Solved

Give permissions to unsigned applets in Netscape

Posted on 1998-10-28
4
283 Views
Last Modified: 2012-06-27
I have written a java applet to be used on our company's intranet. The applet needs to access the system clipboard. For IE users, the intranet is in the 'trusted zone' and so even unsigned applets can access the system clipboard. Is there any way to do something similar on Netscape browser. Activating codebase principles would be ony way to go (http://developer.netscape.com/docs/technote/security/sectn2.html) but this would allow applets from outside the intranet also to do what ever they want. Installing the applet locally on every machine is also dificult. If you have any suggestions, I'd be glad to hear it.
--regards
Rajesh Vijayakumar
0
Comment
Question by:vijayk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
msmolyak earned 100 total points
ID: 1226547
Why not sign an applet? Since it is for internal use you can even sign it without getting a certificate from the proper authority. You can then use Netscape's Capabilities API to request extra privileges. This API can also be used for unsigned applets loaded from CLASSPATH (but that would require installing applets locally, the thing you are trying to avoid).

The bottom line: Netscape's security model is very different from Microsoft's one. To request privileges applets have to use Capabilities API and to da that they have to be signed or come from the CLASSPATH.

0
 

Author Comment

by:vijayk
ID: 1226548
I haven't used code signing before so I am somewhat ignorent on the subject. When you say I don't need to get the certificate from the proper authority, do you mean I can generate certificates my self? How? And if I have my own certificate, should'nt there be a certificate server or something on the nerwork to verify it? I don't want Navigator to tell the users that the certificate could not be verfied and thus frighten them off.
0
 
LVL 5

Expert Comment

by:msmolyak
ID: 1226549
Yeah, of course if you want a verifiable certificate you need to purchase one. I got one from Thawte, the process is somewhat of a hassle (you need to send them all sort of papers), but technically it is pretty easy.

Try this link for more info:
http://www.suitable.com/Doc_CodeSigning.shtml.

Netscape's Web site has plenty of info on how to use Netscape's signing tools.
0
 

Author Comment

by:vijayk
ID: 1226550
That site has pretty detailed expalnations on code signing. Thank you for letting me know.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An old method to applying the Singleton pattern in your Java code is to check if a static instance, defined in the same class that needs to be instantiated once and only once, is null and then create a new instance; otherwise, the pre-existing insta…
Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question