Accessing signed applets from netscape 4.5 browser

Hi,

1)I need to write an applet in JDK 1.1 which will access serial port and printer. This applet will run on netscape 4.5 . Are signed applets necessary .. if yes how to do this .. any pointers .. sample code will be helpful.
I had tried example given by at java.sun.com, it throws security exception.
2) To run a signed applet on browser r there any software required on client side other than browser.
3)Are third party digital certificates must for this? (Our clients are known to us since the applet will be run within our organization.)
TikshyaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

memingCommented:
Reference: http://java.sun.com/security/signExample/
"Unfortunately the Java Development Kit (JDK TM) 1.1 signing and verification is not supported by the web browsers (NetscapeTM's and Microsoft's.)"

You would need a java plug-in for what you need to do.

1) You need to explicitly define security policies for the applet sandbox, Security Manager
Here is an article and some reference at its end:
http://www.javaworld.com/javaworld/jw-08-1998/jw-08-sandbox_p.html

2) Besides JDK1.1 limitations on browsers, no software is required on the client side, except a compatible browser -- NN and IE supporting 40-bit encryption (don't know if better encryption is available yet).

3) For intranets, certificates from companies like Verisign are not necessary. You can make your own certificates by using the tools come with JDK -- javakey.exe, policytool.exe, keytool.exe, etc..
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sgomsCommented:
Go for jdk1.2 , Java 2 plug-in.

check out the Java Tutirial on Security in java 1.2

some of tr resources r,
Code signing resources:

Creating Signed, Persistent Java Applets
http://www.ddj.com/articles/1999/9902/9902h/9902h.htm 

http://www.javasoft.com/products/jdk/1.1/docs/guide/security/index.html 
http://java.sun.com/docs/books/tutorial/applet/overview/security.html 
http://java.sun.com/security/signExample/index.html 
http://java.sun.com/docs/books/tutorial/security1.2/toolsign/index.html 
http://www.verisign.com/library/guide/developer/signing/index.html 
http://www.suitable.com/Doc_CodeSigning.shtml 
http://www.securingjava.com/appdx-c/ 
http://tactika.com/realhome/javaht/java-s1.html 
http://www.fastlane.net/~tlandry/javafaq.txt 

MS:
http://www.thawte.com/support/developer/ms.html 
http://www.developer.com/journal/techworkshop/curr.html 
http://www.verisign.com/library/guide/developer/authenticode/index.html 
http://msdn.microsoft.com/library/psdk/crypto/cryptotools_6cdv.htm 
http://msdn.microsoft.com/library/psdk/crypto/portaltool_3u3p.htm 

NN:
http://developer.netscape.com/docs/manuals/signedobj/ 
http://developer.netscape.com/docs/manuals/signedobj/javadoc/Package-netscape_security.html 
http://developer.netscape.com/docs/manuals/signedobj/targets/contents.htm 
http://developer.netscape.com/support/faqs/objfaq.html 
http://developer.netscape.com/docs/manuals/deploymt/4_5PREFS.HTM 

NN: Bypass the need for a certificate
Netscape provides a way to accept a codebase as trusted (then a certificate is not needed). This can be useful
during development or in a private Intranet. In the Netscape Users directory, there is a file called prefs.js. Adding
the line user_pref("signed.applets.codebase_principal_support", true);

will enable JAR file without a certificate to request privileges on your machine. If you agree, it will be possible for
an Applet to lauch a program, write a file on your hard disk or print on the printer. You will still have to ask for
privileges in your program using the Netscape capabilites classes.
Another way is to lower general security setting to more allow more freedom when running applets locally. Add or
modify the following entries in the prefs.js: user_pref("unsigned.applets.low_security_for_local_classes", true);
user_pref("signed.applets.local_classes_have_30_powers", true);
user_pref("signed.applets.low_security_for_local_classes", true);
user_pref("signed.applets.verbose_security_exception", true);


Then you don't need to asked for privileges for local classes.
When adding or modifying the file prefs.js, Netscape must not be running because your modification will be
overwritten. So shut down Netscape, edit the prefs.js and then restart Netscape.

(courtesy vladi21)

-sgoms
0
Ravindra76Commented:
:)
0
nsureshCommented:
Hi,
thanks for the inputs.
In IE 5.0, u can declare a site as a trusted site and give all the necessary permissions to that site. Is such a thing possible? This will eliminate the need of signing etc.

-Tikshya
0
Ravindra76Commented:

No. In NN it's not posible.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java

From novice to tech pro — start learning today.