Win a copy of Testing JavaScript Applications this week in the HTML Pages with CSS and JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

about applet signature

 
Ranch Hand
Posts: 159
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
there is a link has a sample and article about applet
signature
http://www.esus.com/javaindex/j2se/jdk1.2/javaxswing/toplevelcontainers/japplet/jappletsec/signjappcontrol.html
I read this article .but i have a question about follow sentences

What happens when you download a signed applet is this: the browser downloads the JAR file and checks whether it is signed. If it is, it will check the security policy configuration file whether the "usePolicy" RuntimePermission is set. There are two policy files, a system-wide one, (JRE_HOME/lib/security/java.policy) and a user specific one (USER_HOME/.java.policy). In my case, my system-wide one is at C:\Program Files\JavaSoft\JRE\1.3.1\lib\security and my user one is at C:\Windows\.java.policy. When the plug-in starts, it will concatenate both of them together and use them as a security policy for the rest of the session. If the usePolicy permission is set, security is controlled based on the permissions that are set in the policy files, even if you have an RSA signed applet signed by a trusted authority that wants full control over your client's machine. This allows you to have finer-grained security control over what your signed applets are able to do.

but i also find two java policy file in my pc which is win2k
fisrt java.policy file
c:\program files\javasoft\jre\1.3.1\securtiy\java.policy
second java policy file
c:\jdk1.3.1\jre\lib\security\java.policy
but which is my user java policy file?
i put modified java.policy
into those two directorie.
even i put it into c:\documentsandsetting\walter(my user name)
my modified java.policy has even more permissions
it is like belowings
grant {
permission java.lang.RuntimePermission "usePolicy";
permission java.io.FilePermission "C:${/}esusfoo", "write";
};
but when i try click this link as article said.
If you run this signed applet (http://www.esus.com/applets/WriteTwoFiles.html), using the same modified policy file, esusfoo was successfully accessed but, a AccessControlException is thrown in accessing esusfoo2, as expected.
results are : both files are accessdenied exception
why???

thanks in advnace
 
Liar, liar, pants on fire! refreshing plug:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic