java.security disallowed in signedApplet(!?)

Alan J. McFarlane (alan@jyra.com)
Mon, 03 Aug 1998 10:56:15 +0100

Message-Id: <3.0.5.32.19980803105615.0094b490@localjyracomms.jyra.com>
Date: Mon, 03 Aug 1998 10:56:15 +0100
To: java-security@java.sun.com
From: "Alan J. McFarlane" <alan@jyra.com>
Subject: java.security disallowed in signedApplet(!?)

Hi

It seems that access to the java.security package is disallowed even in
signed applets in HotJava,

e.g.
sunw.hotjava.applet.AppletSecurityException: checksecurityaccess
at
sunw.hotjava.security.CommonSecurity.checkSecurityAccess(CommonSecurity.java
:625)
at java.security.Identity.staticCheck(Identity.java:405)
at java.security.Identity.check(Identity.java:399)
at java.security.Signer.setKeyPair(Signer.java:100)
at jyra.security.JyraIdentity.setPassword(JyraIdentity.java:212)
at [... removed for space reasons ...]

The applet works when the applet is run outside of the sandbox (i.e. on
classes on CLASSPATH -or- Applet signed and signer in identity.obj).

As mentioned in Marianne's mail of 24 July "Re: JDK 1.1.6 & Java Plugin
Security" there have been changes in 1.1.7 in signed applet security, has
Security package access also been changed.

TIA

Alan