We help IT Professionals succeed at work.

How do signed Jar files in applet access local file system or activate a file in the harddisk?

HuangJo asked
Last Modified: 2013-11-23
Hi friends,

I would like to execute a prog in the remote hard disk, such that the prog can read the data from a smart card at client side and transmit back to the server.

I have think of a way to do so. Can I use an applet embedded in the html to do so?

I uses Jdk1.2.2.
Presently I am only doing simulation on 1 PC, acting as client and server. and want to test the signed applet methods to access local H.D. But got some doubts, pls help.

Below are the steps:
1) Using keytool to create keys for client and server.
2) Using Jarsigner to sign the jar file using the server's public key and embedded it in the HTML file.

Jar file prog:   sTestJar.jar
import java.awt.*;
import java.io.*;
import java.applet.*;
import java.util.Enumeration;
import java.util.Properties;

public class testJar extends Applet
        int pos = 10;
        String openKeys[] = new String[4];
        String protectedKeys[] = new String[3];
        public void init()
           openKeys[0] = new String("java.version");
           openKeys[1] = new String("os.name");
           openKeys[2] = new String("os.arch");
           openKeys[3] = new String("os.version");
           protectedKeys[0] = new String("user.name");
           protectedKeys[1] = new String("user.home");
           protectedKeys[2] = new String("user.dir");
          public void paint(Graphics g)
                int y = 10;
                g.drawString("Attempting to access open system properties", 10, y+=10);
      System.out.println("Attempting to access open system properties");
                for (int i = 0; i < 4; i++)
                    try {String value = System.getProperty(openKeys[i]);
           g.drawString(openKeys[i] + ":= '" + value + "'", 10, y+=10);
           System.out.println(openKeys[i] + ":= '" + value + "'");
      catch (SecurityException e)
          g.drawString("System.getProperty(" +openKeys[i] + "): caught security exception", 10, y+=10);
          System.out.println("System.getProperty(" +openKeys[i] + "): caught security exception");
                }catch (Exception e)
          g.drawString("System.getProperty(" +openKeys[i] + "):caught exception" + e , 10, y+=10);
          System.out.println("System.getProperty(" +openKeys[i] + "): caught exception" + e );
                g.drawString("Attempting to access protected system properties",10, y+=10);
                System.out.println("Attempting to access protected system properties");
                for (int i = 0; i < 3; i++)
                   try {String value = System.getProperty(protectedKeys[i]);
                g.drawString(protectedKeys[i] + ":= '" + value + "'", 10, y+=10);
                           System.out.println(protectedKeys[i] + ":= '" + value + "'");
           catch (SecurityException e)
                         g.drawString("System.getProperty(" +protectedKeys[i] + "): caught security exception", 10, y+=10);
               System.out.println("System.getProperty(" +protectedKeys[i] + "): caught security exception");
           catch (Exception e)
                        g.drawString("System.getProperty(" +protectedKeys[i] + "): caught exception" + e , 10, y+=10);
              System.out.println("System.getProperty(" +protectedKeys[i] + "): caught exception" + e );


HTML prog:  testJar.html
<title>Test Signed Applet</title>
Excuting an applet which violates the sandbox protections by accessing system properties
that are not normally accessable.
<applet code=testJar.class archive="sTestJar.jar" width=500 height=200>

3)Import the server.cer into the client's keystore
4)Using policytool to create a new policy file, so that the policyfile allow AllPermission for applet signned by the server (assumption for simulation)

Pls, correct me if I am wrong.
However when I run "appletviewer testJar.html", I got msg
 "                             :
  System.getProperty(user.name: caught security exception)
  System.getProperty(user.home: caught security exception)
  System.getProperty(user.dir: caught security exception)

May I know:
1)how do the appletviewer know which policyfile to use, since I declare both client's and server's keystore in same PC.
Or if there is multiple policy files, how did it know which to use?
2)Also I understand that for browser need a kind of Java plug-in, does it for work for jdk1.2.2?
3)Since the "javakey" tool and identity files are not used in the jdk1.2.2, does the plug in work for it?
4)do you think this is the best way to acess the hardware on the remote client?

Pls advise....Thank you very much...

regards HuangJo
Watch Question

You have a way to test these. Visit the foolowing link. I have done a similar thing. You will get information from the following link. If you have any more doubts please ask.

You have to use com.ms.security.PolicyEngine(com.ms.security.PermissionID.PROEPRTY);
to getb permission to access local system properties in InternetExplorer and for Netscape

netscape.security.PrevilegeManager.enablePrevilege() to get permission. Details about signing and other is included in the following links.

In the current sotuation you don't nned a Java plugin you can do this after reading the following articles






Hi Murali

Thank you very much for your advices. However, as I am using jdk1.2, could I just use the jdk1.2.2 keytool to generate the keys, certificates and also the signing of jar files? Instead of using the individual signing tools and buying the cert for each types of browsers(netscape and IE), as mentioned in the first reference site that you have given me.

Thank you very much.




for example, after I generate the keys and certificates using the jdk1.2.2 keytool and signed the jar files. Then I run the appletviewer in DOS

c:\ appletviewer -J-Djava.security.policy=jopolicy testJar.html

where "jopolicy" is the policy file that I have created using the policytool of jdk1.2.2

It does not give me exceptions, but how do I do it in the browser such that it can select the policy files that I have created and also the particular keystore?? Must I really use the browser specific java virtual machine to do it.

Thank you.


Dear HuangJo,

Using policy files will not be practical if you want to distribute the
aplication over the internet. Wen we have generated keys using keytool it was showing some problem. It's better to use the methods which I have given through the link so that you can use it to sign other things also. Also it's better to create seperate certificates for both IE Netscape(From my experience). You use signtool to create
testcertificate for Netscape and makecert.exe for IE. The makecert and other things are availabl from Microsoft SDK for Java(from microsoft.com). Try it in your own. Still if you want some code I can give it. Even if you are using jdk1.2.2 the method which I have given will work.



Hi Murali

In this case, could you pls give me some eg. code, so that I could have a clearer picture.

thanks alot.

This one is on us!
(Get your first solution completely free - no credit card required)


Hi Murali

Thank you very much.I will try your method.


Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.