JApplet jar signing
Hi,
My requirement is to bring a set of files from the server to the client thru JApplet..
(Japplet,jdk1.3,weblogic,jre1.3) is the environment.
I know that the jar file has to signed etc.. but is there any way by which i can accomplish this
without jar signing..
If it is not possible, is there any way to test the jar signing (any trial version etc).I just want to
test it before buying the Verisign etc..
Could any one help me on this...
Thanks
Can we customize sign_webutil.bat to do this?Yes, you can. Only be careful to webutil password
Similar Messages
-
hi friends.....
i have created an java project in which an japplet file is added. i searched allover in this folder but barring japplet class file and javafile there is not any other file created after running this japplet.
actually my quary is how can i find japplet jar file and is there any need of it for running japplet in jsp??
one mere question what is the role of html converter for running japplet in jsp and how can i find it??although i have read it from google but still not able to understand.
any help is much appreciatedURL url=myApplet.class.getResource("images/icons/up.gif");was giving null URL
Works for me (jre 1.4+), see link shown below:
http://home.attbi.com/~aokabc/ABC/Index.htm
Just curious, which jre are you using?
but
myApplet.class.getClassLoader().getResource("images/icons/up.gif");
works fineSo, problem solved?
;o)
V.V. -
Applets, Policy Files, jar signing, JNI, etc
Hi,
I need an Applet to be able to connect to sockets and use some JNI. Hence, as far as I can tell, I need to use a Policy File. In a standalone application, I have written my policy file tried it out by switching on the security manager. However I am not sure how I do this with an applet.
I have read many examples of Jar signing, yet every example uses appletviewer and the -J-Djava.security.policy to show the security policy in action.
However I want this to work through a normal browser, so how do I achieve this?
Do I specify a URL to the java.security.file in the embed/object/applet tags in the HTML?
Do I put the policy file in the jar and reference it via the Manifest?
Any ideas much appreciated,
John BThe standard AccessControlException:
java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at java.lang.ClassLoader.getParent(ClassLoader.java:701)
Or something like that.
That's what I'm trying to solve, I wish to use the Java Security Policy system to allow my applet access to various resources, such as writing files. Now I've seen that signing an applet will give it full access (in my view, this is rather insecure, but anyway), however following the steps to sign an applet two or three times has still presented me with the same problem. The signing is ignored, and the exception is thrown.
Applet signing aside, I fail to see any documentation stating how the policy file is used by the VM when running on a browser. I assumed it might be an entry in the Jar's manifest file, but again, I can find no documentation.
It's all very annoying, and Sun have done quite a bad job at documenting this. For example, their example talkes about -D-Jjava.security.policy=.... being passed to appletviewer. Who on earth uses appletviewer! If policies only work with that, then they are useless. I want them to work with whatever browser the applet is being run within.
Surely this isn't too much to ask? :) -
Need some advices on jar signing
Hi, our's company project will have an app server and some desktop apps.
App server - tomcat, desktop - are just some application.jar.
The question is how server may know if the data is from our application.jar or from any thirdparties? May jar signing solve this or there is another way.
P.S. There will be no Java Web Start
Thanks in advance.1) If you can mount those disks on your database server then YES you can store the RMAN backups of those. You must NFS Mount the disks on your DB server so that RMAN can see them put the bakcups on them. Or you can directly write to the tapes.
2) No, Flash recovery area is only one parameter pointing to one mounted space and you can't spread it over multiple volumes. What is the size of your database?
Daljit Singh -
hi,
i want to use some jar file as :
http://forms.pjc.bean.over-blog.com/article-1830062.html
but need to sign and i don't know how to sign .
plz help for sign .Thanks for the response. I looked over getting JAR signing to work, but this applet is being hosted on the local machine and that process required an online URL. Knowing that my command line argument was wrong helped a lot though, I eventually loaded up the policytool program and got the syntax I needed for the policy file.
grant codeBase "file:/C:/WINDOWS/java/classes/Client_2.0/classes/Client/*" {
permission java.security.AllPermission;
}; -
Jars signed with revoked certificate
Hello,
I have a situation here where i have jars and wars which were signed using jarsigner. The certificate used to sign the jars is now revoked.
When java runtime loads these jars, it does not throw any errors/exceptions. Is it the right behavior ?
Is there any way by which I can configure java runtime to contact the CRL and to throw an error while the jar is loaded. The certificate has information
about CRL distribution point and also has authorityinfo access details. I tried configuring OCSP in java.security file. But still no luck.
Any information on this will be helpful.
Thanks in advanceHello EJP,
Thanks for replying.
Yes the certificate was valid when the jar was signed. Please note that, there was no timestamp put in the signature.
So now after the certificate has been revoked, if Java runtime tries to load that jar, isn't it the responsibility of Java runtime to make use of the CRL/OCSP information
of the public key certificate (present in the jar put by the jarsigner when signing) and validate it for revocation ? (Also, in this scenario, what happens if OCSP is enabled in java.security ?) -OR--- Is it the responsibility of the code that makes use of the jar, to verify whether the certificate used for jar signing has been revoked or not ?
PS:- I have enabled the security settings in java control panel for certificate revocation checking.
Please let me know if I am wrong or if I am missing something.
Also i noticed something with jarsigner. In a signed jar, If i delete a few files and then verify its signature using jarsigner, "jar verified" is returned as result. Isn't the jar tampered when I delete a few files from it ? and hence the Hash of its data changes ? and hence verification should fail ?
One more question, in case of signed applets, if the certificate is revoked, as soon as the browser tries loading the applet, it throws an error saying certificate that was used for signing has been revoked. (provided browser settings and java control panel settings are all properly set). Is this check initiated by the browser OR Java runtime ?
Thanks a lot -
Can anyone help me with this error:
keytool error: java.lang.Exception: Key pair not generated, alias <####> already existsCheck whether there is a file named ".keystore". If yes, delete this file and again try to sign the jar file.
Hope it helps u... -
im using JTWAIN to do an applet to scan images then save it to the web server... so i have to sign the JARS? my java commands only work in my java/bin dir so i have to copy my jars there. sign the, and copy them back. would this cause problems? what the correct way to sign them? is there some easy way to do this through netbeans? how do i know if ive done this correctly
http://java.sun.com/developer/technicalArticles/Security/Signed/
-
Hello,
I am now trying to sign my jars so that they get past WebStart security qualifications.
I already have a .spc certificate from VeriSign.
What do I do with it/how do I use it?
How do I sign my jars?
thanks in advance,
-ssOnce you have the certificate from Verisign you need to put it into a keystore using the following command:
keystore -import -alias <your alias> -file <your file from verisign>
You may also have to specify the keystore using "-keystore <keystore>" unless you're using the default.
Now that you have the cert in a keystore, you can use jarsigner to sign a jar file.
jarsigner <jar file> <your alias>
The <your alias> should be the same for both commands. The jarsigner also has an option for specifying a keystore, "-keystore <keystore>", which is only needed if you're not using the default.
Hope that helps. You should also take a look at the tools documentation for your jvm:
http://java.sun.com/j2se/1.3/docs/tooldocs/tools.html
-Rob -
Jar signing problem? (continue with HOST PJC)
<1> I've sign jar-file on Oracle9iAS server.
<2> First form (with bean from that jar-file) loading asked me for "Granting", and after it runs without problem, bean is worked prefectly.
<3> Second form loading shows me nothing, just explorer hanging.
I've check JInitiator (1.3.1.9) Control Panel, Certificates tab... there is now any records. Maybe there is problem.
(I also have(installed) Sun JSDK 1.4.1_01)
Java Console also doesn't show any errors.
Again form with bean doesn't loading at the second time.
What is the problem ?
Thank YouHave you read the paper on Signing JAR files for JInitiator 1.3 - it details some changes that you'd be advised to make to your HTML template and the HOST bean code to get around this problem..
-
Jar signing returns "jar is unsigned"
Hi all, i am been trying to sign a jar, because i nedd an applet to access and update a database.
What i've done was:
keytool -genkey -alias MYALIAS -keypass mypass -keystore MYKEYSTORE -storepass mykeystorepass
and then
jarsigner -keystore MYKEYSTORE -storepass mykeystorepass -keypass mypass -signedjar SGID.jar GID.jar MYALIAS
The result of >jarsigner -verify SGID.jar
is
jar is unsigned. (signatures missing or not parsable)
Why is this returning that the jar is unsigned? I think 've created this correctly, if you can find any error or probable cause, please tell me.
Thanks.
Edited by: nfteodoro on Nov 27, 2009 3:01 AM
Edited by: nfteodoro on Nov 27, 2009 3:03 AMI just tried again, here my result, so you can see if something is wrong or missing:
1 - C:\Sun\SDK\jdk\bin>keytool -genkey -v -keyalg dsa -alias MYALIAS -keypass mypass -keystore MYKEYSTORE -storepass mykeystorepass
What is your first and last name?
[Unknown]: MYNAME
What is the name of your organizational unit?
[Unknown]: SCCM
What is the name of your organization?
[Unknown]: MYCOMPANY
What is the name of your City or Locality?
[Unknown]: LISBON
What is the name of your State or Province?
[Unknown]: LISBON
What is the two-letter country code for this unit?
[Unknown]: LX
Is CN=NOESIS, OU=SCCM, O=NOESIS, L=LISBON, ST=LISBON, C=LX correct?
[no]: YES
Generating 1.024 bit DSA key pair and self-signed certificate (SHA1withDSA) with
a validity of 90 days
for: CN=NOESIS, OU=SCCM, O=NOESIS, L=LISBON, ST=LISBON, C=LX
[Storing MYKEYSTORE]
2 - C:\Sun\SDK\jdk\bin>jarsigner -keystore MYKEYSTORE -storepass mykeystorepass -key pass mypass GID.jar MYALIAS
Warning:
The signer certificate will expire within six months.
3 - C:\Sun\SDK\jdk\bin>jarsigner -verify GID.jar
jar is unsigned. (signatures missing or not parsable)
So, as you can see, this really is not working for me :s
I've tried different approaches, an none worked, why can't i sign a .jar file??..this is really weird, i thought creating an applet to access and manipulate a database wouldn't be so dificult..
I guess i was wrong.. -
Jar Signing // Missing Digest entries
I have a signed jar's manifest file which does not contain all of the classes ( digest entries) archived in the jar. Shouldn't this be one to one -jar classes to digest entries? Is there a reason why some classes are omitted, whereby others are included? I receive a NoClassDefFoundError when the applet loads when attempting to run a static method from a class which does not have a digest entry. The class throwing the exception is in the same jar as the applet, yet in a different package. Version: 1.6.0_15.
Edited by: rapunzel on Feb 20, 2010 4:46 AMI just tried again, here my result, so you can see if something is wrong or missing:
1 - C:\Sun\SDK\jdk\bin>keytool -genkey -v -keyalg dsa -alias MYALIAS -keypass mypass -keystore MYKEYSTORE -storepass mykeystorepass
What is your first and last name?
[Unknown]: MYNAME
What is the name of your organizational unit?
[Unknown]: SCCM
What is the name of your organization?
[Unknown]: MYCOMPANY
What is the name of your City or Locality?
[Unknown]: LISBON
What is the name of your State or Province?
[Unknown]: LISBON
What is the two-letter country code for this unit?
[Unknown]: LX
Is CN=NOESIS, OU=SCCM, O=NOESIS, L=LISBON, ST=LISBON, C=LX correct?
[no]: YES
Generating 1.024 bit DSA key pair and self-signed certificate (SHA1withDSA) with
a validity of 90 days
for: CN=NOESIS, OU=SCCM, O=NOESIS, L=LISBON, ST=LISBON, C=LX
[Storing MYKEYSTORE]
2 - C:\Sun\SDK\jdk\bin>jarsigner -keystore MYKEYSTORE -storepass mykeystorepass -key pass mypass GID.jar MYALIAS
Warning:
The signer certificate will expire within six months.
3 - C:\Sun\SDK\jdk\bin>jarsigner -verify GID.jar
jar is unsigned. (signatures missing or not parsable)
So, as you can see, this really is not working for me :s
I've tried different approaches, an none worked, why can't i sign a .jar file??..this is really weird, i thought creating an applet to access and manipulate a database wouldn't be so dificult..
I guess i was wrong.. -
Is there a document out there explains signing the webutil jar files on Unix?
SandySandra,
there steps are the same, except for that the batch file that is shipped with webutil need to be translated into a shwll script. Because the signing happens with the Java jarsigner utility, the commands are the same. You can also sign webutil.jar on Windows and tehn copy the jar files to Unix.
Frank -
Problems with JApplet, jar-Archive, packages and IE5
Hello!
I have a problem with a JApplet and Internet Explorer 5. I made a jar archive of my classes. The classes are
members of a package. The jar archive also contains images.
The structure of the archive:
com/mycomp/myapp/DemoApplication.class
com/mycomp/myapp/DemoApplet.class
<more classes>
com/mycomp/myapp/images/hp_logo.gif
com/mycomp/myapp/images/test.gif
<more images>
The archive is stored locally in a directory which contains also the html file.
I used the sdk 1.3.1 to compile the classes.
My problem: when I start the html file on NT with IE5, I get the error message below:
I try to create a label containing an icon with:
topLabel.setIcon(new javax.swing.ImageIcon(getClass().getResource("images"+fs+"hp_logo.gif")));It works on Sun with Netscape 4.67 and SDK 1.3.1 installed.
Should I move the images directory inside the jar archive to another place or is the html code not correct?
The error message:
java.lang.NullPointerException
at javax.swing.ImageIcon.<init>(Unknown Source)
at com.mycomp.myapp.DemoApplication.initComponents(DemoApplication.java:158)
at com.mycomp.myapp.DemoApplication.<init>(DemoApplication.java:55)
at com.mycomp.myapp.DemoApplet.<init>(DemoApplet.java:24)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Unknown Source)
at sun.applet.AppletPanel.createApplet(Unknown Source)
at sun.plugin.AppletViewer.createApplet(Unknown Source)
at sun.applet.AppletPanel.runLoader(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)The html file:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
<title>DemoApplet</title>
</head>
<body>
<BODY LINK="#0000ff" VLINK="#800080" BGCOLOR="#37a1a7">
<h1>DemoApplet</h1>
<!--"CONVERTED_APPLET"-->
<!-- HTML CONVERTER -->
<SCRIPT LANGUAGE="JavaScript"><!--
var _info = navigator.userAgent; var _ns = false; var _ns6 = false;
var _ie = (_info.indexOf("MSIE") > 0 && _info.indexOf("Win") > 0 && _info.indexOf("Windows 3.1") < 0);
//--></SCRIPT>
<COMMENT><SCRIPT LANGUAGE="JavaScript1.1"><!--
var _ns = (navigator.appName.indexOf("Netscape") >= 0 && ((_info.indexOf("Win") > 0 && _info.indexOf("Win16") < 0 && java.lang.System.getProperty("os.version").indexOf("3.5") < 0) || (_info.indexOf("Sun") > 0) || (_info.indexOf("Linux") > 0) || (_info.indexOf("AIX") > 0) || (_info.indexOf("OS/2") > 0)));
var _ns6 = ((_ns == true) && (_info.indexOf("Mozilla/5") >= 0));
//--></SCRIPT></COMMENT>
<SCRIPT LANGUAGE="JavaScript"><!--
if (_ie == true) document.writeln('<OBJECT classid="clsid:CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA" WIDTH = 695 HEIGHT = 525 codebase="http://java.sun.com/products/plugin/1.3.1/jinstall-131-win32.cab#Version=1,3,1,0"><NOEMBED><XMP>');
else if (_ns == true && _ns6 == false) document.writeln('<EMBED type="application/x-java-applet;jpi-version=1.3.1" CODE = com.mycomp.myapp.DemoApplet CODEBASE = "." ARCHIVE = "DemoApplet.jar,classes12.zip" WIDTH = 800 HEIGHT = 600 scriptable=false pluginspage="http://java.sun.com/products/plugin/1.3.1/plugin-install.html"><NOEMBED><XMP>');
//--></SCRIPT>
<APPLET CODE = com.mycomp.myapp.DemoApplet CODEBASE = "." ARCHIVE = "DemoApplet.jar,classes12.zip" WIDTH = 695 HEIGHT = 525></XMP>
<PARAM NAME = CODE VALUE = com.mycomp.myapp.DemoApplet >
<PARAM NAME = CODEBASE VALUE = "." >
<PARAM NAME = ARCHIVE VALUE = "DemoApplet.jar,classes12.zip" >
<PARAM NAME="type" VALUE="application/x-java-applet;jpi-version=1.3.1">
<PARAM NAME="scriptable" VALUE="false">
</APPLET>
</NOEMBED></EMBED></OBJECT>
<!--
<APPLET CODE = DemoApplet CODEBASE = "." ARCHIVE = "DemoApplet.jar,classes12.zip" WIDTH = 695 HEIGHT = 525>
</APPLET>
-->
<!--"END_CONVERTED_APPLET"-->
</body>
</html>Thank you for your help!
Gruesse,
Torstenseems like it couldn't find the image file... try to give it the absolute path to the file first to see if this is the root of the problem... and then try to find alternative ways to not give it the absolute path...
-
Why isn't jnlp.jar signed by Sun?
The jnlp.jar in the developer pack is not signed with Sun's certificate. Why is that? An omission or intentional?
If I'm delivering my app signed with my Verisign cert, I have to now deliver jnlp.jar also signed with my cert, right?
Thx,
MaxThe jnlp.jar is part of Java Web Start, so no - you don't have to sign and supply it, the JWS install takes care of it for you.
Cheers,
Gavin
Maybe you are looking for
-
Error while creating SC: Internal Error - termination type TH_RES_FREE
Hi I encountered this error while creating a SC. All attributes for this user are maintained and the "check user" transaction does not give any error. Amol Mate Error when processing your request What has happened? The URL http://punhjwsapsrm:8000/sa
-
I am helping a friend set up his new iMac. He already has an iPhone 3G which has previously been synced with the old PC. The phone contains a number of purchased applications. It is synchronised via MobileMe. We have initiated MobileMe on the new Mac
-
Since I updated Firefox I cant play anything that requires Flash player. I have the up to date player and it works perfectly with IE but Firefox keeps telling me I need another plug in and when I follow the instructions it says 'download failed try m
-
Portable Home Directories over CIFS
I'm trying to configure PHD over CIFS with samba/linux as file server. It works. But there is a issue. When it synchronizes directory with server, for every newly created folder it complains about problem with sync.But regardless of complain director
-
While on mac the screen went to line bars and now that is all that you can see. It will not shut down. Pulled battery ans left it out for 3 hours. put it back in and it is still on the line bars.