I wish to use the Java Security Policy system to allow my applet access to various resources, such as writing files. Now I've seen that signing an applet will give it full access (in my view, this is rather insecure, but anyway), however following the steps to sign an applet two or three times has still presented me with the same problem. The signing is ignored, and the exception is thrown.
  Applet signing aside, I fail to see any documentation stating how the policy file is used by the VM when running on a browser. I assumed it might be an entry in the Jar's manifest file, but again, I can find no documentation.
  It's all very annoying, and Sun have done quite a bad job at documenting this. For example, their example talkes about -D-Jjava.security.policy=.... being passed to appletviewer. Who on earth uses appletviewer! If policies only work with that, then they are useless. I want them to work with whatever browser the applet is being run within.
  Surely this isn't too much to ask? :)

• Need some advices on jar signing

  Hi, our's company project will have an app server and some desktop apps.
  App server - tomcat, desktop - are just some application.jar.
  The question is how server may know if the data is from our application.jar or from any thirdparties? May jar signing solve this or there is another way.
  P.S. There will be no Java Web Start
  Thanks in advance.

  1) If you can mount those disks on your database server then YES you can store the RMAN backups of those. You must NFS Mount the disks on your DB server so that RMAN can see them put the bakcups on them. Or you can directly write to the tapes.
  2) No, Flash recovery area is only one parameter pointing to one mounted space and you can't spread it over multiple volumes. What is the size of your database?
  Daljit Singh

• PJC jar sign

  hi,
  i want to use some jar file as :
  http://forms.pjc.bean.over-blog.com/article-1830062.html
  but need to sign and i don't know how to sign .
  plz help for sign .

  Thanks for the response. I looked over getting JAR signing to work, but this applet is being hosted on the local machine and that process required an online URL. Knowing that my command line argument was wrong helped a lot though, I eventually loaded up the policytool program and got the syntax I needed for the policy file.
  grant codeBase "file:/C:/WINDOWS/java/classes/Client_2.0/classes/Client/*" {
  permission java.security.AllPermission;
  };

• Jars signed with revoked certificate

  Hello,
  I have a situation here where i have jars and wars which were signed using jarsigner. The certificate used to sign the jars is now revoked.
  When java runtime loads these jars, it does not throw any errors/exceptions. Is it the right behavior ?
  Is there any way by which I can configure java runtime to contact the CRL and to throw an error while the jar is loaded. The certificate has information
  about CRL distribution point and also has authorityinfo access details. I tried configuring OCSP in java.security file. But still no luck.
  Any information on this will be helpful.
  Thanks in advance

  Hello EJP,
  Thanks for replying.
  Yes the certificate was valid when the jar was signed. Please note that, there was no timestamp put in the signature.
  So now after the certificate has been revoked, if Java runtime tries to load that jar, isn't it the responsibility of Java runtime to make use of the CRL/OCSP information
  of the public key certificate (present in the jar put by the jarsigner when signing) and validate it for revocation ? (Also, in this scenario, what happens if OCSP is enabled in java.security ?) -OR--- Is it the responsibility of the code that makes use of the jar, to verify whether the certificate used for jar signing has been revoked or not ?
  PS:- I have enabled the security settings in java control panel for certificate revocation checking.
  Please let me know if I am wrong or if I am missing something.
  Also i noticed something with jarsigner. In a signed jar, If i delete a few files and then verify its signature using jarsigner, "jar verified" is returned as result. Isn't the jar tampered when I delete a few files from it ? and hence the Hash of its data changes ? and hence verification should fail ?
  One more question, in case of signed applets, if the certificate is revoked, as soon as the browser tries loading the applet, it throws an error saying certificate that was used for signing has been revoked. (provided browser settings and java control panel settings are all properly set). Is this check initiated by the browser OR Java runtime ?
  Thanks a lot

• WebUtil Jar signing error

  Can anyone help me with this error:
  keytool error: java.lang.Exception: Key pair not generated, alias <####> already exists

  Check whether there is a file named ".keystore". If yes, delete this file and again try to sign the jar file.
  Hope it helps u...

• JAR signing

  im using JTWAIN to do an applet to scan images then save it to the web server... so i have to sign the JARS? my java commands only work in my java/bin dir so i have to copy my jars there. sign the, and copy them back. would this cause problems? what the correct way to sign them? is there some easy way to do this through netbeans? how do i know if ive done this correctly

  http://java.sun.com/developer/technicalArticles/Security/Signed/

• Jar signing 101

  Hello,
  I am now trying to sign my jars so that they get past WebStart security qualifications.
  I already have a .spc certificate from VeriSign.
  What do I do with it/how do I use it?
  How do I sign my jars?
  thanks in advance,
  -ss

  Once you have the certificate from Verisign you need to put it into a keystore using the following command:
  keystore -import -alias <your alias> -file <your file from verisign>
  You may also have to specify the keystore using "-keystore <keystore>" unless you're using the default.
  Now that you have the cert in a keystore, you can use jarsigner to sign a jar file.
  jarsigner <jar file> <your alias>
  The <your alias> should be the same for both commands. The jarsigner also has an option for specifying a keystore, "-keystore <keystore>", which is only needed if you're not using the default.
  Hope that helps. You should also take a look at the tools documentation for your jvm:
  http://java.sun.com/j2se/1.3/docs/tooldocs/tools.html
  -Rob

• Jar signing problem? (continue with HOST PJC)

  <1> I've sign jar-file on Oracle9iAS server.
  <2> First form (with bean from that jar-file) loading asked me for "Granting", and after it runs without problem, bean is worked prefectly.
  <3> Second form loading shows me nothing, just explorer hanging.
  I've check JInitiator (1.3.1.9) Control Panel, Certificates tab... there is now any records. Maybe there is problem.
  (I also have(installed) Sun JSDK 1.4.1_01)
  Java Console also doesn't show any errors.
  Again form with bean doesn't loading at the second time.
  What is the problem ?
  Thank You

  Have you read the paper on Signing JAR files for JInitiator 1.3 - it details some changes that you'd be advised to make to your HTML template and the HOST bean code to get around this problem..

• Jar signing returns "jar is unsigned"

  Hi all, i am been trying to sign a jar, because i nedd an applet to access and update a database.
  What i've done was:
  keytool -genkey -alias MYALIAS -keypass mypass -keystore MYKEYSTORE -storepass mykeystorepass
  and then
  jarsigner -keystore MYKEYSTORE -storepass mykeystorepass -keypass mypass -signedjar SGID.jar GID.jar MYALIAS
  The result of >jarsigner -verify SGID.jar
  is
  jar is unsigned. (signatures missing or not parsable)
  Why is this returning that the jar is unsigned? I think 've created this correctly, if you can find any error or probable cause, please tell me.
  Thanks.
  Edited by: nfteodoro on Nov 27, 2009 3:01 AM
  Edited by: nfteodoro on Nov 27, 2009 3:03 AM

  I just tried again, here my result, so you can see if something is wrong or missing:
  1 - C:\Sun\SDK\jdk\bin>keytool -genkey -v -keyalg dsa -alias MYALIAS -keypass mypass -keystore MYKEYSTORE -storepass mykeystorepass
  What is your first and last name?
  [Unknown]: MYNAME
  What is the name of your organizational unit?
  [Unknown]: SCCM
  What is the name of your organization?
  [Unknown]: MYCOMPANY
  What is the name of your City or Locality?
  [Unknown]: LISBON
  What is the name of your State or Province?
  [Unknown]: LISBON
  What is the two-letter country code for this unit?
  [Unknown]: LX
  Is CN=NOESIS, OU=SCCM, O=NOESIS, L=LISBON, ST=LISBON, C=LX correct?
  [no]: YES
  Generating 1.024 bit DSA key pair and self-signed certificate (SHA1withDSA) with
  a validity of 90 days
  for: CN=NOESIS, OU=SCCM, O=NOESIS, L=LISBON, ST=LISBON, C=LX
  [Storing MYKEYSTORE]
  2 - C:\Sun\SDK\jdk\bin>jarsigner -keystore MYKEYSTORE -storepass mykeystorepass -key pass mypass GID.jar MYALIAS
  Warning:
  The signer certificate will expire within six months.
  3 - C:\Sun\SDK\jdk\bin>jarsigner -verify GID.jar
  jar is unsigned. (signatures missing or not parsable)
  So, as you can see, this really is not working for me :s
  I've tried different approaches, an none worked, why can't i sign a .jar file??..this is really weird, i thought creating an applet to access and manipulate a database wouldn't be so dificult..
  I guess i was wrong..

• Jar Signing // Missing Digest entries

  I have a signed jar's manifest file which does not contain all of the classes ( digest entries) archived in the jar. Shouldn't this be one to one -jar classes to digest entries? Is there a reason why some classes are omitted, whereby others are included? I receive a NoClassDefFoundError when the applet loads when attempting to run a static method from a class which does not have a digest entry. The class throwing the exception is in the same jar as the applet, yet in a different package. Version: 1.6.0_15.
  Edited by: rapunzel on Feb 20, 2010 4:46 AM

  I just tried again, here my result, so you can see if something is wrong or missing:
  1 - C:\Sun\SDK\jdk\bin>keytool -genkey -v -keyalg dsa -alias MYALIAS -keypass mypass -keystore MYKEYSTORE -storepass mykeystorepass
  What is your first and last name?
  [Unknown]: MYNAME
  What is the name of your organizational unit?
  [Unknown]: SCCM
  What is the name of your organization?
  [Unknown]: MYCOMPANY
  What is the name of your City or Locality?
  [Unknown]: LISBON
  What is the name of your State or Province?
  [Unknown]: LISBON
  What is the two-letter country code for this unit?
  [Unknown]: LX
  Is CN=NOESIS, OU=SCCM, O=NOESIS, L=LISBON, ST=LISBON, C=LX correct?
  [no]: YES
  Generating 1.024 bit DSA key pair and self-signed certificate (SHA1withDSA) with
  a validity of 90 days
  for: CN=NOESIS, OU=SCCM, O=NOESIS, L=LISBON, ST=LISBON, C=LX
  [Storing MYKEYSTORE]
  2 - C:\Sun\SDK\jdk\bin>jarsigner -keystore MYKEYSTORE -storepass mykeystorepass -key pass mypass GID.jar MYALIAS
  Warning:
  The signer certificate will expire within six months.
  3 - C:\Sun\SDK\jdk\bin>jarsigner -verify GID.jar
  jar is unsigned. (signatures missing or not parsable)
  So, as you can see, this really is not working for me :s
  I've tried different approaches, an none worked, why can't i sign a .jar file??..this is really weird, i thought creating an applet to access and manipulate a database wouldn't be so dificult..
  I guess i was wrong..

• WebUtil Solaris jar signing

  Is there a document out there explains signing the webutil jar files on Unix?
  Sandy

  Sandra,
  there steps are the same, except for that the batch file that is shipped with webutil need to be translated into a shwll script. Because the signing happens with the Java jarsigner utility, the commands are the same. You can also sign webutil.jar on Windows and tehn copy the jar files to Unix.
  Frank

• Problems with JApplet, jar-Archive, packages and IE5

  Hello!
  I have a problem with a JApplet and Internet Explorer 5. I made a jar archive of my classes. The classes are
  members of a package. The jar archive also contains images.
  The structure of the archive:
  com/mycomp/myapp/DemoApplication.class
  com/mycomp/myapp/DemoApplet.class
  <more classes>
  com/mycomp/myapp/images/hp_logo.gif
  com/mycomp/myapp/images/test.gif
  <more images>
  The archive is stored locally in a directory which contains also the html file.
  I used the sdk 1.3.1 to compile the classes.
  My problem: when I start the html file on NT with IE5, I get the error message below:
  I try to create a label containing an icon with:
  topLabel.setIcon(new javax.swing.ImageIcon(getClass().getResource("images"+fs+"hp_logo.gif")));It works on Sun with Netscape 4.67 and SDK 1.3.1 installed.
  Should I move the images directory inside the jar archive to another place or is the html code not correct?
  The error message:
  java.lang.NullPointerException
       at javax.swing.ImageIcon.<init>(Unknown Source)
       at com.mycomp.myapp.DemoApplication.initComponents(DemoApplication.java:158)
       at com.mycomp.myapp.DemoApplication.<init>(DemoApplication.java:55)
       at com.mycomp.myapp.DemoApplet.<init>(DemoApplet.java:24)
       at java.lang.Class.newInstance0(Native Method)
       at java.lang.Class.newInstance(Unknown Source)
       at sun.applet.AppletPanel.createApplet(Unknown Source)
       at sun.plugin.AppletViewer.createApplet(Unknown Source)
       at sun.applet.AppletPanel.runLoader(Unknown Source)
       at sun.applet.AppletPanel.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)The html file:
  <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
  <html>
    <head>
      <title>DemoApplet</title>
    </head>
    <body>
  <BODY LINK="#0000ff" VLINK="#800080" BGCOLOR="#37a1a7">
        <h1>DemoApplet</h1>
        <!--"CONVERTED_APPLET"-->
  <!-- HTML CONVERTER -->
  <SCRIPT LANGUAGE="JavaScript"><!--
      var _info = navigator.userAgent; var _ns = false; var _ns6 = false;
      var _ie = (_info.indexOf("MSIE") > 0 && _info.indexOf("Win") > 0 && _info.indexOf("Windows 3.1") < 0);
  //--></SCRIPT>
  <COMMENT><SCRIPT LANGUAGE="JavaScript1.1"><!--
      var _ns = (navigator.appName.indexOf("Netscape") >= 0 && ((_info.indexOf("Win") > 0 && _info.indexOf("Win16") < 0 && java.lang.System.getProperty("os.version").indexOf("3.5") < 0) || (_info.indexOf("Sun") > 0) || (_info.indexOf("Linux") > 0) || (_info.indexOf("AIX") > 0) || (_info.indexOf("OS/2") > 0)));
      var _ns6 = ((_ns == true) && (_info.indexOf("Mozilla/5") >= 0));
  //--></SCRIPT></COMMENT>
  <SCRIPT LANGUAGE="JavaScript"><!--
      if (_ie == true) document.writeln('<OBJECT classid="clsid:CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA" WIDTH = 695 HEIGHT = 525  codebase="http://java.sun.com/products/plugin/1.3.1/jinstall-131-win32.cab#Version=1,3,1,0"><NOEMBED><XMP>');
      else if (_ns == true && _ns6 == false) document.writeln('<EMBED type="application/x-java-applet;jpi-version=1.3.1"  CODE = com.mycomp.myapp.DemoApplet CODEBASE = "." ARCHIVE = "DemoApplet.jar,classes12.zip" WIDTH = 800 HEIGHT = 600  scriptable=false pluginspage="http://java.sun.com/products/plugin/1.3.1/plugin-install.html"><NOEMBED><XMP>');
  //--></SCRIPT>
  <APPLET  CODE = com.mycomp.myapp.DemoApplet CODEBASE = "." ARCHIVE = "DemoApplet.jar,classes12.zip" WIDTH = 695 HEIGHT = 525></XMP>
  <PARAM NAME = CODE VALUE = com.mycomp.myapp.DemoApplet >
  <PARAM NAME = CODEBASE VALUE = "." >
  <PARAM NAME = ARCHIVE VALUE = "DemoApplet.jar,classes12.zip" >
  <PARAM NAME="type" VALUE="application/x-java-applet;jpi-version=1.3.1">
  <PARAM NAME="scriptable" VALUE="false">
  </APPLET>
  </NOEMBED></EMBED></OBJECT>
  <!--
  <APPLET CODE = DemoApplet CODEBASE = "." ARCHIVE = "DemoApplet.jar,classes12.zip" WIDTH = 695 HEIGHT = 525>
  </APPLET>
  -->
  <!--"END_CONVERTED_APPLET"-->
    </body>
  </html>Thank you for your help!
  Gruesse,
  Torsten

  seems like it couldn't find the image file... try to give it the absolute path to the file first to see if this is the root of the problem... and then try to find alternative ways to not give it the absolute path...

• Why isn't jnlp.jar signed by Sun?

  The jnlp.jar in the developer pack is not signed with Sun's certificate. Why is that? An omission or intentional?
  If I'm delivering my app signed with my Verisign cert, I have to now deliver jnlp.jar also signed with my cert, right?
  Thx,
  Max

  The jnlp.jar is part of Java Web Start, so no - you don't have to sign and supply it, the JWS install takes care of it for you.
  Cheers,
  Gavin