Results 1 to 4 of 4
  1. 09-01-2008, 01:34 PM #1
    Neil
    Neil is offline Member
    Join Date
    Sep 2008
    Posts
    2
    Rep Power
    0

    Default Java Security Warning

    Hi,

    We have a web portal that's currently been run in a isolated environment. In places the users are reporting an error

    "The application's digital signture has been verified. Do you want to run the application?"

    Name: appfile
    Publisher: ABC
    From: XYZ

    With the option to run or cancel

    How do I surpress these errors so the application is always run in this case? I've done a google and it appears I have to edit the java.policy file, but I can't find any documentation on what to put in this file other than allowing everything through; which might be ok in a sandbox environment but will give me headaches when it comes to going live.

    Many Thanks in advance.

    NT
    Reply With Quote Reply With Quote
  2. 09-01-2008, 02:15 PM #2
    Norm's Avatar
    Norm
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    Eastern Florida
    Posts
    14,793
    Rep Power
    20

    Default

    the users are reporting an error
    What program gives the error message? What kind of app is it?
    Is it an applet in an HTML page?
    What is the applet doing that it needs permission?


    Changes to the .java.policy file would have to be made for all users on their PCs. Not an easy solution. The policytool is used to change the .java.polciy file and using it can be tricky.
    Reply With Quote Reply With Quote
  3. 09-01-2008, 03:32 PM #3
    Neil
    Neil is offline Member
    Join Date
    Sep 2008
    Posts
    2
    Rep Power
    0

    Default

    This is an applet within a webpage.

    It looks like the error message is coming from Java RE, if "run" is selected then the message doesn't reappear for that session of internet explorer. If IE is reopened, the message reappears.

    I would put an image up, but I only have 2 posts!! (Including this one)

    Agreed, the policy tool has given me a headache!!!

    I did see that once the user has hit run, a certificate is under control panel \ java, select the security tab and then certificates button. I've tried exporting this certificate and then re-imported it as a system certificate using the keytool. But this doesn't appear to make a difference.

    I also found a webpage where it discusses granting permissions to signed code or coming from a URL, so I've added:

    grant codebase "mydomain.com" {
    permission java.security.AllPermission;
    }

    or

    grant signedBy "Publisher in dialog box" {
    permission java.security.AllPermission;
    }

    to the java.policy file, again, the dialog box still appears..grrrrr :confused:
    Reply With Quote Reply With Quote
  4. 09-01-2008, 04:15 PM #4
    Norm's Avatar
    Norm
    Norm is offline Moderator
    Join Date
    Jun 2008
    Location
    Eastern Florida
    Posts
    14,793
    Rep Power
    20

    Default

    What is the applet doing that it needs permission?
    Can the design be changed?
    Reply With Quote Reply With Quote
« query on core java | communication between classes »

Similar Threads

  1. Java security
    By Zosden in forum Java Applets
    Replies: 43
    Last Post: 08-02-2008, 02:10 PM
  2. Java Security Applet will not load under a specific user.
    By MartyF in forum Java Applets
    Replies: 0
    Last Post: 03-31-2008, 04:35 PM
  3. java.security.cert.CertificateException: Couldn't find trusted certificate
    By Felissa in forum Enterprise JavaBeans (EJB)
    Replies: 4
    Last Post: 08-10-2007, 10:09 PM
  4. java.security.AccessControlException
    By cecily in forum Java Applets
    Replies: 1
    Last Post: 08-06-2007, 02:49 AM
  5. difference between code based security and role based security
    By boy22 in forum New To Java
    Replies: 1
    Last Post: 07-23-2007, 11:59 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules