signed-applet

Signed applet w/ signed JNLP template produces java.lang.SecurityException

霸气de小男生 提交于 2019-12-11 05:59:33
问题 I'm signing the JNLP file used by my RIA, in preparation for the coming tighter security restrictions in 7u51 , due in January. The webstart version is working great, but I've run into a problem where the applet version fails to launch with the following exception. Google has apparently never heard of this exception. :( java.lang.SecurityException: JAR should not contain JNLP-INF/APPLICATION_TEMPLATE.JNLP at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source) at java.security

How To Sign a Jar File for an Applet?

本秂侑毒 提交于 2019-12-10 20:36:15
问题 Does Singing a Jar File For an Applet use the same process as signing a Jar file for an application?? If so, can someone tell me how to sign it? I have an Applet that writes to your APPDATA, kinda like Minecraft. 回答1: Yes, it is the same process. Search for "sign jar" and you will find many tutorials. Here is a nice one 来源: https://stackoverflow.com/questions/7191411/how-to-sign-a-jar-file-for-an-applet

Signed Java applet doesnt get permissions in Safari

喜欢而已 提交于 2019-12-08 07:35:20
问题 I've got a signed java applet (using a self-signed-certificate) which has to access the user's file system. I have to do it, so please no replies ala "you shouldn't do it" :) The thing is, when I execute the Applet from Firefox 3.0 / Mac, everything works as desired, I get all access just as it should. When I use Safar 4 / Mac, I don't get access. The line I especially have problems with is System.getProperty() (although when I stub that out, the FS access doesn't work either) String home =

Detect Java JAR/Code Tampering

亡梦爱人 提交于 2019-12-08 03:05:44
问题 I'm writing a piece of software that is distributed as a JAR file. Currently, this JAR file can be tampered with to retrieve and save another file that our server transmits via URLClassLoader , be decompiled, and find various things in our code that should remain private for the security of the clients using it. Basically, I want to implement a way to check if the original JAR is tampered with. I know this is paradoxically impossible by implementing a check for validity of a SignedObject in

Can Maven re-sign dependencies?

做~自己de王妃 提交于 2019-12-07 15:02:29
问题 I'm using maven-jarsigner-plugin to sign a shaded uber-jar of mine. I do need to distribute some dependencies in their own jars though, and want to take those jars from a Maven repo, clear them of any existing signatures, and sign them with my own certificate. Are there any Maven plugins that do this, or would i involve some Ant plugin hackery? 回答1: Turns out maven-jarsigner-plugin can re -sign existing jars using it's removeExistingSignatures config element. So simple! I use maven-dependency

JRE 1.7u45 unable to load an applet containing some unsigned entries

柔情痞子 提交于 2019-12-07 04:58:53
问题 I am getting the following error while loading a java applet on JRE 1.7u45. java.lang.SecurityException: com.sun.deploy.net.JARSigningException: Found unsigned entry in resource #name of the applet# at com.sun.deploy.cache.CacheEntry.getJarFile(Unknown Source) at com.sun.deploy.model.ResourceProvider.getCachedJarFile(Unknown Source) at sun.plugin.PluginURLJarFileCallBack$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at sun.plugin.PluginURLJarFileCallBack

Issues in Launching the signed applet with java 7u45

佐手、 提交于 2019-12-07 00:48:23
问题 We have an applet that also uses javascript to applet communication as well. After java has been upgraded to 7u45, as per this link, we have made the changes in building the jars using manifest like: Added Permissions: all-permissions to Manifest of all JARs Added Application-Library-Allowable-Codebase: * to Manifest of all JARs Added Caller-Allowable-Codebase: * to Manifest of all JARs Added Codebase: * to Manifest of all JARs Also we disabled the -Djnlp.packEnabled parameter. With these

Signed Java applet doesnt get permissions in Safari

喜欢而已 提交于 2019-12-06 14:45:47
I've got a signed java applet (using a self-signed-certificate) which has to access the user's file system. I have to do it, so please no replies ala "you shouldn't do it" :) The thing is, when I execute the Applet from Firefox 3.0 / Mac, everything works as desired, I get all access just as it should. When I use Safar 4 / Mac, I don't get access. The line I especially have problems with is System.getProperty() (although when I stub that out, the FS access doesn't work either) String home = System.getProperty("user.home"); The Exception I get is the following: java.security

Detect Java JAR/Code Tampering

ε祈祈猫儿з 提交于 2019-12-06 13:32:29
I'm writing a piece of software that is distributed as a JAR file. Currently, this JAR file can be tampered with to retrieve and save another file that our server transmits via URLClassLoader , be decompiled, and find various things in our code that should remain private for the security of the clients using it. Basically, I want to implement a way to check if the original JAR is tampered with. I know this is paradoxically impossible by implementing a check for validity of a SignedObject in the original class due to the nature of Java being able to be decompiled, but is there some other way

Can Maven re-sign dependencies?

懵懂的女人 提交于 2019-12-05 20:10:52
I'm using maven-jarsigner-plugin to sign a shaded uber-jar of mine. I do need to distribute some dependencies in their own jars though, and want to take those jars from a Maven repo, clear them of any existing signatures, and sign them with my own certificate. Are there any Maven plugins that do this, or would i involve some Ant plugin hackery? Turns out maven-jarsigner-plugin can re -sign existing jars using it's removeExistingSignatures config element. So simple! I use maven-dependency-plugin to copy artifacts into a .war project in the generate-resources phase, then sign them in the process
订阅 signed-applet