Results 1 to 4 of 4
  1. #1
    Neil is offline Member
    Join Date
    Sep 2008
    Posts
    2
    Rep Power
    0

    Default Java Security Warning

    Hi,

    We have a web portal that's currently been run in a isolated environment. In places the users are reporting an error

    "The application's digital signture has been verified. Do you want to run the application?"

    Name: appfile
    Publisher: ABC
    From: XYZ

    With the option to run or cancel

    How do I surpress these errors so the application is always run in this case? I've done a google and it appears I have to edit the java.policy file, but I can't find any documentation on what to put in this file other than allowing everything through; which might be ok in a sandbox environment but will give me headaches when it comes to going live.

    Many Thanks in advance.

    NT

  2. #2
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    SW Missouri
    Posts
    17,331
    Rep Power
    25

    Default

    the users are reporting an error
    What program gives the error message? What kind of app is it?
    Is it an applet in an HTML page?
    What is the applet doing that it needs permission?


    Changes to the .java.policy file would have to be made for all users on their PCs. Not an easy solution. The policytool is used to change the .java.polciy file and using it can be tricky.

  3. #3
    Neil is offline Member
    Join Date
    Sep 2008
    Posts
    2
    Rep Power
    0

    Default

    This is an applet within a webpage.

    It looks like the error message is coming from Java RE, if "run" is selected then the message doesn't reappear for that session of internet explorer. If IE is reopened, the message reappears.

    I would put an image up, but I only have 2 posts!! (Including this one)

    Agreed, the policy tool has given me a headache!!!

    I did see that once the user has hit run, a certificate is under control panel \ java, select the security tab and then certificates button. I've tried exporting this certificate and then re-imported it as a system certificate using the keytool. But this doesn't appear to make a difference.

    I also found a webpage where it discusses granting permissions to signed code or coming from a URL, so I've added:

    grant codebase "mydomain.com" {
    permission java.security.AllPermission;
    }

    or

    grant signedBy "Publisher in dialog box" {
    permission java.security.AllPermission;
    }

    to the java.policy file, again, the dialog box still appears..grrrrr :confused:

  4. #4
    Norm's Avatar
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    SW Missouri
    Posts
    17,331
    Rep Power
    25

    Default

    What is the applet doing that it needs permission?
    Can the design be changed?

Similar Threads

  1. Java security
    By Zosden in forum Java Applets
    Replies: 43
    Last Post: 08-02-2008, 02:10 PM
  2. Replies: 0
    Last Post: 03-31-2008, 04:35 PM
  3. Replies: 4
    Last Post: 08-10-2007, 10:09 PM
  4. java.security.AccessControlException
    By cecily in forum Java Applets
    Replies: 1
    Last Post: 08-06-2007, 02:49 AM
  5. Replies: 1
    Last Post: 07-23-2007, 11:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •