Re: A question!

Jan Luehe (luehe@laguna.eng.sun.com)
Tue, 20 Apr 1999 12:05:04 -0700 (PDT)

Message-Id: <199904201905.MAA15579@laguna.eng.sun.com>
Date: Tue, 20 Apr 1999 12:05:04 -0700 (PDT)
From: Jan Luehe <luehe@laguna.eng.sun.com>
Subject: Re: A question!
To: java-security@java.sun.com, sym@sun.usst.edu.cn

--Ambush_of_Tigers_640_000
Content-Type: TEXT/plain; charset="us-ascii"
Content-MD5: mYnwBS4FD6LQfHouIO5rpA==
X-Sun-Content-Length: 1845

If you want to use the JRE 1.2 security model in your browser,
make sure that the applet html-file on your server has the
appropriate tags that will cause the browser to install the JRE 1.2
(see the attached applet html-file).

> jar cfv signedWriteFile.jar writeFile.class writeFile.html

Also, the applet html-file should not be included in the
applet JAR file. Instead, it should reference the applet JAR file as
it codebase.

If you use the attached file as you applet's html-file, things
should work.

> I put the .java.policy and .keystore on the directory C:\Windows.

You should put those files in the directory referenced by the
"USERPROFILE" NT system property.

Jan

> jar cfv signedWriteFile.jar writeFile.class writeFile.html
>
> step 3:
>
> jarsigner -verbose signedWriteFile.jar sym
>
> step 4:
>
> keytool -export -alias sym -file sym.x509 -rfc
>
>
> client:
>
> step 1:
>
> keytool -import -alias sym -file sym.x509
>
> step 2:
>
> policytool
>
> content of .java.policy :
>
> keystore ".keystore";
>
> grant signedBy "sym", codeBase
"http://202.120.223.12/sym/signedWriteFile.jar" {
> permission java.io.FilePermission "C:${/}writetest", "write";
> };
>
> I put the .java.policy and .keystore on the directory C:\Windows.
>
> I don't know why the signed applet still can't access the client resources.
Perhaps something wrong with my
> operation, but I can't find it. Do we need do some configuration on Server?
>
> Please give me some advices. Thank you!
>
>
> Sincerely
>
> Shi Yongmei
> 99/04/20
>
>

--Ambush_of_Tigers_640_000
Content-Type: TEXT/html; name="signedPluginEx.html"; charset="us-ascii"; x-unix-mode="0644"
Content-Description: signedPluginEx.html
Content-MD5: 4mxyBuVziOg9oFyDzaX75g==
X-Sun-Content-Length: 1525

Java Security Example: Writing Files

Java Security Example: Writing Files


Here's an applet that tries to write to the file /tmp/foo on a Solaris system (or to the file C:\tmpfoo on a Windows 95 or Windows NT system.)

</COMMENT>

and here's the source.

This applet is signed by Duke - if you've configured your system to allow applets signed by Duke to run, go and check your /tmp area! (Or your c: drive, if you're running on a PC.) You'll find a file named "/tmp/foo" (or, on a PC, "tmpfoo"), with an important message from Duke :-)


Back to the Java Security Page --Ambush_of_Tigers_640_000--