Solved

How do signed Jar files in applet access local file system or activate a file in the harddisk?

Posted on 2000-03-08
7
233 Views
Last Modified: 2013-11-23
Hi friends,

I would like to execute a prog in the remote hard disk, such that the prog can read the data from a smart card at client side and transmit back to the server.

I have think of a way to do so. Can I use an applet embedded in the html to do so?

I uses Jdk1.2.2.
Presently I am only doing simulation on 1 PC, acting as client and server. and want to test the signed applet methods to access local H.D. But got some doubts, pls help.

Below are the steps:
1) Using keytool to create keys for client and server.
2) Using Jarsigner to sign the jar file using the server's public key and embedded it in the HTML file.

Jar file prog:   sTestJar.jar
import java.awt.*;
import java.io.*;
import java.applet.*;
import java.util.Enumeration;
import java.util.Properties;

public class testJar extends Applet
{
        int pos = 10;
        String openKeys[] = new String[4];
        String protectedKeys[] = new String[3];
        public void init()
       {
           openKeys[0] = new String("java.version");
           openKeys[1] = new String("os.name");
           openKeys[2] = new String("os.arch");
           openKeys[3] = new String("os.version");
           protectedKeys[0] = new String("user.name");
           protectedKeys[1] = new String("user.home");
           protectedKeys[2] = new String("user.dir");
          }
          public void paint(Graphics g)
          {
                int y = 10;
                g.drawString("Attempting to access open system properties", 10, y+=10);
      System.out.println("Attempting to access open system properties");
                for (int i = 0; i < 4; i++)
                {
                    try {String value = System.getProperty(openKeys[i]);
           g.drawString(openKeys[i] + ":= '" + value + "'", 10, y+=10);
           System.out.println(openKeys[i] + ":= '" + value + "'");
      }
      catch (SecurityException e)
                {
          g.drawString("System.getProperty(" +openKeys[i] + "): caught security exception", 10, y+=10);
          System.out.println("System.getProperty(" +openKeys[i] + "): caught security exception");
                }catch (Exception e)
       {
          g.drawString("System.getProperty(" +openKeys[i] + "):caught exception" + e , 10, y+=10);
          System.out.println("System.getProperty(" +openKeys[i] + "): caught exception" + e );
                  }
      }
                g.drawString("Attempting to access protected system properties",10, y+=10);
                System.out.println("Attempting to access protected system properties");
                for (int i = 0; i < 3; i++)
               {
                   try {String value = System.getProperty(protectedKeys[i]);
                g.drawString(protectedKeys[i] + ":= '" + value + "'", 10, y+=10);
                           System.out.println(protectedKeys[i] + ":= '" + value + "'");
           }
           catch (SecurityException e)
          {
                         g.drawString("System.getProperty(" +protectedKeys[i] + "): caught security exception", 10, y+=10);
               System.out.println("System.getProperty(" +protectedKeys[i] + "): caught security exception");
           }
           catch (Exception e)
           {
                        g.drawString("System.getProperty(" +protectedKeys[i] + "): caught exception" + e , 10, y+=10);
              System.out.println("System.getProperty(" +protectedKeys[i] + "): caught exception" + e );
            }
      }

  }
}

HTML prog:  testJar.html
<html>
<title>Test Signed Applet</title>
<hr>
Excuting an applet which violates the sandbox protections by accessing system properties
that are not normally accessable.
<p>
<applet code=testJar.class archive="sTestJar.jar" width=500 height=200>
</applet>
<p>
<hr>
</html>

3)Import the server.cer into the client's keystore
4)Using policytool to create a new policy file, so that the policyfile allow AllPermission for applet signned by the server (assumption for simulation)

Pls, correct me if I am wrong.
However when I run "appletviewer testJar.html", I got msg
 "                             :
            :
  System.getProperty(user.name: caught security exception)
  System.getProperty(user.home: caught security exception)
  System.getProperty(user.dir: caught security exception)
 "

May I know:
1)how do the appletviewer know which policyfile to use, since I declare both client's and server's keystore in same PC.
Or if there is multiple policy files, how did it know which to use?
2)Also I understand that for browser need a kind of Java plug-in, does it for work for jdk1.2.2?
3)Since the "javakey" tool and identity files are not used in the jdk1.2.2, does the plug in work for it?
4)do you think this is the best way to acess the hardware on the remote client?

Pls advise....Thank you very much...

regards HuangJo
 
0
Comment
Question by:HuangJo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 2

Expert Comment

by:muraliram
ID: 2595583
You have a way to test these. Visit the foolowing link. I have done a similar thing. You will get information from the following link. If you have any more doubts please ask.

You have to use com.ms.security.PolicyEngine(com.ms.security.PermissionID.PROEPRTY);
to getb permission to access local system properties in InternetExplorer and for Netscape

netscape.security.PrevilegeManager.enablePrevilege() to get permission. Details about signing and other is included in the following links.

In the current sotuation you don't nned a Java plugin you can do this after reading the following articles

www.ddj.com/articles/1999/9902/9902h/9902h.htm

www.suitable.com/Doc_CodeSigning.shtml
www.suitable.com/CodeSigningCerts.shtml

Regards

Murali
0
 

Author Comment

by:HuangJo
ID: 2603311
Hi Murali

Thank you very much for your advices. However, as I am using jdk1.2, could I just use the jdk1.2.2 keytool to generate the keys, certificates and also the signing of jar files? Instead of using the individual signing tools and buying the cert for each types of browsers(netscape and IE), as mentioned in the first reference site that you have given me.

Thank you very much.

regards
HuangJo
0
 

Author Comment

by:HuangJo
ID: 2603350
Hi,

for example, after I generate the keys and certificates using the jdk1.2.2 keytool and signed the jar files. Then I run the appletviewer in DOS

c:\ appletviewer -J-Djava.security.policy=jopolicy testJar.html

where "jopolicy" is the policy file that I have created using the policytool of jdk1.2.2

It does not give me exceptions, but how do I do it in the browser such that it can select the policy files that I have created and also the particular keystore?? Must I really use the browser specific java virtual machine to do it.

Thank you.

regards
HuangJo

0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 2

Expert Comment

by:muraliram
ID: 2603516
Dear HuangJo,


Using policy files will not be practical if you want to distribute the
aplication over the internet. Wen we have generated keys using keytool it was showing some problem. It's better to use the methods which I have given through the link so that you can use it to sign other things also. Also it's better to create seperate certificates for both IE Netscape(From my experience). You use signtool to create
testcertificate for Netscape and makecert.exe for IE. The makecert and other things are availabl from Microsoft SDK for Java(from microsoft.com). Try it in your own. Still if you want some code I can give it. Even if you are using jdk1.2.2 the method which I have given will work.


Bye
Murali
0
 

Author Comment

by:HuangJo
ID: 2614771
Hi Murali

In this case, could you pls give me some eg. code, so that I could have a clearer picture.

thanks alot.

regards
HuangJo
0
 
LVL 2

Accepted Solution

by:
muraliram earned 100 total points
ID: 2614852


You should sign the applet. You can get this from the links which I have given .Go to that link it contains all what you need.

Better to avoid this code in the init()


try
{

com.ms.security.PlicyEngine.assertPermission("com.ms.security.permissionID.PROPERTY");//For IE
 
           openKeys[0] = new String("java.version");
           openKeys[1] = new String("os.name");
           openKeys[2] = new String("os.arch");
           openKeys[3] = new String("os.version");
           protectedKeys[0] = new String("user.name");
           protectedKeys[1] = new String("user.home");
           protectedKeys[2] = new String("user.dir");
         

It's better to go to the links that I have given. The first one conatins examples.Please try that. Download Microsof SDK from www.microsoft.com
and install it on your system and add the zip containing com.ms.security to your classpath(c:\windows\java\packages\anyofthezipwillcontain the above classes)

Try

All the best

Murali



0
 

Author Comment

by:HuangJo
ID: 2618161
Hi Murali

Thank you very much.I will try your method.

regards
HuangJo




0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
spring jars download 1 67
null output 3 56
ejb on wildfly 5 61
web project error add remove 1 79
Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…
Suggested Courses

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question