Solved

How do signed Jar files in applet access local file system or activate a file in the harddisk?

Posted on 2000-03-08
7
224 Views
Last Modified: 2013-11-23
Hi friends,

I would like to execute a prog in the remote hard disk, such that the prog can read the data from a smart card at client side and transmit back to the server.

I have think of a way to do so. Can I use an applet embedded in the html to do so?

I uses Jdk1.2.2.
Presently I am only doing simulation on 1 PC, acting as client and server. and want to test the signed applet methods to access local H.D. But got some doubts, pls help.

Below are the steps:
1) Using keytool to create keys for client and server.
2) Using Jarsigner to sign the jar file using the server's public key and embedded it in the HTML file.

Jar file prog:   sTestJar.jar
import java.awt.*;
import java.io.*;
import java.applet.*;
import java.util.Enumeration;
import java.util.Properties;

public class testJar extends Applet
{
        int pos = 10;
        String openKeys[] = new String[4];
        String protectedKeys[] = new String[3];
        public void init()
       {
           openKeys[0] = new String("java.version");
           openKeys[1] = new String("os.name");
           openKeys[2] = new String("os.arch");
           openKeys[3] = new String("os.version");
           protectedKeys[0] = new String("user.name");
           protectedKeys[1] = new String("user.home");
           protectedKeys[2] = new String("user.dir");
          }
          public void paint(Graphics g)
          {
                int y = 10;
                g.drawString("Attempting to access open system properties", 10, y+=10);
      System.out.println("Attempting to access open system properties");
                for (int i = 0; i < 4; i++)
                {
                    try {String value = System.getProperty(openKeys[i]);
           g.drawString(openKeys[i] + ":= '" + value + "'", 10, y+=10);
           System.out.println(openKeys[i] + ":= '" + value + "'");
      }
      catch (SecurityException e)
                {
          g.drawString("System.getProperty(" +openKeys[i] + "): caught security exception", 10, y+=10);
          System.out.println("System.getProperty(" +openKeys[i] + "): caught security exception");
                }catch (Exception e)
       {
          g.drawString("System.getProperty(" +openKeys[i] + "):caught exception" + e , 10, y+=10);
          System.out.println("System.getProperty(" +openKeys[i] + "): caught exception" + e );
                  }
      }
                g.drawString("Attempting to access protected system properties",10, y+=10);
                System.out.println("Attempting to access protected system properties");
                for (int i = 0; i < 3; i++)
               {
                   try {String value = System.getProperty(protectedKeys[i]);
                g.drawString(protectedKeys[i] + ":= '" + value + "'", 10, y+=10);
                           System.out.println(protectedKeys[i] + ":= '" + value + "'");
           }
           catch (SecurityException e)
          {
                         g.drawString("System.getProperty(" +protectedKeys[i] + "): caught security exception", 10, y+=10);
               System.out.println("System.getProperty(" +protectedKeys[i] + "): caught security exception");
           }
           catch (Exception e)
           {
                        g.drawString("System.getProperty(" +protectedKeys[i] + "): caught exception" + e , 10, y+=10);
              System.out.println("System.getProperty(" +protectedKeys[i] + "): caught exception" + e );
            }
      }

  }
}

HTML prog:  testJar.html
<html>
<title>Test Signed Applet</title>
<hr>
Excuting an applet which violates the sandbox protections by accessing system properties
that are not normally accessable.
<p>
<applet code=testJar.class archive="sTestJar.jar" width=500 height=200>
</applet>
<p>
<hr>
</html>

3)Import the server.cer into the client's keystore
4)Using policytool to create a new policy file, so that the policyfile allow AllPermission for applet signned by the server (assumption for simulation)

Pls, correct me if I am wrong.
However when I run "appletviewer testJar.html", I got msg
 "                             :
            :
  System.getProperty(user.name: caught security exception)
  System.getProperty(user.home: caught security exception)
  System.getProperty(user.dir: caught security exception)
 "

May I know:
1)how do the appletviewer know which policyfile to use, since I declare both client's and server's keystore in same PC.
Or if there is multiple policy files, how did it know which to use?
2)Also I understand that for browser need a kind of Java plug-in, does it for work for jdk1.2.2?
3)Since the "javakey" tool and identity files are not used in the jdk1.2.2, does the plug in work for it?
4)do you think this is the best way to acess the hardware on the remote client?

Pls advise....Thank you very much...

regards HuangJo
 
0
Comment
Question by:HuangJo
  • 4
  • 3
7 Comments
 
LVL 2

Expert Comment

by:muraliram
ID: 2595583
You have a way to test these. Visit the foolowing link. I have done a similar thing. You will get information from the following link. If you have any more doubts please ask.

You have to use com.ms.security.PolicyEngine(com.ms.security.PermissionID.PROEPRTY);
to getb permission to access local system properties in InternetExplorer and for Netscape

netscape.security.PrevilegeManager.enablePrevilege() to get permission. Details about signing and other is included in the following links.

In the current sotuation you don't nned a Java plugin you can do this after reading the following articles

www.ddj.com/articles/1999/9902/9902h/9902h.htm

www.suitable.com/Doc_CodeSigning.shtml
www.suitable.com/CodeSigningCerts.shtml

Regards

Murali
0
 

Author Comment

by:HuangJo
ID: 2603311
Hi Murali

Thank you very much for your advices. However, as I am using jdk1.2, could I just use the jdk1.2.2 keytool to generate the keys, certificates and also the signing of jar files? Instead of using the individual signing tools and buying the cert for each types of browsers(netscape and IE), as mentioned in the first reference site that you have given me.

Thank you very much.

regards
HuangJo
0
 

Author Comment

by:HuangJo
ID: 2603350
Hi,

for example, after I generate the keys and certificates using the jdk1.2.2 keytool and signed the jar files. Then I run the appletviewer in DOS

c:\ appletviewer -J-Djava.security.policy=jopolicy testJar.html

where "jopolicy" is the policy file that I have created using the policytool of jdk1.2.2

It does not give me exceptions, but how do I do it in the browser such that it can select the policy files that I have created and also the particular keystore?? Must I really use the browser specific java virtual machine to do it.

Thank you.

regards
HuangJo

0
Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

 
LVL 2

Expert Comment

by:muraliram
ID: 2603516
Dear HuangJo,


Using policy files will not be practical if you want to distribute the
aplication over the internet. Wen we have generated keys using keytool it was showing some problem. It's better to use the methods which I have given through the link so that you can use it to sign other things also. Also it's better to create seperate certificates for both IE Netscape(From my experience). You use signtool to create
testcertificate for Netscape and makecert.exe for IE. The makecert and other things are availabl from Microsoft SDK for Java(from microsoft.com). Try it in your own. Still if you want some code I can give it. Even if you are using jdk1.2.2 the method which I have given will work.


Bye
Murali
0
 

Author Comment

by:HuangJo
ID: 2614771
Hi Murali

In this case, could you pls give me some eg. code, so that I could have a clearer picture.

thanks alot.

regards
HuangJo
0
 
LVL 2

Accepted Solution

by:
muraliram earned 100 total points
ID: 2614852


You should sign the applet. You can get this from the links which I have given .Go to that link it contains all what you need.

Better to avoid this code in the init()


try
{

com.ms.security.PlicyEngine.assertPermission("com.ms.security.permissionID.PROPERTY");//For IE
 
           openKeys[0] = new String("java.version");
           openKeys[1] = new String("os.name");
           openKeys[2] = new String("os.arch");
           openKeys[3] = new String("os.version");
           protectedKeys[0] = new String("user.name");
           protectedKeys[1] = new String("user.home");
           protectedKeys[2] = new String("user.dir");
         

It's better to go to the links that I have given. The first one conatins examples.Please try that. Download Microsof SDK from www.microsoft.com
and install it on your system and add the zip containing com.ms.security to your classpath(c:\windows\java\packages\anyofthezipwillcontain the above classes)

Try

All the best

Murali



0
 

Author Comment

by:HuangJo
ID: 2618161
Hi Murali

Thank you very much.I will try your method.

regards
HuangJo




0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question