Home > Archive > Java Security > June 2007 > Applet Security
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| TQIS Jim 2007-05-01, 10:10 pm |
| I distribute a signed applet to at least 100 users. Until recently,
as long as users agreed to the "confirm trusted applet", there was no
problem.
As of Java SE 6, the users are no longer prompted about the Trusted
Applet. The applet simply throws the following error:
java.security.AccessControlException: access denied
(java.awt.AWTPermission accessClipboard)
I tried configuring my java.policy file in order to tackle this
problem.
1. I can fix the problem by adding permissions to the default grant
declaration in my local java.policy file
2. Neither the signedBy or codeBase qualifiers seem to work in my
grant declarations
3. My users will not be very happy if they have to manually edit
this config file in order to use our application.
In the course of my searches, I found many effusive discussions by Sun
engineers about this architecture, but no practical approach on how to
proceed. Has anyone successfully deployed an applet that manages
these security restrictions or is Sun finally killing the Java applet?
-Jim
| |
| Andrew Thompson 2007-05-01, 10:10 pm |
| TQIS Jim wrote:
...
>As of Java SE 6, the users are no longer prompted about the Trusted
>Applet. The applet simply throws the following error:
> java.security.AccessControlException: access denied
>(java.awt.AWTPermission accessClipboard)
Use web start.
..
>...is Sun finally killing the Java applet?
Finally*? Where have you been?
* Sun says nothing definitive, but has not
seriously supported applets for quite some time.
--
Andrew Thompson
http://www.athompson.info/andrew/
Message posted via JavaKB.com
http://www.javakb.com/Uwe/Forums.as...curity/200705/1
| |
|
|
|
|
|
|
|
|
|