Question

I am creating a socket connection with an unsigned applet to a different host and I'm getting java.security.AccessControlException: access denied

If I sign this applet with either "self-cert" or "CA cert" does the applet gain the permissions to create a socket connection to a different host (not the same host it was downloaded from) and does a security message popup if its been certified by a CA?

Thanks

Was it helpful?

Solution

If you don't sign the applet, the code which is accessing local resources won't be executed in any way.

If you sign the applet with a self-cert, the enduser would only get a warning message which asks for permission. You however still need to wrap the call inside an AccessController#doPrivileged(). 

public void init() {
    AccessController.doPrivileged(new PrivilegedAction<Object> {
        @Override public Object run() {
            // Put your original init() here.
            return null;
        }
    });
}

If you sign the applet with a $$$-cert, the enduser won't get a warning message.

OTHER TIPS

You should see an appropriate dialog for the certificate, unless disabled or that certificate is always accepted. Only if the user agrees is the code given full privileges.

A better approach would be to stick to connecting to only the same-origin host.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top