Self signed applet problem

Similar Messages

• Self signed applets are not supported by plug-in

  I am using Windows 2000.I am using self signing applet which i have signed with the help of netscape signing tool with test certificate.I have put the zip file in "c:\program Files\netscape\users\default " directory
  after signing..While opening it is giving some exception
  "java.lang.SecurityException: cannot verify signature block file META-INF/ZIGBERT".
  please help me regarding this.
  ashok das
  otlsoft, bangalore.

  First you need to install your self signed sertificat into system - only then you'll be able to start applet without problem.

• What are the default permissions for "self-signed" applets?

  Hello!
  I have a self-signed applet (=signed with a self made certificate) and under most plugin-enviroments java asks the user if it accepts this certificate as trustworth.
  On my linux-box I do not have any problems to write files to the local filesystem after I accepted this self-signed applet.
  However I've often read that users must grant some permissions even for signed applets, so is there a list of permissions that are denied by default?
  Are there differences between java releases starting with 1.2.2?
  Thanks in advance, lg Clemens

  Default settings are like you said, jre asks the user and everything will work.
  Unless.your applet uses classes that are not signed like with calls from javascript to your applet the plugin.jar is used and you'll get an exception when writing to files.
  When writing to files the OS might not allowe the user to write to a certain file or folder.
  Don't know what type of exception will be thrown if the OS doesn't allowe it but it has
  nothing to do with applet permissions.
  To change the default setting you can add the following line in the grant { bit of the
  java.policy
  permission java.lang.RuntimePermission "usePolicy";
  When this line is there all signatures will be ignored and an applet can only do extra
  things (like access to local files) if a policy is set up for this applet.
  To find out what's wrong at your clients site you should ask them to send a full trace
  and check that. I hope you did a .printStacktrace() on the exception in your code so
  you can see if any other classes are involved when the exception is thrown.
  To turn the full trace on (windows) you can start the java console, to be found here:
  C:\Program Files\Java\j2re1.4...\bin\jpicpl32.exe
  In the advanced tab you can fill in something for runtime parameters fill in this:
  -Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|security|ext|liveconnect
  if you cannot start the java console check here:
  C:\Documents and Settings\userName\Application Data\Sun\Java\Deployment\deployment.properties
  I think for linux this is somewhere in youruserdir/java (hidden directory)
  add or change the following line:
  javaplugin.jre.params=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
  for 1.5:
  deployment.javapi.jre.1.5.0.args=-Djavaplugin.trace\=true -Djavaplugin.trace.option\=basic|net|security|ext|liveconnect
  The trace is here:
  C:\Documents and Settings\your user\Application Data\Sun\Java\Deployment\log\plugin...log
  I think for linux this is somewhere in youruserdir/java (hidden directory)

• Why my self-signed applet could not read local disk but could write?

  I used a self-signed certificate for the applet yesterday and it worked
  fine at the beginning time, that is, it could write/read file to/from
  local disk, and it could connect to other MDS servers. But later, a
  problem happens. It could write file to local disk(I tested it and created
  files to C:/ under windows) but when it try to read that file, it got a
  io acessing exception. It could connect to other servers. I am puzzled
  about this problem, and I wonder why I could write but could not
  read. Need I deal with any policy file issue here?

  hi,
  i 'am doing something which is similar to the stuff ur doing .I wanted to write into file on the local disk on which the applet is running.for this i have signed the applet .do i need to make it self signed wat is difference between the self signed and signed applet .The problem which i facing is that it still gives me the security exception even if i define the policy file for that applet............Can u help me reagrding this
  Thanks in advance
  your great help would be apprecriated
  rao_lavs

• Self sign applet without doing any change in policy file at client end

  Hi all,
  I developed an applet which make some webservice calls,
  I have given following permission in policy file at client end
  grant codeBase "http://nta2311:7001/-" {
  permission java.lang.RuntimePermission "createClassLoader";
  permission java.lang.RuntimePermission "getClassLoader";
  permission java.util.PropertyPermission "*", "read, write";
  permission java.net.SocketPermission "*", "connect, resolve";
  with these settings applet is working fine
  Now I want to make applet signed in order to avoid policy file modifications
  for testing I want to self sign it
  please help me

  Signing applets:
  http://forum.java.sun.com/thread.jsp?forum=63&thread=524815
  second post and reply 18 for the java class file using doprivileged
  http://forum.java.sun.com/thread.jsp?forum=63&thread=409341
  4th post explaining how to set up your own policy with your own keystore
  Still problems?
  A Full trace might help us out:
  http://forum.java.sun.com/thread.jspa?threadID=656028

• Self signed Applet - still getting Security Exception...

  Hi everyone...
  I m new to Java Mail... Nd I m developing a Applet to send mail from my Gmail account, nd I used keytool, jarsigner to Self sign the applet. Nd I wrote a Html page and when calling my applet method using javascript, I m having Security Exception... And I m using Java 1.5 (i.e., J2SE 5)
  Here is the sample of my code...
  --------- MyMail.java -----------
  import javax.mail.*;
  import javax.mail.internet.InternetAddress;
  import javax.mail.internet.MimeMessage;
  And all neccessory packages are imported....
  public class MyMail extends JApplet
       String server = "smtp.gmail.com";
       String username;
       String password;
       String fromAddres="";
       String toAddres="";
       Other Variable declaration goes here........
  Session ses;
  Transport tr;
  MimeMessage msg;
       public void init() //For testing purpose
            doLogin("username","password"); //My account details
       public void doLogin(String user,String pass)
            username = user;
            password = pass;
            boolean success;
            fromAddres = user+"@gmail.com";
            toAddres = "[email protected]";
            subject = "TEst SubJect";
            body = "This is Test Mail";
            success = doAuthentication();
            if(success)
                 setHeaders(server,username,password,fromAddres,toAddres,cc,bcc,htmlFormat,subject,body);
                 sendMail(ses);
                 doLogout();
       public void doLogout()
            //Deals with the logout from my account
       public boolean doAuthentication()
            //Deals with the authentication of my account
            // Setting properties, creating a session, getting transport object...
            //and returns true if authentication is success, false if not.
       public void setHeaders(String server, String username, String password, String fromAddress, String toAddress, String cc, String bcc, boolean htmlFormat, String subject, String body)
            //Sets the headers fields for the message (recieved through arguments)
       public void sendMail(Session ses)
            //Deals with sending mail
  class MyPasswordAuthenticator extends Authenticator
       //Deals with the authentication of my account
  ---------- MyMail.html -----------
  <html>
  <head>
  <script language=javascript>
  function sendmail()
  document.MyMail.doLogin("username","password"); //my account details
  </script>
  </head>
  <body>
  <input type=button name=but value=Send mail onclick=sendmail()>
  <applet name=MyMail code=MyMail.class
  archive=mail.jar,activation.jar,mailplus.jar width=0 height=0>
  </applet>
  </body>
  </html>
  And the applet is Self signed using the tools supplied from Java SDK...
  it got signed...
  And as the applet got loaded when i opend the MyMail.html, as i called the doLogin(..,..) in init() it is sending mail successfully...
  The problem is.... As I given the action for my button to send mail (by calling java method from java script i.e., calling doLogin() when the button clicked) I m getting Security Exception
  So...anyone plz tell me the solution....
  Thnx in advance....
  - Kanta

  http://www.google.nl/search?hl=nl&q=site%3Asun.com+javascript+signed+applet&btnG=Google+zoeken&meta=
  DoPrivileged would solve your problem but I've seen some cases where the
  threaded (link mentioned below second post) mothod is the only way it'll work.
  Signing applets:
  http://forum.java.sun.com/thread.jsp?forum=63&thread=524815
  second post and reply 18 for the java class file using doprivileged
  Still problems?
  A Full trace might help us out:
  http://forum.java.sun.com/thread.jspa?threadID=656028

• Signed Applet problems in Vista + JMF

  Hi All,
  I'm new to Java Applet programming. I wrote an application which works as a VoIP Client in a webpage (Using JMF). Its working very fine in allmost all Windows XP machines.
  But not in Windows Vista machines. In Vista i'm getting the following error :
  "No permission to capture from applet" - Since its a Signed applet. The application is digitally signed from a CA. Even though its not working in Vista (IE and Mozilla Firefox also).
  I have went through the following link which says IE in Vista will run on protected mode, so Signed Applet will not have all the permission eventhough its signed for "AllPermission".
  ----- http://java.sun.com/javase/6/webnotes/install/system-configurations.html
  And also I'm not able to create a customized jar file for JMF using JMF Customizer. (JMF Customizer is an application which creates a jar file with specified classes). While creating a jar file I'm getting particular class is not available. (In Windows XP, this class is compilled at run time).
  Please let me know the following things,
  a) Is there any security settings i have to make to run Signed Applet in Windows Vista ?
  b) What is Java Policy file? I don't have any policy file - will it affect the application ?
  c) Do I need to sign each applet (say i have 5 applets in single jar file) ?
  d) In Vista how Mozilla Firefox are running (like IE7's restricted environment or XP compatiable mode) ?
  Thanks in Advance,
  Karthikeyan R

  I have exatly the same problem but not with the class itself. I have the problem with an jar that my class calls.
  I use jdk1.4.2. I think it's basicaly the same problem as "lfpgMW".
  I'll also whould like an idea...
  thanks

• Signed Applet problems

  Hi all,
  I have a problem with one applet. I just built an applet (JDK 1.2) to download a file to the local machine; so far is OK, I got my digital certificate and I have signed the applet. Now when I test it in IE 5.x or 6.x it shows me the certificate and of course I trust, so it writes to the local hard drive, but when I try to test in Netscape 4.7 or greater; it shows me the certificate, I choose the "Trusted option" but I got the error:
  access denied (java.io.FilePermission c:\mwSave.dll write)
  I don't have any idea why if my applet is already signed and the certificate is valid I am getting this error... I am using a signed applet to do not use the policy file.... and should work, well I think that....
  Any ideas....
  Thanks in advance.

  I have exatly the same problem but not with the class itself. I have the problem with an jar that my class calls.
  I use jdk1.4.2. I think it's basicaly the same problem as "lfpgMW".
  I'll also whould like an idea...
  thanks

• Signed applet : problem signing jar files that are in build path

  Hello,
  I have a problem while trying to create an ftp applet.
  I use org.apache.commons.net.ftp and i build path for commons-net-1.1.4.jar and then i build my classes.
  When i create a jar file with my classes and after signing it, it works under eclipse but not on a web page.
  I had signed commons-net-1.1.4.jar before to build the path in eclipse but commons-net-1.1.4.jar is not in my jar file.
  What is the way to sign applet correctly even if some jar ressources are in eclipse build path.
  Thank you

  You were right!!!
  I'm not sure what to write down in the formsweb.cfg (configuration file) , following the instructions on the on-line help of Developer Forms 10g , in step 9..
  The step 9 says...
  Because in this release the JACOB code is in an external Jar file and not incorporated into frmwebutil.jar, it needs to be downloaded. To do this, change the WebUtilArchive setting to read: webUtilArchive=/forms/webutil/frmwebutil.jar,/forms/webutil/jacob.jar
  The doudt is pointed to the fact that the frmwebutil.jar isn't in the ORACLE_HOME\forms\webutil path but it is ORACLE_HOME\forms\java path.
  Also , these paths referenced in webUtilArchive are physical paths in a Unix system or they are logical paths in a url?
  Simon

• Sign applet problem

  Hi,
  I am following the 10 steps by irene to sign the applet. When I go to number 10, if I want to use self-signed certificate, then i need to import self-signed certificate into the cacerts keystore. However, I don't want my clients to do this thing as they probably don't know how to do this. All I want is my client click the "grant" button and the applet inits. So, are there any other methods to do this?

  Hi,
  I am following the 10 steps by irene to sign the
  applet. When I go to number 10, if I want to use
  self-signed certificate, then i need to import
  self-signed certificate into the cacerts keystore.
  However, I don't want my clients to do this thing as
  they probably don't know how to do this. All I want is
  my client click the "grant" button and the applet
  inits. So, are there any other methods to do this?I dont think so, it would open the flood gates for malicious programs. i can write a program that format ur harddisk, sign it and then give it to you.Cacerts contains a list of CAs trusted by the client. That means, The clients still have to approve/agree/import it.
  In your case, u can give the cacerts file to the clients and ask them to copy it to the lib\security directory.

• Self-Signed Certificate Problem

  Hi all,
  I believe this is the correct forum for this question, and I apologize if this has been asked and answered already (I looked but didn't find anything).
  I have a servlet application on a webserver. I built a test client in Java to connect to it, and all worked perfectly. Then I learned that the people I'm building this for require this to be on an SSL port. So I moved the application and now am getting the following exception:
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
  Now I've noticed that the webserver (used exclusively for testing) has a self-signed certificate, which might be causing the problem. However I'm not in a position to change that. Typically we test websites on this server, so the browser can handle the self-signed certificate, however in this case we don't have that luxury. Given that, is there a way to get around this?
  I'll include the code from my test client in the hopes that someone has some helpful tips.
  Thanks in advance,
  - Jack
  import java.io.*;
  import javax.net.ssl.HttpsURLConnection;
  import java.net.URL;
  public class fileloadTester
  public fileloadTester()
  public static void main(String[] args) throws Exception
  (new fileloadTester()).run();
  public void run()
  HttpsURLConnection conn;
  try
  URL serverURL =
  new URL("https://mytestserver.com:8443/xxx/contact");
  conn = (HttpsURLConnection) serverURL.openConnection();
  conn.setDoOutput(true);
  conn.setUseCaches(false);
  conn.setRequestMethod("POST");
  conn.setRequestProperty("Content-type", "text/xml");
  File file = new File ("test.xml");
  if (!file.exists() || !file.canRead())
  return;
  FileInputStream fis = new FileInputStream(file);
  String xmlRequestString = readInputStream(fis);
  fis.close();
  System.out.println(xmlRequestString);
  conn.setRequestProperty("Content-Length",
  Integer.toString(xmlRequestString.length()));
  OutputStream os = conn.getOutputStream();
  os.write(xmlRequestString.getBytes());
  os.close();
  catch (Exception e)
  e.printStackTrace();
  }

  Get them to export the server certificate and import it into your test client's trusstore. Don't let this truststore leak into production.

• Signed Applet - Problem reading large local files

  Hello,
  I am using a signed applet (self-signed) to read files from a clients machine (local file system). Following is the code for buffered reading (the meat):
  String thisLine, ret = "";
  try{
       BufferedReader myInput = new BufferedReader(new FileReader(fn));
       while ((thisLine = myInput.readLine()) != null) {
       ret += thisLine + "\n";
       myInput.close();
  catch (Exception e) {
       ret = "Cannot load, exception!";
  When I read a file <= 512KB, it runs fine/as expected. Now, when I read a file, say for example 1024KB in size, I expect the application to take twice as much time (than 512KB file) and read the file, but instead the applet/browser hangs. As a matter of fact I am not able to read files > 512KB.
  So, is there a limit on file size (from local file system) when reading from an applet, or is it to do with the way I am reading it?
  Any help, suggestions or comments would be highly appreciated.
  Thanks in advance.

  Here is how I read a file from my applet:
       private String getData(String u) {
            URL url = null;
            InputStream in = null;
            String ret = null;
            try {
                 // the following line wil read a file @ the same location as your class file
                 // this way your applet does not need any special privileges
                 // you could change the url to a file if so needed
                 url = new URL(this.getCodeBase(), u);
                 URLConnection conn = url.openConnection();
                 // next line is optional and just tells the http server
                 // a utf-8 response is accepted
                 // some servers will return a bad request
                 conn.setRequestProperty("Accept-Charset","utf-8");
                 // first try to find out if the server has
                 // provided us with the charset of the response
                 // since this doesn't work with the msjvp (version 1.1.2)
                 // it's commented out
                 // instead provide a charEncoding yourselve
                 String charEncoding = "UTF8";
  //               int i = conn.getHeaderFields().size()-1;
  //               while(i>-1){
  //                    System.out.print(conn.getHeaderFieldKey(i));
  //                    System.out.print("=");
  //                    System.out.println(conn.getHeaderField(i));
  //                    if(conn.getHeaderField(i).toLowerCase().indexOf("charset")!=-1){
  //                         String charsetLine = conn.getHeaderField(i).toUpperCase();
  //                         if(charsetLine.indexOf("SHIFT_JIS")!=-1){
  //                              charEncoding = "Shift_JIS";
  //                         if(charsetLine.indexOf("EUC-JP")!=-1){
  //                              charEncoding = "EUC-JP";
  //                    i--;
                 // here is the value for char encoding (as a parameter in the <object html tag)
                 if(this.getParameter("dataCharset")!=null){
                      charEncoding=this.getParameter("dataCharset");
                 // wither you have a file or an url you read from an inputstream
                 // here is how it's done
                 // read the whole file and than turn it into a string
                 in = conn.getInputStream();
                 ByteArrayOutputStream bos = new ByteArrayOutputStream();
                 int len;
                 byte[] buf = new byte[1024];
                 while ((len = in.read(buf)) > 0) {
                      bos.write(buf, 0, len);
                 in.close();
                 // you have the file as a byte array (bos.toByteArray()
                 // here is how you turn it into a string
                 ret = new String(bos.toByteArray(),charEncoding);
            } catch (Exception e) {
                 e.printStackTrace(System.out);
            return ret;
       }

• Signed applet problem: signer information does not match...

  hi all,
  i am actually making a upload component using applets that
  would need to access the local file system for uploading
  files.
  I have created a signed applet(i have followed all the steps,
  such as those of creating a jar, creating a key/value pair
  using keytool and finally signed my jar file using
  jarsigner). when i try to access this applet in a browser,
  first the security certificate displays(which is fine),but
  then when i click on "grant permission", it gives me a error
  saying java.lang.SecurityException: signer information of
  a(particular class of mine)does not match with that of other
  classes in that......(rest is not visible)
  i don't understand why this is happening...i have tried to
  repeat all the steps..but still continues to give this error.
  can anyone help plz...? i am stuck bceauz of this..as the
  JFileChooser dialog box doesn't open up..from which i had to
  browse and select files..
  Thanks in advance
  sd76

  first the security certificate displays(which is fine),but then when i click on "grant
  permission"Not sure what you're talking about, when I sing an applet and open it with IE and jre 1.5
  I get a window titled "Warning - Security". It askes me if I trust the signed applet and
  gives me the options yes, no and allways. But never got the "grant permission dialog".
  Here is how I signed the applet and got it to read local file system:
  http://forum.java.sun.com/thread.jsp?forum=63&thread=524815
  second post

• Signed applet problem with 1.3.1 but same workin in jre1.4

  Hi,
  I have performed the following steps to sign an applet
  1. javac search.java
  2. jar cvf Search.jar *.class
  3. keytool -genkey -alias signFiles -keystore abs_stores -keypass
  123456 -storepass 123456
  4. jarsigner -keystore abs_stores -storepass 123456 -keypass 123456 -
  signedjar SignedSearch.jar Search.jar signFiles
  The applet searches for some files in the hard drive.
  The problem is when I user Jre 1.4,IE 5.5 the applet works but it does not with
  jre1.3.1
  I need it to work with jre1.3.1.
  can someone help me out.
  thanks,
  Anshuman

  I use the following in HTML
  <OBJECT
  classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
  WIDTH = 350 HEIGHT = 300
  codebase="http://java.sun.com/products/plugin/1.3.1/jinstall-131-win32.cab#Version=1,3,1,0">
  <PARAM NAME = CODE VALUE = "Search" >
  <PARAM NAME = CODEBASE VALUE = "." >
  <PARAM NAME = ARCHIVE VALUE = "SignedSearch.jar" >
  <PARAM NAME="type" VALUE="application/x-java-applet;version=1.3.1">
  <PARAM NAME="scriptable" VALUE="false">
  <COMMENT>
       <EMBED
  type="application/x-java-applet;version=1.3.1"
  CODE = "Search"
  CODEBASE = "."
  ARCHIVE = "SignedSearch.jar"
  WIDTH = 350
  HEIGHT = 300
       scriptable=false
       pluginspage="http://java.sun.com/products/plugin/1.3.1/plugin-install.html">
       <NOEMBED>
            </NOEMBED>
       </EMBED>
  </COMMENT>
  </OBJECT>
  thanks,
  Anshuman

• Signed Applet problem

  Hi all,
  I have a problem about disappering the "JApplet Window" Text.
  I am now writing a JApplet using swing technology. The JApplet want to access the local client harddisk so I need to sign the applet. There are serveral classes, one is extending JApplet and the other are extending JDialog. the JApplet class will show or hide the JDialog class.
  In the JDialog class, it will validate something and it will popup error dialog by using JOptionPane.showMessageDialog(). However, the problem occur, the popup dialog has a text "JApplet Window" at the bottom.
  I want to make the text disappear, Can you tell me the way to do that?
  thanks

  when you sign the applet, you are signing the Jar file, so any "dialogs" created from classes in the signed jar, shouldn't have that message on their windows. But then again, neither should popup menus in unsigned applets, but sometimes it does.