Java.policy and signed applets

guys i have signed my applet but still some clients seem to not handle my applets properly...
my applet connects to a web server to get data and display this data in my applet.
but some machines in my network cant connect to get data to the server.
can somebody pls help on what to do here?
thanks....

Apparently there are configuration differences between machines, some indications of the problems being reported are necessary for anything more than guesses.

Similar Messages

  • Java version for signed applets

    Hello,
    I was told I must use jdk 1.3 or 1.4 to sign an applet. We want to use 1.1.8 so that it is not necessary for the client to download a plug-in.
    I have 2 questions.
    1) Is it possible for me to install 1.4 on my machine locally, generate the CSR and keys, then use those to sign an applet running under and compiled using 1.1.8?
    2) If we do upgrade to 1.3 or 1.4 but still compile our applets under 1.1.8, is it possible to sign the applet in this situation?
    Thanks so much for your help!

    Or is there a way to generate a CSR using javakey
    instead of keytool since javakey is supported by
    1.1.8?I'm not sure about javakey as I have not worked with it. I once made an applet that was signed for both MSVM and the SunVM.
    I used the cabsigner from MS Java SDK to sign the cab and the jarsigner to sign the JAR. :)
    Then I specified the archive parameter to the signed jar and the <param name="cabbase" value="signedcab.cab"> in the HTML file.

  • Opera 6 and signed applets - Anyone got it to work ?

    Hi,
    im facing the problem that with the new Opera 6, the java plugin is no longer used. Instead Opera uses the default JRE installed on the machine. However, when i load a signed jar in Opera 6 there is NO certificate dialog like "do you want to trust this applet"...it just starts the applet. For this reason, do i have to manually ask for every permission ?
    Try this http://java.sun.com/security/signExample12/signedPluginEx.html demo, it will just throw an security exception, in any other browser (even Opera 5.12) a certificate dialog will appear first.
    BTW: Anyone got the same problem with the <object> tag in opera 6, it always says Applet not found when you leave the parameter codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,0,0". If you remove it, the applet can be loaded.

    Hi
    Got the same problem. I've just noticed it, so I can't offer any help yet. I am using a certificate that I created myself, using keytool and I placed the policy file in the applet directory. I use the archive tag to access the jar file.
    It works fine on IE6 and NN6. On opera - same problem yo got.
    Now I know that opera doesn't support the archive tag, but the embed tag. So I wonder if you have tried it with embed?
    Another Question: Is there anybody who has successfully installed the 1.4.1 Plugin with Netscape on a Red Hat Linux machine?

  • PircBot and signed applet?

    I created an applet that can connect to a IRC server by using PircBot . This working find when I launch the applet from Netbeans. But when I do it outside Netbeans I get this exception:
    java.security.AccessControlException: access denied (java.net.SocketPermission uk.quakenet.org resolve)
         at java.security.AccessControlContext.checkPermission(Unknown Source)
         at java.security.AccessController.checkPermission(Unknown Source)
         at java.lang.SecurityManager.checkPermission(Unknown Source)
         at java.lang.SecurityManager.checkConnect(Unknown Source)
         at java.net.InetAddress.getAllByName0(Unknown Source)
         at java.net.InetAddress.getAllByName0(Unknown Source)
         at java.net.InetAddress.getAllByName(Unknown Source)
         at java.net.InetAddress.getByName(Unknown Source)
         at java.net.InetSocketAddress.<init>(Unknown Source)
         at java.net.Socket.<init>(Unknown Source)
         at org.jibble.pircbot.PircBot.connect(PircBot.java:143)
         at org.jibble.pircbot.PircBot.connect(PircBot.java:110)
         at dk.aslani.ircchat.view.AppletChat.connect(AppletChat.java:195)
         at dk.aslani.ircchat.view.AppletChat.validateNickAndConnect(AppletChat.java:210)
         at dk.aslani.ircchat.view.AppletChat.chatFieldKeyPressed(AppletChat.java:364)
         at dk.aslani.ircchat.view.AppletChat.access$700(AppletChat.java:31)
         at dk.aslani.ircchat.view.AppletChat$8.keyPressed(AppletChat.java:165)
         at java.awt.Component.processKeyEvent(Unknown Source)
         at javax.swing.JComponent.processKeyEvent(Unknown Source)
         at java.awt.Component.processEvent(Unknown Source)
         at java.awt.Container.processEvent(Unknown Source)
         at java.awt.Component.dispatchEventImpl(Unknown Source)
         at java.awt.Container.dispatchEventImpl(Unknown Source)
         at java.awt.Component.dispatchEvent(Unknown Source)
         at java.awt.KeyboardFocusManager.redispatchEvent(Unknown Source)
         at java.awt.DefaultKeyboardFocusManager.dispatchKeyEvent(Unknown Source)
         at java.awt.DefaultKeyboardFocusManager.preDispatchKeyEvent(Unknown Source)
         at java.awt.DefaultKeyboardFocusManager.typeAheadAssertions(Unknown Source)
         at java.awt.DefaultKeyboardFocusManager.dispatchEvent(Unknown Source)
         at java.awt.Component.dispatchEventImpl(Unknown Source)
         at java.awt.Container.dispatchEventImpl(Unknown Source)
         at java.awt.Component.dispatchEvent(Unknown Source)
         at java.awt.EventQueue.dispatchEvent(Unknown Source)
         at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
         at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
         at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
         at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
         at java.awt.EventDispatchThread.run(Unknown Source)
    My applet is signed so I dont understand why I get this exception. This how I signed my applet:
    C:\Programmer\Java\jdk1.5.0_05\bin\keytool -genkey -keystore rikif.store -alias rikif.dk
    C:\Programmer\Java\jdk1.5.0_05\bin\keytool -export -keystore rikif.store -alias rikif.dk -file rikif.cer
    C:\Programmer\Java\jdk1.5.0_05\bin\jarsigner -keystore rikif.store IRCChat.jar rikif.dk
    C:\Programmer\Java\jdk1.5.0_05\bin\jarsigner -verify IRCChat.jar
    Can anyone help me with this, I dont know what to do?

    I put the applet online, maybe it will help. The link is:
    http://rikif.dk/chat2/AppletChat.html
    Before You can connect to server You haveto write Your nick into the textfield and push enter. Notice that and java.security.AccessControlException occurs in the applet console.

  • Signed Applet and no permission

    Hi,
    we have an applet which writes a file on the local disc. Therefore this applet is signed with a valid verisign certificate. Everything works perfect, as long we use the vm 1.4.2_08. Now we changed the vm to 1.4.2_10 and writing a file is no more possible.
    I never used a policy file, because we have a proper signed applet. I found many articles, which all say that if you have a signed applet a modification of security files is not neccessary.
    If I modify the java.policy and add these lines:
    permission java.awt.AWTPermission "readDisplayPixels";
    permission java.awt.AWTPermission "createRobot";
    permission java.io.FilePermission "${user.home}/screenshot.jpg", "read,write,delete";
    everything works ok. But our applet runs on more than 40.000 clients. I am not willing to modify all clients. There must be another solution.
    Any hint is appreciated.
    I have checked some more vm. The problem occurs also with the vm 1.4.2_04.
    thx thorsti
    Message was edited by:
    thorsti16

    Try to use doPrivileged or do the "privileged" action in a thread started
    in run.
    Is the jre asking the user the "do you trust question"? If not someone might
    have switched off trusting signed applets in the java.policy (like a profesional
    company where backoffice has a say in what to trust, not the user).
    Signing applets:
    http://forum.java.sun.com/thread.jsp?forum=63&thread=524815
    second post and reply 18 for the java class file using doprivileged
    A Full trace might help us out:
    http://forum.java.sun.com/thread.jspa?threadID=656028

  • Signed applet works on pc  but can't print on mac! security issue!

    Hello
    I have an applet which works beautifully on the pc under ie, firefox, chrome and safari. Essentially - it uses the batik libraries to download an svg file and then print it.
    Problem is that firstly - no matter which operating system or browser the applet ALWAYS asks me if i want to give it access to the printer. The checkbox that says don't ask this again does not work except while the same applet is loaded. Subsequent loads make it reappear. So that one annoys me.
    But the big issue is that under the Mac OSX my applet will not print. It claims a SocketPermission issue for the localhost port 631 connect,resolve. Of course, before you ask, yes, the jar is signed , and yes i was asked on the mac if i trust this user. It is a self signed certificate by the way.
    I have no idea why the mac is not allowing my trusted app access to the printer when the other operating systems do. Is it perhaps that i am not somehow getting the AllPermission policy file read?
    I have no idea where to even put the java.policy.applet that eclipse generates so i also put it into my jar file. I can't find any knowledge of that file out there or where to deploy it but i keep seeing reference to java.policy. so i copied java.policy.applet and renamed it java.policy and also included that in my jar. the upshot of doing that? Nada. With or without those policy files in my jar it makes no difference.
    DocPrintJob tmpJob = tmpPrinter.createPrintJob();                    
    HashPrintRequestAttributeSet set = new HashPrintRequestAttributeSet();
    tmpJob.print(tmpDoc, set); // its this line that fails
    I am new to java development (well actually about 8 years abstained from it) and this is one of those prototypes that says we either will use java or we won't. Please help, its the final hurdle. If it doesn't work on the mac then all that effort getting it to work on the PC was wasted. I also need to understand how to stop the annoying access the printer dialog before i can go live.
    Cheers

    If it is in the wrong format it must probably still show up though, if your mac does detect it, go to disk utilities> choose the device from the left hand side > go to the "erase" tab and change format to "Mac OS extended (Journaled) then hit "erase".
    IMPRTANT! : this will erase ALL of the files on your external hard drive
    If this dosent work, make sure your external hard drive's USB port is compatibe with both USB 2.0 and 3.0 and also make sure your mac USB socket isnt damaged either.
    Hope this helped

  • Signing applets, going crazy

    hi,
    I think I've posted enough thread on signed applets and
    still haven't got the solution and i'm the strong believer
    that any sought of problem will be solved in the forums,
    and I still believe in that. Ok! I don't wan't to bore u,
    here is my problem:
    1) I've signed the applet using keytool and specify the
    signed.jar file in the archive parameter in <applet> tag,
    but each and every client have to get the .java.policy
    file to be placed on their windows home directory!!!
    Is that the rt way to do it, or is there any way to link
    the .java.policy while signing the applet.
    2)I've also tried in signing the cab files, ok fine but don't
    know how to set the permissions in the .ini file in SDK for
    java, no proper documentation and also when i got to
    use the plugin converter to use my applet since the
    browser does'nt recognise the rmi classes, so when i use
    the plugin, and also the cabbase parameter, i'm not able
    to get it, but i'm able to get one of my applet get going
    which is a normal applet tries to write a file on to the
    desktop, but it doesn't have the plugin.
    3)Is there anyway to make applet work without using the
    plugin concept. I came to know the if i specify archive
    for rmi.zip, it should work, but I cou'lnt do it, is there any
    other versions of rim.zip
    Sorry 4 a long story,
    ThanX for baring me.
    kiran,
    [email protected]

    1:From my understanding, if you sign the applets you should not have to set policy files onto the client side.
    Applets should have complete unrestricted access to the system when these are signed.
    2: Are you trying in anyways to perform callbacks through firewalls ? If you do check RMI vs Internet on this forum.
    RMI works without plugin for jdk1.1 and over
    3: I don't know , sorry.

  • Java.policy file  - Must I change it?

    I just got a certificate from Verisign with which I signed my applet. It works fine and now I want to distribute it to a group of users.
    Back when I was developing the applet with a self-signed cert, I changed the java.policy file to allow the applet to do things 'outside the sandbox'.
    I thought, perhaps mistakenly, that when I got the Verisign ceritifcate I would not need to concern myself with java.policy in any way. But now, even with the Verisign cert, my applet won't run correctly w/o the updated policy file.
    This is only important to me as I do not want to go around to 'x' number of user workstations and modify each java.policy file.
    Am I missing something??
    thanks

    You mention
    "you should be able to remove the policy file and users can just accept the certificate "
    I experience the same, remove all policy files, signed applets can then access resopurces on the local machine. However, practically all the documentation I read regarding JAVA 2 (I'm using 1.4.1_02) says you must have a policy file when using a signed applet. At least they say sign your applet and then indicate what the policy file should look like to grant specific permissions for that applet. I find no policy file will still allow a signed applet to access local files... Is this a bug in JAVA 2 1.4.1_02, or the correct behavior. thanks in advance.

  • Self signed applet problem

    Hello java gurus,
    I have a self signed applet which must read and write from mysql DB.
    The sign is OK, the popup "warning security" is here but I still have a SQL Exception :
    java.security.AccessControlException: access denied (java.util.PropertPermission file.encoding read)
    I don't want to change the java policy and I work on plugin 1.4.1_02.
    I think the problem is with the certificate cause it should give permission to applet, but it doesn't.
    Any help will be very pleasant

    From the plug-in control panel, click certificates
    then the Signer CA radio button. These are the
    certifying authorities that the client plug-in will
    accept as valid for signed code. Obviously, if any
    client would just accept self-signed code as trusted,
    it wouldn't provide much security. For a purely
    internal app, you can generate a cert and install it
    on the clients which will accept your own signing as
    trustworthy.I think I can deal with this properly if you just clear up one thing for me: when you say 'install it on the clients' do you mean use the Plug-In Control Panel to load the certificate using the "Certificates" tab? From there click the "Signed Applet" radio button and "Import" and browse for the cert file? Or does creating this HTML file and clicking on a link to the certificate do something else? I think I am generating my self-signed certificate correctly and signing my jar correctly, but my applet is failing to initialize. Any further help on this much-maligned topic? :)
    Thanks,
    B. Rintoul

  • Signed Applet running in weblogic server

    Hi ,
    Im a newbie with applet. Can anyone help me to clarify below question.
    1. I have signed applet compile with jdk 1.4.2. It its running fine with JRE 1.4 and 1.4.2. However i need to upgrade the applet so that it can support JRE 1.6. Can anyone guide me regarding this issue as the applet will close if i running in jre 1.6. I got the below exception
    java.io.FilePermission<<allFiles>> execute.
    2. As i know, If i compiled the applet again, i need to signed the ja againr. I tried once and got below exception
    ClassNotFoundException. can anyone give any idea how resolved this problem. Fyi, im using weblogic server 8.1
    Thanks.
    Regards

    Normally, a 1.4 compiled and signed applet should work just fine under 1.6. No need to recompile and resign.
    This is in theory and in my practice with my applets. Since you do have problems, please post here (copy and paste, don't paraphrase) full stack traces of the errors and relevant code where the error occurs.

  • Why my self-signed applet could not read local disk but could write?

    I used a self-signed certificate for the applet yesterday and it worked
    fine at the beginning time, that is, it could write/read file to/from
    local disk, and it could connect to other MDS servers. But later, a
    problem happens. It could write file to local disk(I tested it and created
    files to C:/ under windows) but when it try to read that file, it got a
    io acessing exception. It could connect to other servers. I am puzzled
    about this problem, and I wonder why I could write but could not
    read. Need I deal with any policy file issue here?

    hi,
    i 'am doing something which is similar to the stuff ur doing .I wanted to write into file on the local disk on which the applet is running.for this i have signed the applet .do i need to make it self signed wat is difference between the self signed and signed applet .The problem which i facing is that it still gives me the security exception even if i define the policy file for that applet............Can u help me reagrding this
    Thanks in advance
    your great help would be apprecriated
    rao_lavs

  • Java Applets and .java.policy

    Hi.
    We are developing an applet that need to access to the file systems and anothers properties, like user.home. To do this and don't modify the java.policy of the jre, we create a .java.policy file into user home. The content is:
    grant {
    permission java.util.PropertyPermission "user.name", "read";
    permission java.util.PropertyPermission "user.home", "read, write";
    permission java.util.PropertyPermission "java.library.path", "read, write";
    permission java.lang.RuntimePermission "accessClassInPackage.org.mozilla.jss.*";
    permission java.io.FilePermission "${user.home}/", "read";
    permission java.io.FilePermission "${user.home}/-", "read, write";
    With this configuration it works fine in Linux with Iceweasel, but in windows it's not work (firefox nor internet explorer)!.
    The error is:
    [SignApplet]: M�dulo iniciado.
    [SignApplet]: Cliente de firma iniciado.
    [ESignatureFormatFactory]: Buscando formato 'CMS'... encontrado!
    [SignManager]: Firmando digitalmente...
    java.lang.NullPointerException
         at java.util.Properties$LineReader.readLine(Unknown Source)
         at java.util.Properties.load(Unknown Source)
         at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.<init>(MimeTypeHelper.java:23)
         at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.getInstance(MimeTypeHelper.java:32)
         at com.telventi.afirma.cliente.actions.ACommonAction.<clinit>(ACommonAction.java:59)
         at com.telventi.afirma.cliente.signatureformat.signaturemanager.ASignManager.warn(ASignManager.java:405)
         at com.telventi.afirma.cliente.signatureformat.signaturemanager.SignManagerMSIEWin32.signDigitally(SignManagerMSIEWin32.java:63)
         at com.telventi.afirma.cliente.signatureformat.CMSSignatureFormat.createSignedInfo(CMSSignatureFormat.java:1562)
         at com.telventi.afirma.cliente.signatureformat.CMSSignatureFormat.signExplicitHash(CMSSignatureFormat.java:265)
         at com.telventi.afirma.cliente.signatureformat.signaturemanager.ASignManager.signHashElectronically(ASignManager.java:139)
         at com.tsol.afirma5.util.impl.AppletServiceImpl.generarFirma(AppletServiceImpl.java:60)
         at com.tsol.validacionCertificado.applet.TSolApplet.obtenerFirmaGenerada(TSolApplet.java:105)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
         at java.lang.reflect.Method.invoke(Unknown Source)
         at sun.plugin.javascript.invoke.JSInvoke.invoke(Unknown Source)
         at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
         at java.lang.reflect.Method.invoke(Unknown Source)
         at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
         at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
         at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
         at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
         at java.security.AccessController.doPrivileged(Native Method)
         at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
    java.lang.ExceptionInInitializerError
         at com.telventi.afirma.cliente.signatureformat.signaturemanager.ASignManager.warn(ASignManager.java:405)
         at com.telventi.afirma.cliente.signatureformat.signaturemanager.SignManagerMSIEWin32.signDigitally(SignManagerMSIEWin32.java:63)
         at com.telventi.afirma.cliente.signatureformat.CMSSignatureFormat.createSignedInfo(CMSSignatureFormat.java:1562)
         at com.telventi.afirma.cliente.signatureformat.CMSSignatureFormat.signExplicitHash(CMSSignatureFormat.java:265)
         at com.telventi.afirma.cliente.signatureformat.signaturemanager.ASignManager.signHashElectronically(ASignManager.java:139)
         at com.tsol.afirma5.util.impl.AppletServiceImpl.generarFirma(AppletServiceImpl.java:60)
         at com.tsol.validacionCertificado.applet.TSolApplet.obtenerFirmaGenerada(TSolApplet.java:105)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
         at java.lang.reflect.Method.invoke(Unknown Source)
         at sun.plugin.javascript.invoke.JSInvoke.invoke(Unknown Source)
         at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
         at java.lang.reflect.Method.invoke(Unknown Source)
         at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
         at sun.plugin.com.MethodDispatcher.invoke(Unknown Source)
         at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
         at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
         at java.security.AccessController.doPrivileged(Native Method)
         at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
    Caused by: com.telventi.afirma.cliente.exceptions.ClienteFirmaRuntimeException: Error al mapear el archivo de tipos.
         at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.<init>(MimeTypeHelper.java:26)
         at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.getInstance(MimeTypeHelper.java:32)
         at com.telventi.afirma.cliente.actions.ACommonAction.<clinit>(ACommonAction.java:59)
         ... 21 more
    Caused by: java.lang.NullPointerException
         at java.util.Properties$LineReader.readLine(Unknown Source)
         at java.util.Properties.load(Unknown Source)
         at com.telventi.afirma.cliente.utilidades.MimeTypeHelper.<init>(MimeTypeHelper.java:23)
         ... 23 more
    java.lang.Exception: java.lang.ExceptionInInitializerError
         at sun.plugin.com.DispatchImpl.invokeImpl(Unknown Source)
         at sun.plugin.com.DispatchImpl$1.run(Unknown Source)
         at java.security.AccessController.doPrivileged(Native Method)
         at sun.plugin.com.DispatchImpl.invoke(Unknown Source)
    [SignApplet]: Invocando isInitialized.
    Code where it fail is:
    TYPES.load((com.telventi.afirma.cliente.utilidades.MimeTypeHelper.class).getResourceAsStream("mimetypes.properties"));
    TYPES is Properties object.
    When we modify the .java.policy file with permission java.security.AllPermission it work fine too, and this make to us think that this is a permission problem!.
    Somebody has an idea???
    Sorry for my english!

    Having to modify the policy file defeats the whole point of using applets in the first place. If you have to install anything (such as a new policy file) on the client machine, you may as well install a GUI program.
    Either get yourself a digital certificate and sign the applet, or use an independent program instead.

  • JRE 1.4.x Plugin - Signed Applets and Weird Behaviour (Policy)

    Hello.
    I have recently experienced some strange behaviour related to signed applets and policy files in JRE 1.4.2-b28 ( a friend got the same behaviour in a flavour of 1.4.1-xx as well ). Both tests were on Windows 2000 Professional platforms.
    Initially my unsigned applet, which attempts socket connections to a server different from the download location, fails with security exceptions ( as expected ). Then I did the following to sign the applet jar and configure my environment
    Steps: 1) Import "trusted CA" certificate into ${java.home}/lib/security/cacerts. (JRE home outside the JDK)
    2) Signed the jar using jarsigner and a certificate generated from the "trusted CA" (Entrust CA and certificate).
    3) Imported the signing certificate into the Java plugin using import in the plugin control panel.
    4) Created a new keystore (keytool,jks) and imported the signing certificate into the keystore with alias "developer". The keystore is stored in the user home as .keystore.
    5) Created a .java.policy for the user and attaching the keystore in 4) to it. ( also stored in user home ).
    6) Used the policy tool to grant socketpermissions to the specific codebase ( testing with file:/C:/test/* initially ) signed by "developer"
    After this, when I ran the test page under IE 5.5SP2 and Netscape 7.1 it worked without any security exception. Ditto for using the appletviewer and the policy file I created for the user.
    The weird part occurred when I removed the policy entry from the user policy file. After doing this, Netscape and IE still allow the applet to execute - somehow remembering that it was granted permissions at some point. The appletviewer does not allow it to execute, generating security exceptions.
    It appears the old policy is being cached somewhere, but I cannot find where. If I replace the applet jar with an unsigned version it does fail in IE and Netscape. I tried cleaning the plugin cache and removing the "deployment.certs" files related to the users but still get the same behaviour.
    Does anyone know where the old policy information is being stored ? Does anyone know how to revoke the permissions so that I am restored to my original base environment ( no permissions for "designer" signed applets ) ? Would attempting to utilize the AccessController.doPriveleged( xxxx ) operations in JDK 1.4 avoid all of this confusion with policy files, keystores and certificate storage ? After all the messing about I would like a zero-footprint alternative ( or minimzed footprint anyway ).
    Any ideas would be most welcome.
    Regards,
    James.

    Hello Again.
    I am either enlightened or confused at this point. I found that as long as all of my related Jars are signed ( even by self-signed certificates ) I am granted SocketPermissions for calls outside of the originating server. Unsigned code is refused, but even when the Jars were signed using a self-signed certificate the Socket calls were allowed.
    Am I experiencing the appropriate behaviour in this case ( which would mean not having to utilize policy files to distribute an applet that uses calls to arbitrary servers - e.g. JavaMail ) or am I suffering from something damaged in my environment ?
    It has been a long time since I played with signed applets and I am having difficulty determining what operations require policy file entries/AccessController.doPrivileged() calls and which are granted when a user elects to trust a signed applet without policy.
    Any assistance in clearing up my confusion would be appreciated.
    Regards,
    James.

  • Please HELP !!! Signed Applet & Java Media Framework(JMF)

    Hi,
    I have written a self signed applet that is used for Recording voice running in browser:
    The tag that I've given is as follows:
    <OBJECT
    classid = "clsid:CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA"
    id="recordApplet"
    codebase = "http://java.sun.com/products/plugin/autodl/jinstall-1_4_1-windows-i586.cab#Version=1,4,1,0"
    WIDTH = 268 HEIGHT = 27>
    <PARAM NAME = CODE VALUE = "RecWindow">
    <PARAM NAME = ARCHIVE VALUE = "jmf.jar,sound.jar,SignedRecWindow.jar">
    <PARAM NAME = "soundtrack" VALUE="testFile.mp3">
    <PARAM NAME = "type" VALUE = "application/x-java-applet;jpi-version=1.4.1">
    <PARAM NAME = "scriptable" VALUE = "true">
    <PARAM NAME = "MAYSCRIPT" VALUE = "true">
    </OBJECT>
    I've also signed jmf.jar as well as sound.jar that come in JMF 2.1 and am including it the archive. These jars are downloaded on client machine.
    My code works perfectly BUT only when JMF 2.1 is installed on the clients machine else I get a RunTime Exception stating "no permission to capture from applet".
    JMF FAQ states that If a user chooses to allow playing back locally stored media files or saving media files locally, he/she can do so by making use of a policy file. http://java.sun.com/products/java-media/jmf/2.1.1/faq-jmf.html#jmf2-applet-run
    My requirement is that once the user has agreed to the signed applet to run then there should be no need to install JMF rather use the jmf.jar that is downloaded on client machine.
    Also how can I grant the permission (permission javax.sound.sampled.AudioPermission "record";) to my applet in client computers ?
    The client should not be asked to add any files (policy) by itself, all must be transparent for him.
    Thanks in advance.
    Vipin.

    I too have been trying to get Java JMF sound recording to work via webstart. No luck so far.
    I even tried playing (security.AllPermissions) with .java.policy file in the user's home directory and even modifying java.policy in the JRE/lib/security directory. No luck there too!
    I also added security.AllPermissions to the javaws.policy in the JRE/jawas/javaws.policy file. Still no luck!
    Any idea, anyone?

  • File Access with unsigned Applet through editing the java.policy file

    I'am starting to lose my hair on this...
    I am trying to get an applet to run so that it can access the file system to move files on my local maschin. Because this applet is only running on my VM i can change the java.policy to avoid the signing of the applet.
    first of all, if i wrote in the java.policy file
    grant {
      permission java.security.AllPermission; 
    };everything is working perfekt.
    But I have not the intention to open the gates for any applet out there, so i want to limit the access to my applet. With every of the following versions I get at best an
    java.security.AccessControlException: access denied (java.io.FilePermission...
    My Setup
    My Java Version: jre1.6.0_02
    My applet is located unter the url
    http://admin.mydomain.com/applet.jar
    In Html i tryed the following different versions of loading the applet - none worked
    <applet codebase="http://admin.mydomain.com/" name="shortcut" code="start.class" archive="applet.jar" width="0" height="0"></applet>
    <applet codebase="http://admin.mydomain.com" name="shortcut" code="start.class" archive="applet.jar" width="0" height="0"></applet>
    <applet name="shortcut" code="start.class" archive="http://admin.mydomain.com/applet.jar" width="0" height="0"></applet>in java.policy i tryed following versions with every html applet load version
    grant codeBase "http://admin.x-press.de/-" {
      permission java.security.AllPermission; 
    grant codeBase "http://admin.x-press.de/+" {
      permission java.security.AllPermission; 
    grant codeBase "http://admin.x-press.de/applet.jar" {
      permission java.security.AllPermission; 
    };why is it with
    grant {
      permission java.security.AllPermission; 
    };working, and not with the other versions?
    i am almost bold now, please try to save my last hair from falling down.
    any suggestion would be nice
    thanks, feyyaz
    Message was edited by:
    feyyazdogu

    I read the mentioned documentation and your right, some of my versions were wrong, but after reading the doumentation again i came to following result which should had worked but didn't.
    java.policy
    grant codeBase "http://admin.mydomain.com/*" {
      permission java.security.AllPermission;
    HTML File
    <applet codebase="http://admin.mydomain.com/" name="shortcut" code="start.class" archive="applet.jar" height="0" width="0"></applet>if I am entering http://admin.mydomain.com/applet.jar i can download the jar, so the archive lays in the correct directory.
    what i am doing wrong? do i have to change an additional file somewhere else?

Maybe you are looking for

  • [GNOME] Can't add action to nautilus-actions

    Hi, I recently installed nautilus-actions, the problem is when I launch nautilus actions config via System -> Preferences I can't add new actions. Nothing about nautilus-actions in the right-click neither. Here is the screenshot: Thanks for your help

  • Iphoto crashes when opening.

    Whenever I try to open iphoto on my macbook pro it starts the process but eventually crashes. I have tried many times to open it but it just crashes. Whjat can I do???? would re-installing iphoto help?? Any Thoughs?

  • Hi........What is business content..

    Hi all, what is business content ? when this comes into picture in real time.... Thanks & Regards, Bhaskar Rao Javvaji

  • Need to run .ipa in Win 7 [ 32/64 ] environment..

    Hi .. Is there any software or emulator based on Win PC, where I can run .ipa application which are meant for iPhone ..

  • MCE Files

    Hi My Z10 battery was not charging properly i.e. not 100% as it was stuck at 85% so I sent it to the local BB Expert Center in Malaysia.  The tech took the phone and will require about 1 or 2 weeks to resolve this. In the mean time, they gave me a lo