Signed and unsigned applet

Hi all,
I want to create an applet that is firstly loaded as a normal (i.e., unsigned) applet. The user can use several features of the applet without seeing a security warning dialog. But when the user uses a certain feature of an applet (such as saving the data to his computer), there will be a security warning dialog that asked the user to allow the (same) applet to access the local harddrive. If the user allows, the applet will be switch to signed mode without having to reload.
In short, is there a way to switch between an unsigned applet to a sign applet without reloading the applet?
Thank you,
vaxim

It is possible if and only if your using different applets. In the same applet there is no possibility of switching signed and unsigned. But I think you can do this by specifying the certificate name.

Similar Messages

  • Signed and unsigned profiles

    Using server 3.2.2, and most clients updated to 10.10.
    I have created profiles for each user and these get pushed to their computer.
    If the profile gets pushed by Server to the machine, it shows as unsigned in the Profile pane of Systems Preferences.
    If I sign into Profiles Manager as admin and download the user profile to then send it through email or put it on a share accessible to the client, that profile will show up as signed on the client machine.
    If a signed Profile is installed, and that I make a change to a profile, the profiles gets punched by Server, and is installed as a new unsigned profile. The existing signed profile is left unchanged.
    Any hints would be welcome. I would like profiles to be signed. In Server app, the checks Sign Configuration profile is checked.
    Thanks.

    It is possible if and only if your using different applets. In the same applet there is no possibility of switching signed and unsigned. But I think you can do this by specifying the certificate name.

  • RSL - what to use Signed or Unsigned ??

    Hi , Please help in implementing RSL to our Application . As per the docs it mentions that 
    Signed RSL will be avialble inside the Player cache , and
    Unsigned framework RSLs are cached in the browser cache .
    What does this mean ?? Ours ia product based Application .Ours is a intranet web based Application used within the organization . Please suggest me what RSL would be suitable for our Application ?? Thanks in advance .

    Signed RSLs are preferred to unsigned RSLs but only Adobe can create signed RSLs. In the SDK "frameworks\rsls" directory there are both signed and unsigned RSLs. The signed RSLs are optimized for production use. The unsigned RSLs in the Flex 4 SDK contain debug information and are meant for debugging only.
    -Darrell

  • Remembering username and password in an unsigned applet...

    Does anyone have any ideas how my unsigned applet could remember the username and password entered by a user?
    Previously, I was using a signed applet so could store the username and password in a persistent text file, but now I need to provide an unsigned applet solution - so does anyone have any suggestions for how my applet could remember and recall the username and password?
    Many thanks,
    James

    Take global variable and store pass and user name in it .
    or getParameter() and setParameter() u can set parameter define in html file as global . so multiple applet in same webpage can access this pass and user name

  • Self Signing and Applets

    I have spent hours reading over the Signed Applets forum and Sun applet security training pages. There seems to be so much confusion in this area that the use and proliferation of Java Applets must be suffering.
    As the usual underfunded developer, I am not able to buy a certificate before proving the concept. Therefore, I am relegated to using self signed applets to demonstrate the use of signed applets and the power they have. This would also be the case for students of Java applets, of which I am also one.
    I have tried the sample applets in the Sun security training. They in fact write the file to my system, but they also display a security error as well.
    The Sun training indicates that I should be using a policy file with the security and that when my applet is run by another user, that user must also manually update their policy file, using keytool, before running the applet. If this is true, I see no use for Java Applets that work outside of the sandbox confines. There must be a better way to use applets that require security.
    I have also read Irene's 10 steps and numerous comments about them. They seem to work fine until I get to step 10. If I am using a self signed applet, why should the user of the applet have to click on a HREF to load the certificate into the keystore? Why shouldn't the user be prompted to trust the self signed certificate, just like a certificate obtained from a CA?
    I have tried to develop a batch file (Windows NT 4.0) to illustrate the signing process, but I have been unsuccessful. I have listed the output from it below followed by the batch file itself. Would someone please indicate what would make this batch file work? If possible, I would like it to work for both IE 5.5 and Netscape 4.06; especially ie 5.5.
    My environment consists of:
    NT 4.0 (SP6)
    IE 5.5 (SP1)
    JRUN 3.1
    JRE 1.3.1_01
    JDK 1.3.1_01
    javac writeFile.java
    keytool -delete -alias writefile
    Enter keystore password: password
    keytool -genkey -alias writefile
    Enter keystore password: password
    What is your first and last name?
    [Unknown]: Robert Klawuhn
    What is the name of your organizational unit?
    [Unknown]: mygroup
    What is the name of your organization?
    [Unknown]: mycompany
    What is the name of your City or Locality?
    [Unknown]: mycity
    What is the name of your State or Province?
    [Unknown]: mystate
    What is the two-letter country code for this unit?
    [Unknown]: US
    Is <CN=Robert Klawuhn, OU=mygroup, O=mycompany, L=mycity, ST=mystate, C=US> correct?
    [no]: yes
    Enter key password for <writefile>
    (RETURN if same as keystore password): password
    keytool -selfcert -alias writefile
    Enter keystore password: password
    keytool -list -alias writefile
    Enter keystore password: password
    writefile, Wed Dec 19 10:41:35 PST 2001, keyEntry,
    Certificate fingerprint (MD5): 90:4D:63:0E:9E:56:CF:7F:93:2B:92:EE:AA:2B:87:E3
    jar cvf writefile.jar writeFile.class
    added manifest
    adding: writeFile.class(in = 1678) (out= 940)(deflated 43%)
    jar tvf writefile.jar
    0 Wed Dec 19 10:41:58 PST 2001 META-INF/
    71 Wed Dec 19 10:41:58 PST 2001 META-INF/MANIFEST.MF
    1678 Wed Dec 19 10:40:46 PST 2001 writeFile.class
    jarsigner writefile.jar writefile
    Enter Passphrase for keystore: password
    jarsigner -verify -verbose -certs writefile.jar
    139 Wed Dec 19 10:42:02 PST 2001 META-INF/MANIFEST.MF
    192 Wed Dec 19 10:42:08 PST 2001 META-INF/WRITEFIL.SF
    1098 Wed Dec 19 10:42:08 PST 2001 META-INF/WRITEFIL.DSA
    0 Wed Dec 19 10:41:58 PST 2001 META-INF/
    smk 1678 Wed Dec 19 10:40:46 PST 2001 writeFile.class
    X.509, CN=Robert Klawuhn, OU=mygroup, O=mycompany, L=mycity, ST=mystate, C=US (writefile)
    s = signature was verified
    m = entry is listed in manifest
    k = at least one certificate was found in keystore
    i = at least one certificate was found in identity scope
    jar verified.
    1 file(s) copied.
    1 file(s) copied.
    1 file(s) copied.
    An error appears:
    java.security.cert.CertificateException: Unable to verify the certificate with root CA
    @ECHO OFF
    REM Doit.bat
    REM
    REM This batch file leads the user through the creating
    REM and signing of an applet class and how it is accessed
    REM from a browser. The applet creates the file: C:\tmpfoo.
    REM
    REM The JRE 1.3.1 plug-in should be installed. See the
    REM control panel for an icon leading to the plug-in.
    REM
    REM This demo is for JRE 1.3.1_01, NT 4 (SP6), HTMLConverter
    REM 1.3, and IE 5.5.
    REM
    REM Run the HTMLConverter 1.3 against the following HTML
    REM file to generate the converted HTML that will support
    REM both Netscape and IE. Get the converter from Sun.
    REM
    REM <html>
    REM <head>
    REM <title> Java Security Example: Writing Files</title>
    REM </head>
    REM <body>
    REM Hi there. There is a signed applet following...
    REM <hr>
    REM <applet code=writeFile.class archive="/writefile.jar" width=500 height=50>
    REM </applet>
    REM <hr>
    REM </body>
    REM </html>
    REM
    REM The following is the code for the applet.
    REM
    REM import java.awt.*;
    REM import java.io.*;
    REM import java.lang.*;
    REM import java.applet.*;
    REM
    REM public class writeFile extends Applet {
    REM String myFile = "/tmp/foo";
    REM File f = new File(myFile);
    REM DataOutputStream dos;
    REM
    REM public void init() {
    REM
    REM String osname = System.getProperty("os.name");
    REM if (osname.indexOf("Windows") != -1) {
    REM myFile="C:" + File.separator + "tmpfoo";
    REM }
    REM }
    REM
    REM public void paint(Graphics g) {
    REM      try {
    REM      dos = new DataOutputStream(new BufferedOutputStream(new FileOutputStream(myFile),128));
    REM      dos.writeChars("Cats can hypnotize you when you least expect it\n");
    REM      dos.flush();
    REM      g.drawString("Successfully wrote to the file named " + myFile + " -- go take a look at REM it!", 10, 10);
    REM      } catch (SecurityException e) {
    REM      g.drawString("writeFile: caught security exception", 10, 10);
    REM } catch (IOException ioe) {
    REM      g.drawString("writeFile: caught i/o exception", 10, 10);
    REM }
    REM }
    REM }
    REM
    @ECHO javac writeFile.java
    javac writeFile.java
    REM Generate a selfsigned certificate and put it into
    REM the keystore.
    REM
    REM password = password
    REM first and last name = Robert Klawuhn
    REM org unit = COMPASS
    REM org = Applied Materials
    REM city = Santa Clara
    REM state = California
    REM country = US
    REM The -selfcert option may not be necessary the first
    REM time this is run
    @ECHO keytool -delete -alias writefile
    keytool -delete -alias writefile
    @ECHO keytool -genkey -alias writefile
    keytool -genkey -alias writefile
    @ECHO keytool -selfcert -alias writefile
    keytool -selfcert -alias writefile
    REM
    REM Export the key that was just created into a .crt file.
    REM This is then sent to a CA to obtain a 'real' certificate
    REM which is then imported into the keystore. These are
    REM commented because I am trying to use a self-issued key.
    REM
    REM keytool -certreq -alias writefile -file writefile.crt
    REM keytool -import -alias writefile -file writefile.crt
    @ECHO keytool -list -alias writefile
    keytool -list -alias writefile
    REM Jar the applet
    REM
    @ECHO jar cvf writefile.jar writeFile.class
    jar cvf writefile.jar writeFile.class
    REM Verify the jar
    REM
    @ECHO jar tvf writefile.jar
    jar tvf writefile.jar
    REM Sign the jar
    REM
    REM passphrase = password
    @ECHO jarsigner writefile.jar writefile
    jarsigner writefile.jar writefile
    REM Verify the signed jar file
    REM
    @ECHO jarsigner -verify -verbose -certs writefile.jar
    jarsigner -verify -verbose -certs writefile.jar
    REM The next statements assume that the applet will be
    REM obtained from Macromedia's JRun default server.
    REM
    copy writefile.crt %JRUN_HOME%\servers\default\default-app\.
    copy writefile.jar %JRUN_HOME%\servers\default\default-app\.
    copy writefile.html %JRUN_HOME%\servers\default\default-app\.
    "C:\Program Files\Plus!\Microsoft Internet\IEXPLORE.EXE" "http://localhost:8100/writefile.html"

    I believe I finally found my problem. If I use JRun as a web server and put the applet on the default server within JRun, I am only able to run the applet from a different client. It doesn't seem to load right on the same system as JRun.
    This may be due to other software I have running on my JRun server system, but it finally works.
    For those that are still having problems with self-signing applets, here is a batch file, that I am using, that works for me.
    @ECHO OFF
    REM Doit.bat
    REM
    REM This batch file leads the user through the creating
    REM and signing of an applet class and how it is accessed
    REM from a browser. When the Publish button is pressed
    REM     the selected file is copied to C:\TEMP\BOBK_copy.txt.
    REM
    REM The JRE 1.3.1 plug-in will be installed on the client.
    REM See the control panel for an icon leading to the plug-in.
    REM
    REM This demo is for JRE 1.3.1_01, HTMLConverter
    REM 1.3, and IE 5.5.
    REM
    REM Run the HTMLConverter 1.3 against the following HTML
    REM file to generate the converted HTML that will support
    REM both Netscape and IE. Get the converter from Sun.
    REM
    REM <html>
    REM <head>
    REM <title> Java Security Example</title>
    REM </head>
    REM <body>
    REM Hi there. There is a signed applet following...
    REM <hr>
    REM <applet code=FilePrompt.class archive="/fileprompt.jar" width=800 height=500>
    REM </applet>
    REM <hr>
    REM </body>
    REM </html>
    REM
    REM This applet can be executed by starting the default server in JRun and then
    REM then entering the following for the IE URL: http://K011614:8100/FilePrompt.html
    REM This assumes that JRun is installed and running on K011614.
    REM
    REM The first time the applet is executed, the 1.3.1_02 JRE is loaded if allowed.
    REM The main problem here is the JRE is about 5.3MB and takes a while.
    REM
    REM For some reason, running IE and pointing it to the applet on the same system that
    REM JRun is executing, doesn't work. You have to run it from another client that
    REM references the applet.
    REM
    @ECHO keytool -delete -alias fileprompt
    keytool -delete -alias fileprompt
    @ECHO keytool -genkey -alias fileprompt
    keytool -genkey -alias fileprompt
    @ECHO keytool -selfcert -alias fileprompt
    keytool -selfcert -alias fileprompt
    @ECHO keytool -export -alias fileprompt -file fileprompt.crt
    keytool -export -alias fileprompt -file fileprompt.crt
    @ECHO keytool -list -alias fileprompt
    keytool -list -alias fileprompt
    @ECHO jar cvf fileprompt.jar *.class
    jar cvf fileprompt.jar *.class
    @ECHO jar tvf fileprompt.jar
    jar tvf fileprompt.jar
    @ECHO jarsigner fileprompt.jar fileprompt
    jarsigner fileprompt.jar fileprompt
    @ECHO jarsigner -verify -verbose -certs fileprompt.jar
    jarsigner -verify -verbose -certs fileprompt.jar
    copy fileprompt.jar %JRUN_HOME%\servers\default\default-app\.
    copy FilePrompt.html %JRUN_HOME%\servers\default\default-app\.
    REM The following doesn't seem to work when executed on the same
    REM system as the JRun server. Access the applet from another client.
    REM "C:\Program Files\Plus!\Microsoft Internet\IEXPLORE.EXE" "http://localhost:8100/FilePrompt.html"
    pause

  • Unsigned applet: some machines can copy to clipboard, others can't

    My understanding of Java applet security says that an unsigned applet cannot copy-to or paste-from the system clipboard. However, on at least two systems at my office (but not mine) the user can highlight text in one of our applets, hit Ctrl-C and copy the text to the clipboard. All machines are current vintage, running MS XP and Java 1.4.2. I've checked the java.policy files and they are identical--there are no non-standard permissions in them.
    Now my boss is complaining that I told him this couldn't be done without going the signed applet route. Does anybody know what's going on?

    First of all if you're developing applets for your company (or another one) make sure they
    have the jre set up correctly.
    Any respectfull IT person within a company has IE security set up so why not the jre as
    wel?
    Using the default jre installation in your company? Are you allso using the default IE
    install or did you not agree with some settings there?
    Anyway here is how I think you should set up the jre for your companys people:
    I think a good configuration would be a keystore and policy on the company's
    Intranet to be used by everyone and if so needed a keystore and policy in the user home
    folder to be edited only by admins. Add the 2 keystores to the java.security and the
    admins can configure any special privileges to special applets (like IE security zones
    but more detailed).
    Add the following line to all codebases: "grant { " section in the java.policy/
    permission java.lang.RuntimePermission "usePolicy";
    Now the user does not have the option of "do you trust" for signed applets. I think this
    is a verry good idea because anyone with a jdk can sign their jar.     
    About someone beeing able to copy and the other one not, I guess you've given the
    user too much freedom in changing their settings (the msjvm settings in IE). The
    applet is probably not even run with the SUN jre because you are using the Applet tag.
    Now I am not even sure if hitting crl + c does anyting with an unsigned applet but I would guess that accessing the clipboard from code should not be possible.

  • Browser settings to accept unsigned applets

    Hi,
    I'm writting an applet that uses a socket, therefore I need to sign my applet to view it into my browser. So every time I change my code I need to resign the applet.
    Can I set my browser so I will accept unsigned applet?, this will be a lot easier to test and change the code of the applet.
    I'm using a IE6 browser.
    Thanks in advance,
    Pieter

    Yes if you have a JRE installed.
    You can edit your java.policy file so that any java applet started on your machine will be given all priviledges.
    Obviously for general use(i.e. untrusted applets) this would be quite dangerous.
    You can add the following to your java.policy file....
    grant{
    permission java.security.AllPermission;
    };

  • Connecting to a remote servlet from an unsigned applet

    My applet connects to a remote servlet (on a different server). I could obviously connect to it fine with a signed applet, but now my applet is no longer signed.
    I understand an unsigned applet can access a servlet on the same web server host, but the problem is that the servlet is on a different server...
    Is there some simple way I can create a file (html or whatever) on the web server host that can accept requests from the applet and redirect them to the remote servlet?
    Cheers,
    James

    If I understand what you're saying, no.
    But perhaps you can install the applet on the server that you want to connect to.

  • File Access with unsigned Applet through editing the java.policy file

    I'am starting to lose my hair on this...
    I am trying to get an applet to run so that it can access the file system to move files on my local maschin. Because this applet is only running on my VM i can change the java.policy to avoid the signing of the applet.
    first of all, if i wrote in the java.policy file
    grant {
      permission java.security.AllPermission; 
    };everything is working perfekt.
    But I have not the intention to open the gates for any applet out there, so i want to limit the access to my applet. With every of the following versions I get at best an
    java.security.AccessControlException: access denied (java.io.FilePermission...
    My Setup
    My Java Version: jre1.6.0_02
    My applet is located unter the url
    http://admin.mydomain.com/applet.jar
    In Html i tryed the following different versions of loading the applet - none worked
    <applet codebase="http://admin.mydomain.com/" name="shortcut" code="start.class" archive="applet.jar" width="0" height="0"></applet>
    <applet codebase="http://admin.mydomain.com" name="shortcut" code="start.class" archive="applet.jar" width="0" height="0"></applet>
    <applet name="shortcut" code="start.class" archive="http://admin.mydomain.com/applet.jar" width="0" height="0"></applet>in java.policy i tryed following versions with every html applet load version
    grant codeBase "http://admin.x-press.de/-" {
      permission java.security.AllPermission; 
    grant codeBase "http://admin.x-press.de/+" {
      permission java.security.AllPermission; 
    grant codeBase "http://admin.x-press.de/applet.jar" {
      permission java.security.AllPermission; 
    };why is it with
    grant {
      permission java.security.AllPermission; 
    };working, and not with the other versions?
    i am almost bold now, please try to save my last hair from falling down.
    any suggestion would be nice
    thanks, feyyaz
    Message was edited by:
    feyyazdogu

    I read the mentioned documentation and your right, some of my versions were wrong, but after reading the doumentation again i came to following result which should had worked but didn't.
    java.policy
    grant codeBase "http://admin.mydomain.com/*" {
      permission java.security.AllPermission;
    HTML File
    <applet codebase="http://admin.mydomain.com/" name="shortcut" code="start.class" archive="applet.jar" height="0" width="0"></applet>if I am entering http://admin.mydomain.com/applet.jar i can download the jar, so the archive lays in the correct directory.
    what i am doing wrong? do i have to change an additional file somewhere else?

  • Why signed and get "access denied (java.io.FilePermission hello.txt read)"?

    I am learning the Java tools and policy to create some local browser application for personal use. So I signed a jar file with jarsigner, keytool and policytool and still trying to figure out why my browser application cannot read a simple local text file.
    My question are
    1. Why use java policy tool (policytool.exe)? If I signed a .jar with keytool and jarsigner, do I really need java policytool to write a policy?
    2. What is the maximum validity days? 365? or more? Do I need to sign again when validity expire?
    3. I don't want any of my local browser application gets to internet but only work with local files (read, write, or execute). how do I do that?
    4. how to use java security policy to grant access to the jar applet? where do I place and import the policy file so the hosting web browser and the applet can work?
    My java applet is a simple class that read a text line from a local file in the same folder, and pass the result to a calling web browser Javascript.
    Currently the result in the web page is the error message below, even though the jar is signed correctly.
    access denied (java.io.FilePermission hello.txt read)
    Someone please help and enlight the newbie!

    leoku wrote:
    I am learning the Java tools and policy to create some local browser application for personal use.Why would you wrap a mostly useless and unhelpful browser window around a Java app. for 'local' use?
    .. So I signed a jar file with jarsigner, keytool and policytool and still trying to figure out why my browser application cannot read a simple local text file.
    My question are
    1. Why use java policy tool (policytool.exe)? If I signed a .jar with keytool and jarsigner, do I really need java policytool to write a policy?No. In fact, don't stuff around with policy files - they are a path to madness.
    2. What is the maximum validity days? 365? or more?Keytool accepts an argument for the number of days to remain valid. I do not believe it has an upper limit, but it might be best to experiment with it and find out for yourself. Please report your findings back.
    (2a) Do I need to sign again when validity expire?No, but the end user gets a huge warning that the certificate has expired. Further, if it was a certificate that was certified by a CA, the 'always trust' check box which used to default to true, would now default to false.
    3. I don't want any of my local browser application gets to internet but only work with local files (read, write, or execute). how do I do that?I am not sure I understand, but if you only offer a JFileChooser for the applet to access resources, that should restrict it to resources off the local file-system. Of course, that would not restrict the end user from downloading something from the internet to their local disks, then accessing it using the applet.
    4. how to use java security policy to grant access to the jar applet? where do I place and import the policy file so the hosting web browser and the applet can work?The only place it will work is in the JRE directories of the end-user's machine. Even if you find a way to install your local policy file, do not go messing with the end-user's policy files.
    My java applet is a simple class that read a text line from a local file in the same folder,.. In the 'same folder' as what? (1)
    ..and pass the result to a calling web browser Javascript. That might be the problem. AFAIR, using JS with trusted applets causes the security to be tightened. Perhaps it could be fixed by calling System.setSecurityManager(null) on applet init(), but I have also seen references to using [AccessController.doPrivileged()|http://java.sun.com/j2se/1.4.2/docs/api/java/security/AccessController.html] to wrap the problematic code. I am hazy on the details of how/if that works.
    Currently the result in the web page is the error message below, even though the jar is signed correctly.
    access denied (java.io.FilePermission hello.txt read)
    1) If the answer to my question is what I suspect, there may be better ways to access the resource that are usable even in a sand-boxed app.

  • Unsigned applet

    Hi, I have a simple question... �Can an unsigned applet connect to the same IP where it was downloaded but to another port (says 3306)?
    Regards,
    Neuquino

    most probably it couldn't. in order to socket connection established, u have to sign the applet otherwise it fails...

  • Wrtie unsigned char and unsigned int into a binary file

    Hi, I need write some data into some specific file format (.ov2) for other applications to read.
    Here is the requirement of the data:
    First byte: An unsigned char value, always "2" means simple POI entry
    Next 4 byte: An unsigned int value,
    Next 4 byte: A signed integer value.
    Next 4 byte: A signed integer value
    then next : A zero-terminated Ascii string
    Here is my code:
                       String name = "name";
                       byte type = 2;
                     int size = name.length() + 13 +1; //1+4+4+4 and there is a 0 at last
                     int a = 1;
                     int b =2;
                     ds.writeByte(type); //1 byte, need save it as unsigned char
                         ds.writeInt(size); //4 //need to be an unsignged int
                         ds.writeInt(ilont); //4 //signed int
                         ds.writeInt(ilatt); //4 //signed int
                         //write zero-terminated ascii string
                         for(int n=0; n<name.length(); n++){
                              ds.writeByte(name.charAt(n));
                         ds.writeByte(0);                    This code could not get the correct result and I think I must do some sign to unsign conversion, but I don't know how to do it. Any help?
    Thanks for you attention.

    You don't have to do anything special at all. What's in a int or a byte is what you, as a programmer, say it is. Java treats int's as signed but, in fact, with 2's complement arithmatic most operations are exactly the same. Load and store, add and subtract - it makes no difference whether a variable is signed or unsigned. It's only when you convert the number, for example to a wider type or to a string representation that you need to know the difference.
    When you read an unsigned byte and you want to widen it to an integer you have to clip the top bytes of the integer e.g.
    int len = input.get() & 0xff;This is because, since java sees a byte as signed it will extend the sign bit into the top bytes of the int. "& 0xff" forces them to zero.
    Writing it, you don't have to do anything special at all - it will autmatically get clipped. The above is probably the only concesion you'll ever need to make to unsigned binary. (You'd need to do the same thing from unsigned int to long, but this almost never happens).
    When I read ov2 files I used a mapped byte buffer, because it allows you to set either big-endian or little-endian and I wasn't sure which ov2 files used. (Sorry, I've forgotten).

  • Upgrading to Java 7 u45, and my applet can not be openend

    After upgrading to u45, I can not open an applet from HTML page, even on the simplest scenario (described below)
    The applet is signed, and the whole scenario used to be working well on u40.
    Trying to open this HTML with u45 results with InvocationTargetException run time exception.
    Why does this happen? Does anyone knows how to bypass this?
    I'm so frustrated. The last few java upgrades required huge amount of work on my behalf. They are so not backward compatible its unbelievable.
    The simple version of my HTML looks like this:
    <HTML><SCRIPT    LANGUAGE="JavaScript1.2" TYPE="text/javascript">
            document.writeln("<APPLET CODE='com/PkgDudu/myApplet/AppletInit.class' ARCHIVE='sample.jar' WIDTH=100% HEIGHT=100% BORDER=1>");
            document.writeln("</APPLET>");
    </SCRIPT></HTML>
    my simplified applet code looks like this:
    package com.PkgDudu.myApplet;
    import java.applet.Applet;
    public class AppletInit extends Applet {
        public static void main(String[] args) {
            System.out.println("Hello");

    Hello phoebe187,
    The following article provides steps for resolving this error and getting iTunes working again.
    iTunes for Windows: "Error 7" message when opening iTunes
    http://support.apple.com/kb/TS3074
    Cheers,
    Allen

  • Unsigned applet load failure via HTTPS

    Java Plug-in 1.5.0_06
    MSIE 6.0
    Unsigned applet loading via HTTPS failed.
    We used a relative URL in an APPLET tag :
    <APPLET CODEBASE="/TEST/" ARCHIVE="test.jar" CODE="nl.myorganisation.test">
    The plugin does not seem to reuse the browser SSL-session.
    It looks like the plugin does not find installed certificates in Explorer stores.
    The 2th and 3th connection retry use an erroneous URL.
    network: Connecting https://myorganisation.nl/TEST/test.jar with proxy=DIRECT
    security: Loading Root CA certificates from <jre-home>\lib\security\cacerts
    security: Loaded Root CA certificates from <jre-home>\lib\security\cacerts
    security: Loading SSL Root CA certificates from <jre-home>\lib\security\cacerts
    security: Loaded SSL Root CA certificates from <jre-home>\lib\security\cacerts
    security: Loading Deployment SSL certificates from <user-home>\Data\Sun\Java\Deployment\security\trusted.jssecerts
    security: Loaded Deployment SSL certificates from <user-home>\Data\Sun\Java\Deployment\security\trusted.jssecerts
    security: Loading certificates from Deployment session certificate store
    security: Loaded certificates from Deployment session certificate store
    security: Loading certificates from Internet Explorer ROOT certificate store
    security: Loaded certificates from Internet Explorer ROOT certificate store
    security: Checking if certificate is in Deployment session certificate store
    security: Checking if SSL certificate is in Deployment permanent certificate store
    network: Connecting https://myorganisation.nl/CGI-BIN/nl/myorganisation/test.class with proxy=DIRECT
    security: Loading certificates from Deployment session certificate store
    security: Loaded certificates from Deployment session certificate store
    security: Checking if certificate is in Deployment session certificate store
    security: Checking if SSL certificate is in Deployment permanent certificate store
    network: Connecting https://myorganisation.nl/CGI-BIN/nl/myorganisation/test.class with proxy=DIRECT
    security: Loading certificates from Deployment session certificate store
    security: Loaded certificates from Deployment session certificate store
    security: Checking if certificate is in Deployment session certificate store
    security: Checking if SSL certificate is in Deployment permanent certificate store
    load: class nl.myorganisation.test not found.
    Does anybody have any suggestion ?
    Thanks and greetings,
    Marc

    First, Java plugin don't use browser https connection starting JRE 1.4, for running an applet in https server, the browser need to establish a https connection first, then Java pugin will use another https connection.
    Second, Java plugin can read certificate from browser, starting JRE 1.5, you can go to Java control panel, Advanced tab, under security, check on the box:
    "Use certificate and keys in browser keystore"
    This way the Java plugin will read the certificate from browser too. (It will work automatically in IE browser, if you use Mozilla, you have to install JSS package first).
    To answer your question, you can either turn on that option or import https certificate into JRE keystore (using Java control panel) for https connection.
    Hope that answered your question.
    Dennis

  • 1.5 allows setStub() by unsigned applets?

    I have an applet that is embedded in a JFrame. It worked fine in 1.4 but I just tried j2re-1_5_0-beta2-windows-i586 and get "java.security.AccessControlException: access denied (java.awt.AWTPermission setAppletStub)...
    at java.applet.Applet.setStub(Unknown Source)"
    Is setStub() not allowed by unsigned applets in 1.5?
    Thanks

    I have the same problem.
    Trying to track it down, did you get any feedback from anyone ?

Maybe you are looking for