Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

about applet signature  RSS feed

walter wang
Ranch Hand
Posts: 159
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
there is a link has a sample and article about applet
I read this article .but i have a question about follow sentences

What happens when you download a signed applet is this: the browser downloads the JAR file and checks whether it is signed. If it is, it will check the security policy configuration file whether the "usePolicy" RuntimePermission is set. There are two policy files, a system-wide one, (JRE_HOME/lib/security/java.policy) and a user specific one (USER_HOME/.java.policy). In my case, my system-wide one is at C:\Program Files\JavaSoft\JRE\1.3.1\lib\security and my user one is at C:\Windows\.java.policy. When the plug-in starts, it will concatenate both of them together and use them as a security policy for the rest of the session. If the usePolicy permission is set, security is controlled based on the permissions that are set in the policy files, even if you have an RSA signed applet signed by a trusted authority that wants full control over your client's machine. This allows you to have finer-grained security control over what your signed applets are able to do.

but i also find two java policy file in my pc which is win2k
fisrt java.policy file
c:\program files\javasoft\jre\1.3.1\securtiy\java.policy
second java policy file
but which is my user java policy file?
i put modified java.policy
into those two directorie.
even i put it into c:\documentsandsetting\walter(my user name)
my modified java.policy has even more permissions
it is like belowings
grant {
permission java.lang.RuntimePermission "usePolicy";
permission "C:${/}esusfoo", "write";
but when i try click this link as article said.
If you run this signed applet (, using the same modified policy file, esusfoo was successfully accessed but, a AccessControlException is thrown in accessing esusfoo2, as expected.
results are : both files are accessdenied exception

thanks in advnace
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!