?
Solved

Accessing signed applets from netscape 4.5 browser

Posted on 1999-12-21
5
Medium Priority
?
218 Views
Last Modified: 2008-03-06
Hi,

1)I need to write an applet in JDK 1.1 which will access serial port and printer. This applet will run on netscape 4.5 . Are signed applets necessary .. if yes how to do this .. any pointers .. sample code will be helpful.
I had tried example given by at java.sun.com, it throws security exception.
2) To run a signed applet on browser r there any software required on client side other than browser.
3)Are third party digital certificates must for this? (Our clients are known to us since the applet will be run within our organization.)
0
Comment
Question by:Tikshya
5 Comments
 
LVL 2

Accepted Solution

by:
meming earned 400 total points
ID: 2298918
Reference: http://java.sun.com/security/signExample/
"Unfortunately the Java Development Kit (JDK TM) 1.1 signing and verification is not supported by the web browsers (NetscapeTM's and Microsoft's.)"

You would need a java plug-in for what you need to do.

1) You need to explicitly define security policies for the applet sandbox, Security Manager
Here is an article and some reference at its end:
http://www.javaworld.com/javaworld/jw-08-1998/jw-08-sandbox_p.html

2) Besides JDK1.1 limitations on browsers, no software is required on the client side, except a compatible browser -- NN and IE supporting 40-bit encryption (don't know if better encryption is available yet).

3) For intranets, certificates from companies like Verisign are not necessary. You can make your own certificates by using the tools come with JDK -- javakey.exe, policytool.exe, keytool.exe, etc..
0
 
LVL 5

Expert Comment

by:sgoms
ID: 2300147
Go for jdk1.2 , Java 2 plug-in.

check out the Java Tutirial on Security in java 1.2

some of tr resources r,
Code signing resources:

Creating Signed, Persistent Java Applets
http://www.ddj.com/articles/1999/9902/9902h/9902h.htm 

http://www.javasoft.com/products/jdk/1.1/docs/guide/security/index.html 
http://java.sun.com/docs/books/tutorial/applet/overview/security.html 
http://java.sun.com/security/signExample/index.html 
http://java.sun.com/docs/books/tutorial/security1.2/toolsign/index.html 
http://www.verisign.com/library/guide/developer/signing/index.html 
http://www.suitable.com/Doc_CodeSigning.shtml 
http://www.securingjava.com/appdx-c/ 
http://tactika.com/realhome/javaht/java-s1.html 
http://www.fastlane.net/~tlandry/javafaq.txt 

MS:
http://www.thawte.com/support/developer/ms.html 
http://www.developer.com/journal/techworkshop/curr.html 
http://www.verisign.com/library/guide/developer/authenticode/index.html 
http://msdn.microsoft.com/library/psdk/crypto/cryptotools_6cdv.htm 
http://msdn.microsoft.com/library/psdk/crypto/portaltool_3u3p.htm 

NN:
http://developer.netscape.com/docs/manuals/signedobj/ 
http://developer.netscape.com/docs/manuals/signedobj/javadoc/Package-netscape_security.html 
http://developer.netscape.com/docs/manuals/signedobj/targets/contents.htm 
http://developer.netscape.com/support/faqs/objfaq.html 
http://developer.netscape.com/docs/manuals/deploymt/4_5PREFS.HTM 

NN: Bypass the need for a certificate
Netscape provides a way to accept a codebase as trusted (then a certificate is not needed). This can be useful
during development or in a private Intranet. In the Netscape Users directory, there is a file called prefs.js. Adding
the line user_pref("signed.applets.codebase_principal_support", true);

will enable JAR file without a certificate to request privileges on your machine. If you agree, it will be possible for
an Applet to lauch a program, write a file on your hard disk or print on the printer. You will still have to ask for
privileges in your program using the Netscape capabilites classes.
Another way is to lower general security setting to more allow more freedom when running applets locally. Add or
modify the following entries in the prefs.js: user_pref("unsigned.applets.low_security_for_local_classes", true);
user_pref("signed.applets.local_classes_have_30_powers", true);
user_pref("signed.applets.low_security_for_local_classes", true);
user_pref("signed.applets.verbose_security_exception", true);


Then you don't need to asked for privileges for local classes.
When adding or modifying the file prefs.js, Netscape must not be running because your modification will be
overwritten. So shut down Netscape, edit the prefs.js and then restart Netscape.

(courtesy vladi21)

-sgoms
0
 
LVL 7

Expert Comment

by:Ravindra76
ID: 2301746
:)
0
 

Expert Comment

by:nsuresh
ID: 2307283
Hi,
thanks for the inputs.
In IE 5.0, u can declare a site as a trusted site and give all the necessary permissions to that site. Is such a thing possible? This will eliminate the need of signing etc.

-Tikshya
0
 
LVL 7

Expert Comment

by:Ravindra76
ID: 2335834

No. In NN it's not posible.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

INTRODUCTION Working with files is a moderately common task in Java.  For most projects hard coding the file names, using parameters in configuration files, or using command-line arguments is sufficient.   However, when your application has vi…
Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
Viewers learn about the “for” loop and how it works in Java. By comparing it to the while loop learned before, viewers can make the transition easily. You will learn about the formatting of the for loop as we write a program that prints even numbers…
This video teaches viewers about errors in exception handling.
Suggested Courses
Course of the Month4 days, 9 hours left to enroll

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question