• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Cerficate Vs Policy File

 
Ranch Hand
Posts: 249
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Friends
I have signed jar with a certificate exported. Now when another user from some other machine runs tries to invoke the html(which contains the applet) from my server they get a certificate request poping up asking whether you what the certificate to be downloaded?
They accept yes and the applet runs. so what about policy file which i created to give to the client to make him give access to my applet.
So how in real terms how will policy file gets distributed with the certicate?

Please help

Thanks
Farouk
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Policies and certificates are two complimentary, but unrelated, ways to assign trust to an applet. If you use one, you don't need the other. Policies can be finer-grained (certificates are an all-or-nothing thing), but require the user to change obscure settings on their machine, while the certificate dialog is generally understood. Some more pointers can be found on this page.
[ January 27, 2006: Message edited by: Ulf Dittmer ]
 
Mohamed Farouk
Ranch Hand
Posts: 249
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Ulf
So basically what your saying is if you use policy files there is no need to use certificates and if you use certificates you cannot use policy files.
Usign certificates exposes the whole client environment to the applet. Using policy files grant requred access only.

So if my understanding right.
1. If i have to use policy file, I have to still sign the jar and provide a certificate with the jar where in the applet is present?
Please reply.
2. How will you distribute your policy file when you have to use security using policy files.

Regards
Farouk
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

if you use certificates you cannot use policy files


You can use both together. But there's no point in doing so.

If i have to use policy file, I have to still sign the jar and provide a certificate with the jar where in the applet is present?


No. Like I said, they're independent of each other.

How will you distribute your policy file when you have to use security using policy files


Maybe email instructions to your users with what to do? Or put those instructions on the web page that hosts the applet? You shouldn't distribute an actual file, because users might have one already, and you don't want them to replace that by yours.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic