Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 271
  • Last Modified:

Signed Objects with Netscape and Java

Can anyone tell me, step by step, how I can make
a signed applet which is able to make network connections
to the orgin the applet can from.

Regards Ian

0
e4monsch
Asked:
e4monsch
  • 4
  • 3
1 Solution
 
datadesignCommented:
first of all, an applet can always make a connection to its origin.
to make a signed applet in netscape, you need a certificate from a trust center like thawte or verisign.
when u have the certificate, use a prog named zigbert, then put all classes and the meta-inf (generated by zigbert) in a .jar file. thats it. To request any rights, u have to implement the request in the applet, using the netscape security classes.(see instructions in doc)
0
 
datadesignCommented:
sorry, should have be an answer... :)
0
 
e4monschAuthor Commented:
Very interessting, but I need it a bit more in detail!
What kind of certificate do I need? Is a personal certificate
enough or do I need a server certificate?
How do I generate the meta-information?
How do I utilise the netscape security classes? Example?

Regards Ian


0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
datadesignCommented:
Certificate (verisign) :
* Class 2 Digital ID for Object Signing: $20 annually
* Class 3 Digital ID for Object Signing: $400 annually

Class 2 is for private developer, class 3 for devlopment companies.

install one of these certificates in your netscape browser !

meta-inf: (using zigbert tool)
***********************************************************
zigbert 0.60 - a signing tool for jar files

Usage:  zigbert [options] directory-tree

    -b"basename"          basename of .sf, .rsa files for signing
    -d"certificate directory"   contains cert*.db and key*.db
    -e".ext"                    sign only files with this                                                                 extension
    -i"installer script"        assign installer javascript
    -j"javascript directory"    sign javascript files in this                                                                 subtree
    -k"cert nickname"           sign with this certificate
    -m"metafile"                include custom meta-information
    -o                          optimize - omit optional headers
    -p"password"                for password on command line                                 (insecure)
    -x"name"                    directory or filename to exclude
    -z                          omit signing time from signature

zigbert -L
  lists the certificates in your database

zigbert -v file.jar
  show the contents of the specified jar file

zigbert -w file.jar
  if valid, tries to tell you who signed the jar file

You will need to zip the directory-tree with a zip tool.

For more details, visit
  http://developer.netscape.com/software/signedobj/

using netscape classes :

private void enableSecurity()
{  
String browserName = System.getProperty("java.vendor");
try
{        netscape.security.PrivilegeManager.enablePrivilege("30Capabilities");
        netscape.security.PrivilegeManager.enablePrivilege("UniversalFileAccess");
}
catch (netscape.security.ForbiddenTargetException e) {} catch(NoSuchMethodError e) {}
}

0
 
e4monschAuthor Commented:
Thanks about the information about object signing. You'll get the points, but you can earn
an extra 25 points, if you answer the following questions:

1. You wrote that an applet can make connections to the host it came from:
Do I need to ask the netscape.PrivilegeManager for permission to make a connection to the origin?
When yes, which Privilege is it?

2. How does Netscape determin, that an applet connects to the original host? Does Netscape use the dns reverse lookup to grant the permission to the applet?

3. To make the above example run, where can I find all those netscape packages and the *documentation* for this in Form of a ZIP-File? I could not find any thing on Netscape site. Could you give me the URL. Thanks.

Regards Ian

0
 
datadesignCommented:
1. u dont have to ask 4 an extra privilege, i think it should work without asking.

2. yes, dont know exactly, but i think java look at ip where it comes from, and only allows connections to this ip.

3. the classes r in your netscape dir, in the classes\java\java40 .jar
see more information at http://developer.netscape.com

0
 
e4monschAuthor Commented:
Question to #3:

I added the netscape path in the CLASSPATH, but my java coundn't
find it. What's the problem?

Is there a whole package with the documenation for download?

Regards Ian
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now