Solved

Signed Objects with Netscape and Java

Posted on 1998-02-18
7
266 Views
Last Modified: 2010-04-16
Can anyone tell me, step by step, how I can make
a signed applet which is able to make network connections
to the orgin the applet can from.

Regards Ian

0
Comment
Question by:e4monsch
  • 4
  • 3
7 Comments
 
LVL 1

Expert Comment

by:datadesign
ID: 1233147
first of all, an applet can always make a connection to its origin.
to make a signed applet in netscape, you need a certificate from a trust center like thawte or verisign.
when u have the certificate, use a prog named zigbert, then put all classes and the meta-inf (generated by zigbert) in a .jar file. thats it. To request any rights, u have to implement the request in the applet, using the netscape security classes.(see instructions in doc)
0
 
LVL 1

Accepted Solution

by:
datadesign earned 50 total points
ID: 1233148
sorry, should have be an answer... :)
0
 
LVL 2

Author Comment

by:e4monsch
ID: 1233149
Very interessting, but I need it a bit more in detail!
What kind of certificate do I need? Is a personal certificate
enough or do I need a server certificate?
How do I generate the meta-information?
How do I utilise the netscape security classes? Example?

Regards Ian


0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Expert Comment

by:datadesign
ID: 1233150
Certificate (verisign) :
* Class 2 Digital ID for Object Signing: $20 annually
* Class 3 Digital ID for Object Signing: $400 annually

Class 2 is for private developer, class 3 for devlopment companies.

install one of these certificates in your netscape browser !

meta-inf: (using zigbert tool)
***********************************************************
zigbert 0.60 - a signing tool for jar files

Usage:  zigbert [options] directory-tree

    -b"basename"          basename of .sf, .rsa files for signing
    -d"certificate directory"   contains cert*.db and key*.db
    -e".ext"                    sign only files with this                                                                 extension
    -i"installer script"        assign installer javascript
    -j"javascript directory"    sign javascript files in this                                                                 subtree
    -k"cert nickname"           sign with this certificate
    -m"metafile"                include custom meta-information
    -o                          optimize - omit optional headers
    -p"password"                for password on command line                                 (insecure)
    -x"name"                    directory or filename to exclude
    -z                          omit signing time from signature

zigbert -L
  lists the certificates in your database

zigbert -v file.jar
  show the contents of the specified jar file

zigbert -w file.jar
  if valid, tries to tell you who signed the jar file

You will need to zip the directory-tree with a zip tool.

For more details, visit
  http://developer.netscape.com/software/signedobj/

using netscape classes :

private void enableSecurity()
{  
String browserName = System.getProperty("java.vendor");
try
{        netscape.security.PrivilegeManager.enablePrivilege("30Capabilities");
        netscape.security.PrivilegeManager.enablePrivilege("UniversalFileAccess");
}
catch (netscape.security.ForbiddenTargetException e) {} catch(NoSuchMethodError e) {}
}

0
 
LVL 2

Author Comment

by:e4monsch
ID: 1233151
Thanks about the information about object signing. You'll get the points, but you can earn
an extra 25 points, if you answer the following questions:

1. You wrote that an applet can make connections to the host it came from:
Do I need to ask the netscape.PrivilegeManager for permission to make a connection to the origin?
When yes, which Privilege is it?

2. How does Netscape determin, that an applet connects to the original host? Does Netscape use the dns reverse lookup to grant the permission to the applet?

3. To make the above example run, where can I find all those netscape packages and the *documentation* for this in Form of a ZIP-File? I could not find any thing on Netscape site. Could you give me the URL. Thanks.

Regards Ian

0
 
LVL 1

Expert Comment

by:datadesign
ID: 1233152
1. u dont have to ask 4 an extra privilege, i think it should work without asking.

2. yes, dont know exactly, but i think java look at ip where it comes from, and only allows connections to this ip.

3. the classes r in your netscape dir, in the classes\java\java40 .jar
see more information at http://developer.netscape.com

0
 
LVL 2

Author Comment

by:e4monsch
ID: 1233153
Question to #3:

I added the netscape path in the CLASSPATH, but my java coundn't
find it. What's the problem?

Is there a whole package with the documenation for download?

Regards Ian
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By the end of 1980s, object oriented programming using languages like C++, Simula69 and ObjectPascal gained momentum. It looked like programmers finally found the perfect language. C++ successfully combined the object oriented principles of Simula w…
Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
This video teaches viewers about errors in exception handling.
This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now