Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How do signed Jar files in applet access local file system or activate a file in the harddisk?

Posted on 2000-03-08
7
Medium Priority
?
243 Views
Last Modified: 2013-11-23
Hi friends,

I would like to execute a prog in the remote hard disk, such that the prog can read the data from a smart card at client side and transmit back to the server.

I have think of a way to do so. Can I use an applet embedded in the html to do so?

I uses Jdk1.2.2.
Presently I am only doing simulation on 1 PC, acting as client and server. and want to test the signed applet methods to access local H.D. But got some doubts, pls help.

Below are the steps:
1) Using keytool to create keys for client and server.
2) Using Jarsigner to sign the jar file using the server's public key and embedded it in the HTML file.

Jar file prog:   sTestJar.jar
import java.awt.*;
import java.io.*;
import java.applet.*;
import java.util.Enumeration;
import java.util.Properties;

public class testJar extends Applet
{
        int pos = 10;
        String openKeys[] = new String[4];
        String protectedKeys[] = new String[3];
        public void init()
       {
           openKeys[0] = new String("java.version");
           openKeys[1] = new String("os.name");
           openKeys[2] = new String("os.arch");
           openKeys[3] = new String("os.version");
           protectedKeys[0] = new String("user.name");
           protectedKeys[1] = new String("user.home");
           protectedKeys[2] = new String("user.dir");
          }
          public void paint(Graphics g)
          {
                int y = 10;
                g.drawString("Attempting to access open system properties", 10, y+=10);
      System.out.println("Attempting to access open system properties");
                for (int i = 0; i < 4; i++)
                {
                    try {String value = System.getProperty(openKeys[i]);
           g.drawString(openKeys[i] + ":= '" + value + "'", 10, y+=10);
           System.out.println(openKeys[i] + ":= '" + value + "'");
      }
      catch (SecurityException e)
                {
          g.drawString("System.getProperty(" +openKeys[i] + "): caught security exception", 10, y+=10);
          System.out.println("System.getProperty(" +openKeys[i] + "): caught security exception");
                }catch (Exception e)
       {
          g.drawString("System.getProperty(" +openKeys[i] + "):caught exception" + e , 10, y+=10);
          System.out.println("System.getProperty(" +openKeys[i] + "): caught exception" + e );
                  }
      }
                g.drawString("Attempting to access protected system properties",10, y+=10);
                System.out.println("Attempting to access protected system properties");
                for (int i = 0; i < 3; i++)
               {
                   try {String value = System.getProperty(protectedKeys[i]);
                g.drawString(protectedKeys[i] + ":= '" + value + "'", 10, y+=10);
                           System.out.println(protectedKeys[i] + ":= '" + value + "'");
           }
           catch (SecurityException e)
          {
                         g.drawString("System.getProperty(" +protectedKeys[i] + "): caught security exception", 10, y+=10);
               System.out.println("System.getProperty(" +protectedKeys[i] + "): caught security exception");
           }
           catch (Exception e)
           {
                        g.drawString("System.getProperty(" +protectedKeys[i] + "): caught exception" + e , 10, y+=10);
              System.out.println("System.getProperty(" +protectedKeys[i] + "): caught exception" + e );
            }
      }

  }
}

HTML prog:  testJar.html
<html>
<title>Test Signed Applet</title>
<hr>
Excuting an applet which violates the sandbox protections by accessing system properties
that are not normally accessable.
<p>
<applet code=testJar.class archive="sTestJar.jar" width=500 height=200>
</applet>
<p>
<hr>
</html>

3)Import the server.cer into the client's keystore
4)Using policytool to create a new policy file, so that the policyfile allow AllPermission for applet signned by the server (assumption for simulation)

Pls, correct me if I am wrong.
However when I run "appletviewer testJar.html", I got msg
 "                             :
            :
  System.getProperty(user.name: caught security exception)
  System.getProperty(user.home: caught security exception)
  System.getProperty(user.dir: caught security exception)
 "

May I know:
1)how do the appletviewer know which policyfile to use, since I declare both client's and server's keystore in same PC.
Or if there is multiple policy files, how did it know which to use?
2)Also I understand that for browser need a kind of Java plug-in, does it for work for jdk1.2.2?
3)Since the "javakey" tool and identity files are not used in the jdk1.2.2, does the plug in work for it?
4)do you think this is the best way to acess the hardware on the remote client?

Pls advise....Thank you very much...

regards HuangJo
 
0
Comment
Question by:HuangJo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 2

Expert Comment

by:muraliram
ID: 2595583
You have a way to test these. Visit the foolowing link. I have done a similar thing. You will get information from the following link. If you have any more doubts please ask.

You have to use com.ms.security.PolicyEngine(com.ms.security.PermissionID.PROEPRTY);
to getb permission to access local system properties in InternetExplorer and for Netscape

netscape.security.PrevilegeManager.enablePrevilege() to get permission. Details about signing and other is included in the following links.

In the current sotuation you don't nned a Java plugin you can do this after reading the following articles

www.ddj.com/articles/1999/9902/9902h/9902h.htm

www.suitable.com/Doc_CodeSigning.shtml
www.suitable.com/CodeSigningCerts.shtml

Regards

Murali
0
 

Author Comment

by:HuangJo
ID: 2603311
Hi Murali

Thank you very much for your advices. However, as I am using jdk1.2, could I just use the jdk1.2.2 keytool to generate the keys, certificates and also the signing of jar files? Instead of using the individual signing tools and buying the cert for each types of browsers(netscape and IE), as mentioned in the first reference site that you have given me.

Thank you very much.

regards
HuangJo
0
 

Author Comment

by:HuangJo
ID: 2603350
Hi,

for example, after I generate the keys and certificates using the jdk1.2.2 keytool and signed the jar files. Then I run the appletviewer in DOS

c:\ appletviewer -J-Djava.security.policy=jopolicy testJar.html

where "jopolicy" is the policy file that I have created using the policytool of jdk1.2.2

It does not give me exceptions, but how do I do it in the browser such that it can select the policy files that I have created and also the particular keystore?? Must I really use the browser specific java virtual machine to do it.

Thank you.

regards
HuangJo

0
The top UI technologies you need to be aware of

An important part of the job as a front-end developer is to stay up to date and in contact with new tools, trends and workflows. That’s why you cannot miss this upcoming webinar to explore the latest trends in UI technologies!

 
LVL 2

Expert Comment

by:muraliram
ID: 2603516
Dear HuangJo,


Using policy files will not be practical if you want to distribute the
aplication over the internet. Wen we have generated keys using keytool it was showing some problem. It's better to use the methods which I have given through the link so that you can use it to sign other things also. Also it's better to create seperate certificates for both IE Netscape(From my experience). You use signtool to create
testcertificate for Netscape and makecert.exe for IE. The makecert and other things are availabl from Microsoft SDK for Java(from microsoft.com). Try it in your own. Still if you want some code I can give it. Even if you are using jdk1.2.2 the method which I have given will work.


Bye
Murali
0
 

Author Comment

by:HuangJo
ID: 2614771
Hi Murali

In this case, could you pls give me some eg. code, so that I could have a clearer picture.

thanks alot.

regards
HuangJo
0
 
LVL 2

Accepted Solution

by:
muraliram earned 400 total points
ID: 2614852


You should sign the applet. You can get this from the links which I have given .Go to that link it contains all what you need.

Better to avoid this code in the init()


try
{

com.ms.security.PlicyEngine.assertPermission("com.ms.security.permissionID.PROPERTY");//For IE
 
           openKeys[0] = new String("java.version");
           openKeys[1] = new String("os.name");
           openKeys[2] = new String("os.arch");
           openKeys[3] = new String("os.version");
           protectedKeys[0] = new String("user.name");
           protectedKeys[1] = new String("user.home");
           protectedKeys[2] = new String("user.dir");
         

It's better to go to the links that I have given. The first one conatins examples.Please try that. Download Microsof SDK from www.microsoft.com
and install it on your system and add the zip containing com.ms.security to your classpath(c:\windows\java\packages\anyofthezipwillcontain the above classes)

Try

All the best

Murali



0
 

Author Comment

by:HuangJo
ID: 2618161
Hi Murali

Thank you very much.I will try your method.

regards
HuangJo




0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After being asked a question last year, I went into one of my moods where I did some research and code just for the fun and learning of it all.  Subsequently, from this journey, I put together this article on "Range Searching Using Visual Basic.NET …
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
This tutorial covers a practical example of lazy loading technique and early loading technique in a Singleton Design Pattern.
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question