Signing applets, going crazy

hi,
I think I've posted enough thread on signed applets and
still haven't got the solution and i'm the strong believer
that any sought of problem will be solved in the forums,
and I still believe in that. Ok! I don't wan't to bore u,
here is my problem:
1) I've signed the applet using keytool and specify the
signed.jar file in the archive parameter in <applet> tag,
but each and every client have to get the .java.policy
file to be placed on their windows home directory!!!
Is that the rt way to do it, or is there any way to link
the .java.policy while signing the applet.
2)I've also tried in signing the cab files, ok fine but don't
know how to set the permissions in the .ini file in SDK for
java, no proper documentation and also when i got to
use the plugin converter to use my applet since the
browser does'nt recognise the rmi classes, so when i use
the plugin, and also the cabbase parameter, i'm not able
to get it, but i'm able to get one of my applet get going
which is a normal applet tries to write a file on to the
desktop, but it doesn't have the plugin.
3)Is there anyway to make applet work without using the
plugin concept. I came to know the if i specify archive
for rmi.zip, it should work, but I cou'lnt do it, is there any
other versions of rim.zip
Sorry 4 a long story,
ThanX for baring me.
kiran,
[email protected]

1:From my understanding, if you sign the applets you should not have to set policy files onto the client side.
Applets should have complete unrestricted access to the system when these are signed.
2: Are you trying in anyways to perform callbacks through firewalls ? If you do check RMI vs Internet on this forum.
RMI works without plugin for jdk1.1 and over
3: I don't know , sorry.

Similar Messages

Applet goes crazy

I am fairly new to java, and completely new to this forum, so I am not sure if this is where this question is supposed to go, but here it is anyway.
I am trying to write a poker program, that shows the pictures or the card. However, when i run the .html file with the applet in it, it appears that the program runs many many times. It shows words overlapping, and whenever i minimize and restore it, a new set of cards appears. I want it to run only once. Also, if i scroll in the window, the pictures of cards become messed up, with sections of card being replaced with other sections.
Another question. When using the getImage(getCodeBase(), picture) method, why can I only use that in the paint method. If i try to use it in another part of the program, it sats that getImage and getCodeBase are not static.
hopefully you understood my questions, and any help is appreciated.

have you tried running the applet in various browsers? sometimes applet support is quite bad in some browsers
and for the static thing - do you know what static means? it means that there can be only one instane of this object, var or method
you probably made something static - and these methods are in Applet i think so if you're not in a class extending Applet it won't wotk

Signed Applet aah ... im getting crazy...

Hello
I have looked on all tutorials i can find about making an applet an signed applet, but none have WORKED for me.
I want the applet to be able to communicate with a server using sockets , if im right applet arent allowed to communicate with sockets if the applet isnt signed.
If im right you have to make the applet to a jar file to get it signed , am i right?
Can you please write an tutorial about how to make the applet signed (to make it able to communicate with an server using sockets).
Please make it like stepped like this:
1. Blablablabla
2. Blablablabla
Thank you so much if you post.
/javaguy
PS. if you wonder why i ask this questiong the answer is that im trying to make an online game.

You can use signing tool from Mozilla ,
http://www.mozilla.org/projects/security/pki/nss/tools.
Use this tutorial,
http://java.sun.com/javase/6/docs/technotes/guides/plugin/developer_guide/rsa_signing.html
See this topic Signing Applets Using Netscape Signing Tool
It has worked for me. Let us know if you face any problem with this.
--Sachin

My signed applet works with 1.4.1 plugin but it doesn't with 1.4.2_02 !!!

Hi there, I've got problems trying to sign an applet with Java 2. That applet is an FTP which is used for uploading files throught the Browser (just upload).
I signed my applet with SDK 1.4.1 when I surfed the page which contains it, the applet works properly (the browser had Java plug in 1.4.1) ... the certificate appeared (thawte), I clicked "Yes" for agreeing the certificate .. everything went fine. The problem was when I tried to navigate that page with a Browser with Java Plug in 1.4.2, I agreed the cetificate, but when I tried to upload a file with the applet the following error happens :
ava.security.AccessControlException: access denied (java.io.FilePermission C:\install\slsk151.wma read)
     at java.security.AccessControlContext.checkPermission(Unknown Source)
     at java.security.AccessController.checkPermission(Unknown Source)
     at java.lang.SecurityManager.checkPermission(Unknown Source)
     at java.lang.SecurityManager.checkRead(Unknown Source)
     at java.io.FileInputStream.<init>(Unknown Source)
     at java.io.FileInputStream.<init>(Unknown Source)
     at FtpSigned.upload(FtpSigned.java:463)
     at FtpSigned.run(FtpSigned.java:526)
     at java.lang.Thread.run(Unknown Source)
after that I downloaded the SDK 1.4.2_02 and I installed the plugin
1.4.2_02 (build 1.4.2_02-b03)
I signed tha applet again and it didn't work ...
please ... I need help!
Thanks in advance.
Nico.

Funny, I had a problem going to _03 when it worked fine in _02. Symptoms: In IE, Sun's plug-in displays security warning prompt for signed applet, and, even though the user clicks YES to accept, all priv operations cause exceptions. It sounds like what you're referring to, but I'm wondering why I didn't see it in _02. Anyway, I'm going to look into the doPriv... stuff to see if that fixes my prob and I'll report back FWIW.

Accessing Signed Applet Method From Javascript

Hi All,
In my intranet application i have to retrive the mac addres of the client using the applet. I have to capture the MAC Address and set it as a hidden value in the jsp page.
I have used the signed applet and able to retrive the mac address of the client using IE but I am not able to do the same on NN 7.1
Below is my javascript and the applet tag syntax, please help me if i am wrong anywhere
function mac()
var mval=document.myApplet.getWinMACAddress()
alert("addres" +mval)
document.loginform.js_value.value=mval
and the applet tag in my jsp page is
<applet code ="SignedAppletDemo.class" codebase="http://mysouthasia/AcadResource/jsp/" archive="SSignedApplet.jar" width=1 height=1 align=center name="myApplet" >
</applet>
Thanks in Advance

Since getWinMACAddress( ) seems to work just fine for IE, is there an equivalent for NN7.1?
What happens if I run Opera instead, and on a Linux system? Or Safari on OS X? Obviously getWinMACAddress( ) isn't going to work for that.
I really don't understand why so many Asian programmers get "Find the MAC address of..." as a homework assignment. There are many reasons why it isn't really practical to do so, and for examples, just search this forum for MAC addresses. Lots and lots of examples and counter examples.

Signed applets and dialogs

hi all,
question to clarify my understanding of signed applets.
got a bog-standard applet. nothing clever or special.
got myself a bog-standard cert from thawte.
signed the applet and put it on a webserver.
displays the correct security notice on first load. continue and "Always trust this company" etc...
all runs fine.
in the applet init, i've put in
java.awt.AWTPermission perm = new java.awt.AWTPermission("showWindowWithoutWarningBanner");
try {
AccessController.checkPermission(perm);
System.out.println("access allowed?");
} catch (AccessControlException ex) {
ex.printStackTrace();
}open the main frame, and all is good. no banner or access denied exception.
show a popup menu, or tooltip. no banner.
display a dialog. oops, a banner "Java Applet Window" and the bottom section of the dialog is covered with the warning msg.
so i'm confused.
does this mean that this permission does not apply to dialogs? (if so, what?)
even with a cert, this msg cannot be removed? (please tell me no)
wrap and recode all dialog openings with AccessController.doPrivileged? (i dont wanna do this)
or i missed something with the setup.
i've been searching the forums for some info, but seem to be going in circles. editing the policy file on all client comps is not a valid option, unless there is sometrick i dont know about .
tia
-a

hi,
i got the answer from the link
http://www.javaworld.com/javaworld/jw-12-2000/jw-1215-security.html

Signed Applet

Hi there!
I wouldn't probably post this thread, but while browsing this forum I came around this post:
AndrewThompson64 wrote:
The thing you need to ask yourself is, is the benefit going to be enough to get the user past the security promptThis post gave me some thought. I have signed applet, but it does not read any data from local computer, but from my server. I need to know, if applet can be run without being signed if I read data on this way:
URL naslov = new URL("http://my.ip/heavyweather/currdat.lst");
BufferedReader vhod = new BufferedReader(new InputStreamReader(naslov.openStream()));From what I have understood, that if applet reads data from the server where class file is located, than it does not need to be signed?

What did google say?

Signed applet crashes

Hello all!
Has ever happened to someone that when using a signed applet, the browser crashes without giving an error or something?
I made an applet that had to read a file on the server, then signed it, and when trying it, after the browser asked me if to trust the signature, all freezed and nothing else happened...
I am developing an applet with NetBeans, the code in question is this:
import java.io.*;*
*import java.util.*;
public class PhotoAlbum extends javax.swing.JApplet {
    /** Initializes the applet PhotoAlbum */
    public void init()
        try
            java.awt.EventQueue.invokeAndWait(new Runnable() {
                public void run() {
                    initComponents();
        } catch (Exception ex)
            ex.printStackTrace();
    public void start()
        try
            initAlbum();
        catch (Exception e)
            error.setText(e.getLocalizedMessage()); //"error" is a textbox. I use that to write the exceptions caught runtime.
    private void initAlbum() throws Exception
      FileReader reader = new FileReader("/Foto/PhotoDB");
@SuppressWarnings("unchecked")
    // <editor-fold defaultstate="collapsed" desc="Generated Code">
    private void initComponents() {
        modLista = new javax.swing.DefaultListModel();
        jScrollPane1 = new javax.swing.JScrollPane();
        listaAlbum = new javax.swing.JList();
        jScrollPane2 = new javax.swing.JScrollPane();
        error = new javax.swing.JTextArea();
        jLabel1 = new javax.swing.JLabel();
        listaAlbum.setModel(modLista);
        listaAlbum.setVisibleRowCount(4);
        jScrollPane1.setViewportView(listaAlbum);
        error.setColumns(20);
        error.setRows(5);
        jScrollPane2.setViewportView(error);
        jLabel1.setIcon(new javax.swing.ImageIcon(getClass().getResource("/Foto/bell_urlo.png"))); // NOI18N
        jLabel1.setText("jLabel1");
        javax.swing.GroupLayout layout = new javax.swing.GroupLayout(getContentPane());
        getContentPane().setLayout(layout);
        layout.setHorizontalGroup(
            layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
            .addComponent(jScrollPane1, javax.swing.GroupLayout.DEFAULT_SIZE, 547, Short.MAX_VALUE)
            .addGroup(layout.createSequentialGroup()
                .addContainerGap()
                .addComponent(jScrollPane2, javax.swing.GroupLayout.DEFAULT_SIZE, 523, Short.MAX_VALUE)
                .addContainerGap())
            .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
                .addContainerGap(117, Short.MAX_VALUE)
                .addComponent(jLabel1)
                .addGap(72, 72, 72))
        layout.setVerticalGroup(
            layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
            .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
                .addContainerGap()
                .addComponent(jLabel1)
                .addGap(12, 12, 12)
                .addComponent(jScrollPane2, javax.swing.GroupLayout.PREFERRED_SIZE, 218, javax.swing.GroupLayout.PREFERRED_SIZE)
                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 39, Short.MAX_VALUE)
                .addComponent(jScrollPane1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE))
    }// </editor-fold>
    // Variables declaration - do not modify
    private javax.swing.JTextArea error;
    private javax.swing.JLabel jLabel1;
    private javax.swing.JScrollPane jScrollPane1;
    private javax.swing.JScrollPane jScrollPane2;
    private javax.swing.JList listaAlbum;
    private javax.swing.DefaultListModel modLista;
    // End of variables declaration
    public Album[] collection;
    public Album current;
    public int photoIndex;
}This is the basic code, I deleted all the instructions, leaving the one from where the error started (the filereader declaration)
I don't have any idea on why the browser crashes...
When the applet is unsigned, on the textbox is shown correctly the error "permission denied".
On other files the signing procedure goes ok, since I tried it on a program I found on the internet @ http://www.captain.at/programming/java/
Edited by: DrZoidberg on Sep 15, 2008 9:15 AM

are you using IE?
i use mozilla and this is what i see when i trust the certificate.
java.lang.SecurityException: class "PhotoAlbum$1"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(Unknown Source)
at java.lang.ClassLoader.preDefineClass(Unknown Source)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at sun.applet.AppletClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at PhotoAlbum.init(PhotoAlbum.java:21)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
java.lang.NullPointerException
at PhotoAlbum.start(PhotoAlbum.java:40)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
might help you :)

Running signed applet on Java 5: Certificate not verified

Hello!
I am running my signed applet, it uses Bouncy Castle provider bcprov-jdk15-125.jar.
My applet.jar is signed by my own certificate. When running from a browser, I get error message:
Certificate Not Verified. Code will be treated as unsigned. Clicking on details button, read:
Check leaf key usage failed in certificate. Then goes the stack trace.
What is the problem? I was successfully ran it on J2SDK 1.4.2_05.
Thanks.

I get this same error for a signed webstart app in Java 5.0.
In 1.4.2.x it works fine.
Sun?

Uploaded content modification detecting(from Signed Applet)

Hello,
I have a question about signed applets and content verification on client machine. Let's consider the following scenario:
I have uploaded an image to client machine(using signed applet)
Client have modified the image
I want to detect that image was modified... And change it to default, stored in web host.
Is there any way to identify modification? Or maybe there are some other tecniques of storing content to client's machine, not using raw resources?
Thanks in advance.

>
Setting the proxy in the java control panel has no
effect on the available system properties.
Rather it has no impact on the VM that the applet runs in. Which is different than saying it has no impact at all.
I suspect there is a file somewhere that controls the actual system values for applets.
Given that an app should be able to detect the proxy
settings of the person running it, how is this
possible if the properties are not available from
within the app?What exactly are you trying to do?
An applet, which is not an app, normally has certain restrictions which would be sufficient for most apps.
And the proxy setting impacts the VM, nothing else. So if the applet returns null then it means the VM has no setting. That doesn't mean that one or more proxies are not in the chain of communication. But you are not going to get those from the VM.

Self signed Applet - still getting Security Exception...

Hi everyone...
I m new to Java Mail... Nd I m developing a Applet to send mail from my Gmail account, nd I used keytool, jarsigner to Self sign the applet. Nd I wrote a Html page and when calling my applet method using javascript, I m having Security Exception... And I m using Java 1.5 (i.e., J2SE 5)
Here is the sample of my code...
--------- MyMail.java -----------
import javax.mail.*;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeMessage;
And all neccessory packages are imported....
public class MyMail extends JApplet
     String server = "smtp.gmail.com";
     String username;
     String password;
     String fromAddres="";
     String toAddres="";
     Other Variable declaration goes here........
Session ses;
Transport tr;
MimeMessage msg;
     public void init() //For testing purpose
          doLogin("username","password"); //My account details
     public void doLogin(String user,String pass)
          username = user;
          password = pass;
          boolean success;
          fromAddres = user+"@gmail.com";
          toAddres = "[email protected]";
          subject = "TEst SubJect";
          body = "This is Test Mail";
          success = doAuthentication();
          if(success)
               setHeaders(server,username,password,fromAddres,toAddres,cc,bcc,htmlFormat,subject,body);
               sendMail(ses);
               doLogout();
     public void doLogout()
          //Deals with the logout from my account
     public boolean doAuthentication()
          //Deals with the authentication of my account
          // Setting properties, creating a session, getting transport object...
          //and returns true if authentication is success, false if not.
     public void setHeaders(String server, String username, String password, String fromAddress, String toAddress, String cc, String bcc, boolean htmlFormat, String subject, String body)
          //Sets the headers fields for the message (recieved through arguments)
     public void sendMail(Session ses)
          //Deals with sending mail
class MyPasswordAuthenticator extends Authenticator
     //Deals with the authentication of my account
---------- MyMail.html -----------
<html>
<head>
<script language=javascript>
function sendmail()
document.MyMail.doLogin("username","password"); //my account details
</script>
</head>
<body>
<input type=button name=but value=Send mail onclick=sendmail()>
<applet name=MyMail code=MyMail.class
archive=mail.jar,activation.jar,mailplus.jar width=0 height=0>
</applet>
</body>
</html>
And the applet is Self signed using the tools supplied from Java SDK...
it got signed...
And as the applet got loaded when i opend the MyMail.html, as i called the doLogin(..,..) in init() it is sending mail successfully...
The problem is.... As I given the action for my button to send mail (by calling java method from java script i.e., calling doLogin() when the button clicked) I m getting Security Exception
So...anyone plz tell me the solution....
Thnx in advance....
- Kanta

http://www.google.nl/search?hl=nl&q=site%3Asun.com+javascript+signed+applet&btnG=Google+zoeken&meta=
DoPrivileged would solve your problem but I've seen some cases where the
threaded (link mentioned below second post) mothod is the only way it'll work.
Signing applets:
http://forum.java.sun.com/thread.jsp?forum=63&thread=524815
second post and reply 18 for the java class file using doprivileged
Still problems?
A Full trace might help us out:
http://forum.java.sun.com/thread.jspa?threadID=656028

Is it necessary to have java installed on each system to run sign applet?

I have successfully signed an applet, and I am using it from my website. I havesigned the applet digitally. But the problem is that it's run successfully on the system in which java is installed but it do not not run on the system on which java is not installed. There is warning java plug-ins missing. I have tried to run many banking website which is using signed applet from Trusted parties they run successfully. I have searched many tutorials and forums but not able to find any help.
Thanks in advance.

jsrpanky wrote:
Thanks sabre,
I think you are right, I know I'm right!
because I was going through a article and found that it is possible to auto-download the Java Runtime Environment (JRE) onto the users machine.But I don't have any idea of how to auto-download JRE.
Could you give me some hints so that I could some idea about this.Not really. I just put a link to the Sun site and ask the user to follow the directions. Google is your friend.

Restriction for signed applet

Hi all,
i signed applet which is trying to modify file tmp.txt on client machine. Is there any opportunity for client to forbid this action for signed applet?
I tried use policy file but i was unlucky. It is ok for unsigned applet but what about signed one?
Thank you for your response.
benky

you need to install the jre, and place the win32.dll at JavaSoft\JRE\1.3.1_06\bin, that properties file place at JavaSoft\JRE\1.3.1_06\lib, comm.jar at JavaSoft\JRE\1.3.1_06\lib\ext\
and in ur code try to use it to open ur com port
public String test() {
String drivername = "com.sun.comm.Win32Driver";
try
CommDriver driver = (CommDriver) Class.forName(drivername).newInstance(); driver.initialize();
catch (Throwable th)
{* Discard it */}
drivername = "javax.comm.*";
try
CommDriver driver = (CommDriver) Class.forName(drivername).newInstance(); driver.initialize();
catch (Throwable th)
{* Discard it */}
portList = CommPortIdentifier.getPortIdentifiers();
while (portList.hasMoreElements()) {
portId = (CommPortIdentifier) portList.nextElement();
if (portId.getPortType() == CommPortIdentifier.PORT_SERIAL) {
if (portId.getName().equals("COM2")) {
//if (portId.getName().equals("/dev/term/a")) {
try {
serialPort = (SerialPort)
portId.open("SimpleWriteApp", 2000);
} catch (PortInUseException e) {}
try {
outputStream = serialPort.getOutputStream();
} catch (IOException e) {}
try {
serialPort.setSerialPortParams(9600,
SerialPort.DATABITS_8,
SerialPort.STOPBITS_1,
SerialPort.PARITY_NONE);
} catch (UnsupportedCommOperationException e) {}
int i=0;
while(true)
try {
messageString="hi";
System.out.println(i++);
outputStream.write(messageString.getBytes());
} catch (IOException e)
System.out.println(e);
messageString=String.valueOf(e);
return messageString;
and yet u need to signed the applet
1. Compile the applet
2. Create a JAR file
3. Generate Keys
4. Sign the JAR file
5. Export the Public Key Certificate
6. Import the Certificate as a Trusted Certificate
7. Create the policy file
8. Run the applet
Susan
Susan bundles the applet executable in a JAR file, signs the JAR file, and exports the public key certificate.
1. Compile the Applet
In her working directory, Susan uses the javac command to compile the SignedAppletDemo.java class. The output from the javac command is the SignedAppletDemo.class.
javac SignedAppletDemo.java
2. Make a JAR File
Susan then makes the compiled SignedAppletDemo.class file into a JAR file. The -cvf option to the jar command creates a new archive (c), using verbose mode (v), and specifies the archive file name (f). The archive file name is SignedApplet.jar.
jar cvf SignedApplet.jar SignedAppletDemo.class
3. Generate Keys
Susan creates a keystore database named susanstore that has an entry for a newly generated public and private key pair with the public key in a certificate. A JAR file is signed with the private key of the creator of the JAR file and the signature is verified by the recipient of the JAR file with the public key in the pair. The certificate is a statement from the owner of the private key that the public key in the pair has a particular value so the person using the public key can be assured the public key is authentic. Public and private keys must already exist in the keystore database before jarsigner can be used to sign or verify the signature on a JAR file.
In her working directory, Susan creates a keystore database and generates the keys:
keytool -genkey -alias signFiles -keystore susanstore -keypass kpi135 -dname "cn=jones" -storepass ab987c
This keytool -genkey command invocation generates a key pair that is identified by the alias signFiles. Subsequent keytool command invocations use this alias and the key password (-keypass kpi135) to access the private key in the generated pair.
The generated key pair is stored in a keystore database called susanstore (-keystore susanstore) in the current directory, and accessed with the susanstore password (-storepass ab987c).
The -dname "cn=jones" option specifies an X.500 Distinguished Name with a commonName (cn) value. X.500 Distinguished Names identify entities for X.509 certificates.
You can view all keytool options and parameters by typing:
keytool -help
4. Sign the JAR File
JAR Signer is a command line tool for signing and verifying the signature on JAR files. In her working directory, Susan uses jarsigner to make a signed copy of the SignedApplet.jar file.
jarsigner -keystore susanstore -storepass ab987c -keypass kpi135 -signedjar SSignedApplet.jar SignedApplet.jar signFiles
The -storepass ab987c and -keystore susanstore options specify the keystore database and password where the private key for signing the JAR file is stored. The -keypass kpi135 option is the password to the private key, SSignedApplet.jar is the name of the signed JAR file, and signFiles is the alias to the private key. jarsigner extracts the certificate from the keystore whose entry is signFiles and attaches it to the generated signature of the signed JAR file.
5. Export the Public Key Certificate
The public key certificate is sent with the JAR file to the whoever is going to use the applet. That person uses the certificate to authenticate the signature on the JAR file. To send a certificate, you have to first export it.
The -storepass ab987c and -keystore susanstore options specify the keystore database and password where the private key for signing the JAR file is stored. The -keypass kpi135 option is the password to the private key, SSignedApplet.jar is the name of the signed JAR file, and signFiles is the alias to the private key. jarsigner extracts the certificate from the keystore whose entry is signFiles and attaches it to the generated signature of the signed JAR file.
5: Export the Public Key Certificate
The public key certificate is sent with the JAR file to the whoever is going to use the applet. That person uses the certificate to authenticate the signature on the JAR file. To send a certificate, you have to first export it.
In her working directory, Susan uses keytool to copy the certificate from susanstore to a file named SusanJones.cer as follows:
keytool -export -keystore susanstore -storepass ab987c -alias signFiles -file SusanJones.cer
Ray
Ray receives the JAR file from Susan, imports the certificate, creates a policy file granting the applet access, and runs the applet.
6. Import Certificate as a Trusted Certificate
Ray has received SSignedApplet.jar and SusanJones.cer from Susan. He puts them in his home directory. Ray must now create a keystore database (raystore) and import the certificate into it. Ray uses keytool in his home directory /home/ray to import the certificate:
keytool -import -alias susan -file SusanJones.cer -keystore raystore -storepass abcdefgh
7. Create the Policy File
The policy file grants the SSignedApplet.jar file signed by the alias susan permission to create newfile (and no other file) in the user's home directory.
Ray creates the policy file in his home directory using either policytool or an ASCII editor.
keystore "/home/ray/raystore";
// A sample policy file that lets a JavaTM program
// create newfile in user's home directory
// Satya N Dodda
grant SignedBy "susan"
permission java.security.AllPermission;
8. Run the Applet in Applet Viewer
Applet Viewer connects to the HTML documents and resources specified in the call to appletviewer, and displays the applet in its own window. To run the example, Ray copies the signed JAR file and HTML file to /home/aURL/public_html and invokes Applet viewer from his home directory as follows:
Html code :
</body>
</html>
<OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
width="600" height="400" align="middle"
codebase="http://java.sun.com/products/plugin/1.3/jinstall-13-win32.cab#Version=1,3,1,2">
<PARAM NAME="code" VALUE="SignedAppletDemo.class">
<PARAM NAME="archive" VALUE="SSignedApplet.jar">
<PARAM NAME="type" VALUE="application/x-java-applet;version=1.3">
</OBJECT>
</body>
</html>
appletviewer -J-Djava.security.policy=Write.jp
http://aURL.com/SignedApplet.html
Note: Type everything on one line and put a space after Write.jp
The -J-Djava.security.policy=Write.jp option tells Applet Viewer to run the applet referenced in the SignedApplet.html file with the Write.jp policy file.
Note: The Policy file can be stored on a server and specified in the appletviewer invocation as a URL.
9. Run the Applet in Browser
Download JRE 1.3 from Javasoft
good luck! [email protected]
i already give u many tips, i use 2 weeks to try this to success, hopw that u understand that, a result of success is not important, the process of how to get things done is most usefull!

Signed applet on local filesystem not working anymore

Hi,
Everyone knows that accessing local file system has always been a security threat.
But clients are our bread and butter.
Our clients have asked for web app consisting in a zip file, downloaded, containing an html page with dynamic content and links to many pdf.
So far, so good: i download my zip unzip it, access my pdfs, and once every pdfs have been modified, i click on a button that is from a signed applet, and the applet checks which pdfs have changed, and post the files to a web service on a server....Et voilà.
It's been working for at least 5 years like that.
But now my clients are updating to jre 7u45.
And as A LOT OF PEOPLE HERE....my applet won't load and work if i compile it with the new sdk....: i get the InvocationTargetException...exception
Is there an easy way to , step by step, compile , sign and yadi yada...and make it work.
I mean my applet has always did its job..., nothing will change in the code...it's only the annoying changing everything without warning.....
Anyone whould have an alternate approach instead of applet (my guess is NO).....: but nowadays with an applet you program 5 hours and you deploy 10 days.

I have the same issue here and it is not working anymore with auto-signed certificate too
I am going to stop using Safari if that , all is working fine with Chrome Firefox and Opera
Apple says
As a good security practice, you should validate PGP keys you receive, and not trust keys that cannot be validated. Information to validate the Apple Product Security PGP Key is available from
Maybe but this is my problem and if I want to trust anyway I must use another browser

Future of signed applets

Hey,
I'm currently developping internal tools using Web start applications and applets. Since the latest updates, we have security prompts because they are self-signed (not trusted by default).
For now, we're OK with the prompts but someone told me this was going to disappear in a future release, meaning all applets would have to be signed with a trusted certificate. Now, I searched the web a bit about that and didn't find anything. Any of you guys know more about this? Whether it's true or not?
Any links and help will be greatly appreciated
Thank you

If any malicious code has sufficient privileges to manipulate the cache of signed applets, then it can easily do much worse things than elevate the privileges of some unsigned Java code.

Signing applets, going crazy

Similar Messages

Maybe you are looking for