Results 1 to 4 of 4
  1. #1
    jarjarbinks is offline Member
    Join Date
    Jan 2013
    Posts
    2
    Rep Power
    0

    Default Security options for my requirements

    Hello All,

    I'm feeling like a total newbie, but since my question is very focused on applet security, I think it's better to post here instead of in the "New to Java" section. @Moderator : feel free to move it.

    So here is my story :

    Knowing nearly nothing about Java, I managed to build an applet whose purpose is to encrypt/decrypt some elements in a html page.

    When the page is loaded in the browser, javascript passes the encrypted element content to the applet's decrypt function.

    The applet returns the decrypted value and javascript replaces the encrypted element value with the cleartext.

    The applet needs to access the user's certificate in the browser keystore ("SunMSCAPI" for windows, "Mozilla-JSS" for Linux).

    The applet needs also to phone home using an SSL connection.

    The crypto functions are supplied by a BouncyCastle JAR.

    As a total newbie working under the deadline pressure, I tried everything found here and there to make my applet work, without knowing precisely what I was doing.

    As a result, my code has several "doPrivileged()" calls, my policy is "permission java.security.AllPermission;", and my applet is (self) signed.

    This works well, after the user has clicked the "Always trust..." checkbox on several popups mentioning "..UNKNOWN publisher..." the first time the applet is used.

    So here is my question : do I really need special security settings to allow the applet to do its job ?

    Is is possible to do the same job without signing the applet ?

    Does my user really need to lower the Java security in his/her browser to allow my applet to run ?

    TIA

  2. #2
    DarrylBurke's Avatar
    DarrylBurke is offline Member
    Join Date
    Sep 2008
    Location
    Madgaon, Goa, India
    Posts
    11,184
    Rep Power
    19

    Default Re: Security options for my requirements

    Quote Originally Posted by jarjarbinks View Post
    I'm feeling like a total newbie, but since my question is very focused on applet security, I think it's better to post here instead of in the "New to Java" section. @Moderator : feel free to move it.
    Welcome to the forum, and this is the right place for the question.

    db
    If you're forever cleaning cobwebs, it's time to get rid of the spiders.

  3. #3
    jarjarbinks is offline Member
    Join Date
    Jan 2013
    Posts
    2
    Rep Power
    0

    Default Re: Security options for my requirements

    Quote Originally Posted by DarrylBurke View Post
    Welcome to the forum, and this is the right place for the question.

    db
    Hi Darryl,

    Since you are also a "Rancher" (Bartender to be precise), do you think I could get answers if I cross posted my question on the Java Ranch forum ?

  4. #4
    DarrylBurke's Avatar
    DarrylBurke is offline Member
    Join Date
    Sep 2008
    Location
    Madgaon, Goa, India
    Posts
    11,184
    Rep Power
    19

    Default Re: Security options for my requirements

    Applets aren't as popular as they once were, and the security model changed between Java 6 and Java 7 (and then some) but you could try elsewhere.

    Don't forget to link to all cross posts so that anyone who has a solution isn't antagonized.

    db
    If you're forever cleaning cobwebs, it's time to get rid of the spiders.

Similar Threads

  1. Naming requirements and conventions ?
    By javajosh in forum New To Java
    Replies: 4
    Last Post: 11-01-2011, 04:52 AM
  2. different requirements on the same server
    By ra78 in forum Networking
    Replies: 12
    Last Post: 06-28-2010, 05:50 PM
  3. Requirements for building a SSL VPN
    By adityag in forum New To Java
    Replies: 0
    Last Post: 01-19-2010, 04:46 PM
  4. New to Java.. What are the requirements?
    By konn in forum New To Java
    Replies: 10
    Last Post: 03-27-2009, 12:50 PM
  5. External DTD requirements
    By jwilley44 in forum XML
    Replies: 0
    Last Post: 03-06-2009, 09:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •