Results 1 to 10 of 10
  1. #1
    jovokrneta is offline Member
    Join Date
    Jul 2012
    Posts
    5
    Rep Power
    0

    Default web applet for signing pdf with smart card

    I have made an applet for signing a pdf using a smart card.It works ok on desktop it signs the file in the project folder.I wanted to test it in HTML ,I signed all the jars (made keytool,used jarsigned,veryfied signing and so on),but when
    I upload to server or run it on Desktop from browser it says:

    java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
    at java.security.AccessControlContext.checkPermission (Unknown Source)
    at java.security.AccessController.checkPermission(Unk nown Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at sun.security.mscapi.KeyStore.engineLoad(KeyStore.j ava:755)
    at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStor e.java:62)
    at java.security.KeyStore.load(Unknown Source)
    at CompensateMeOnlineApplet.init(CompensateMeOnlineAp plet.java:67)
    at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter .init(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager$AppletExecutionR unnable.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)

    I thing the signing went ok since I have a prompt saying that the code is signed...
    What am I to do now?

  2. #2
    DarrylBurke's Avatar
    DarrylBurke is offline Forum Police
    Join Date
    Sep 2008
    Location
    Madgaon, Goa, India
    Posts
    11,457
    Rep Power
    20

    Default Re: web applet for signing pdf with smart card

    If you're forever cleaning cobwebs, it's time to get rid of the spiders.

  3. #3
    cselic is offline Senior Member
    Join Date
    Apr 2010
    Location
    Belgrade, Serbia
    Posts
    278
    Rep Power
    5

    Default Re: web applet for signing pdf with smart card

    @jovokrneta: I think that permissions for applets from servers to clients have more restrictions (because of security purpose) than restrictions that you have on your desktop computer while you're working with them. So be sure to avoid those restrictions.

    This link might be helpful:
    Lesson: Quick Tour of Controlling Applets (The Java™ Tutorials > Security Features in Java SE)

  4. #4
    jovokrneta is offline Member
    Join Date
    Jul 2012
    Posts
    5
    Rep Power
    0

    Default Re: web applet for signing pdf with smart card

    I have my applets signed allowing them to aviod restrictions ,they can have full access to client machines.

  5. #5
    cselic is offline Senior Member
    Join Date
    Apr 2010
    Location
    Belgrade, Serbia
    Posts
    278
    Rep Power
    5

    Default Re: web applet for signing pdf with smart card

    ^ You have this error:

    java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")

    In documentation we have:
    public class AccessControlException
    extends SecurityException

    This exception is thrown by the AccessController to indicate that a requested access (to a critical system resource such as the file system or the network) is denied.

    The reason to deny access can vary. For example, the requested permission might be of an incorrect type, contain an invalid value, or request access that is not allowed according to the security policy. Such information should be given whenever possible at the time the exception is thrown.

    AccessControlException (Java 2 Platform SE v1.4.2)

    note: sorry for java1.4 link and documentation, search engine shows me obsolete results :-(
    Please, surround your little piece of code with try catch block. Change this line of code:
    Java Code:
    java.security.cert.Certificate[] chain = ks.getCertificateChain(alias);
    with this lines:
    Java Code:
    try {
            java.security.cert.Certificate[] chain = ks.getCertificateChain(alias);
    
     	} catch (AccessControlException e) {
     		e.printStackTrace();
     	}
    and then show us your full error message

  6. #6
    jovokrneta is offline Member
    Join Date
    Jul 2012
    Posts
    5
    Rep Power
    0

    Default Re: web applet for signing pdf with smart card

    Ok I'll do that,but I got an info that the problem maight be that the bouncy castle lib comes in already signed and when I sign itext lib and myapplet.jar -i can not have jars signed with diferent cert,so the solution maight be to remove signature from already signed bouncy castle lib and sign it muself as I did with itext and myapplet.jar.I will give
    1
    2
    3
    4
    5
    6
    try {
    java.security.cert.Certificate[] chain = ks.getCertificateChain(alias);

    } catch (AccessControlException e) {
    e.printStackTrace();
    }
    a go,and I will give you the results.

  7. #7
    jovokrneta is offline Member
    Join Date
    Jul 2012
    Posts
    5
    Rep Power
    0

    Default Re: web applet for signing pdf with smart card

    So I made the changes with
    {
    java.security.cert.Certificate[] chain = ks.getCertificateChain(alias);

    } catch (AccessControlException e) {
    e.printStackTrace();
    }

    but the thing is that my applet had no problems in running in Netbeans ,only when I put it to browser,so I will give you my entire applet that works ok in Netbeans





    package compensatemeonline8;
    import com.itextpdf.text.DocumentException;
    import com.itextpdf.text.Rectangle;
    import com.itextpdf.text.pdf.*;
    import java.io.FileOutputStream;
    import java.io.IOException;
    import java.io.InputStream;
    import java.security.*;
    import java.security.cert.CertificateException;
    import java.util.Enumeration;
    import java.util.logging.Level;
    import java.util.logging.Logger;
    import javax.swing.JOptionPane;

    /**
    *
    * @author Jovo
    */
    public class CompensateMeOnlineApplet extends java.applet.Applet {
    String alias=new String();


    /**
    * Initializes the applet CompensateMeOnlineApplet
    */
    @Override
    public void init() {
    try {
    try {
    java.awt.EventQueue.invokeAndWait(new Runnable() {

    @Override
    public void run() {
    initComponents();
    }
    });
    } catch (Exception ex) {
    ex.printStackTrace();
    }

    KeyStore ks = KeyStore.getInstance("Windows-MY");
    ks.load(null, null) ;

    Enumeration en = ks.aliases();
    // String alias = (String)en.nextElement();
    //alias = (String)en.nextElement();

    Enumeration en1 = ks.aliases();
    while(en1.hasMoreElements()){
    jComboBox1.addItem((String)en1.nextElement());

    }
    } catch (IOException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (NoSuchAlgorithmException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (CertificateException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (KeyStoreException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    }

    }

    /**
    * This method is called from within the init() method to initialize the
    * form. WARNING: Do NOT modify this code. The content of this method is
    * always regenerated by the Form Editor.
    */
    // <editor-fold defaultstate="collapsed" desc="Generated Code">
    private void initComponents() {

    jComboBox1 = new javax.swing.JComboBox();
    jButton1 = new javax.swing.JButton();
    jButton2 = new javax.swing.JButton();

    setCursor(new java.awt.Cursor(java.awt.Cursor.DEFAULT_CURSOR));

    jComboBox1.setModel(new javax.swing.DefaultComboBoxModel(new String[] { "Odaberite potpis" }));

    jButton1.setText("Potpisi");
    jButton1.addActionListener(new java.awt.event.ActionListener() {
    public void actionPerformed(java.awt.event.ActionEvent evt) {
    jButton1ActionPerformed(evt);
    }
    });

    jButton2.setText("Izadji");
    jButton2.addActionListener(new java.awt.event.ActionListener() {
    public void actionPerformed(java.awt.event.ActionEvent evt) {
    jButton2ActionPerformed(evt);
    }
    });

    javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this);
    this.setLayout(layout);
    layout.setHorizontalGroup(
    layout.createParallelGroup(javax.swing.GroupLayout .Alignment.LEADING)
    .addGroup(layout.createSequentialGroup()
    .addContainerGap()
    .addGroup(layout.createParallelGroup(javax.swing.G roupLayout.Alignment.LEADING)
    .addGroup(layout.createSequentialGroup()
    .addComponent(jComboBox1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
    .addPreferredGap(javax.swing.LayoutStyle.Component Placement.UNRELATED)
    .addComponent(jButton1, javax.swing.GroupLayout.PREFERRED_SIZE, 75, javax.swing.GroupLayout.PREFERRED_SIZE)
    .addGap(0, 89, Short.MAX_VALUE))
    .addGroup(javax.swing.GroupLayout.Alignment.TRAILI NG, layout.createSequentialGroup()
    .addGap(0, 0, Short.MAX_VALUE)
    .addComponent(jButton2)))
    .addContainerGap())
    );
    layout.setVerticalGroup(
    layout.createParallelGroup(javax.swing.GroupLayout .Alignment.LEADING)
    .addGroup(layout.createSequentialGroup()
    .addContainerGap()
    .addGroup(layout.createParallelGroup(javax.swing.G roupLayout.Alignment.BASELINE)
    .addComponent(jComboBox1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
    .addComponent(jButton1))
    .addPreferredGap(javax.swing.LayoutStyle.Component Placement.RELATED, 23, Short.MAX_VALUE)
    .addComponent(jButton2)
    .addContainerGap())
    );
    }// </editor-fold>

    private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {
    alias=(String)jComboBox1.getSelectedItem();
    if (alias.equals("Odaberite potpis"))
    {
    JOptionPane.showMessageDialog(jComboBox1, "Morate odabrati potpis kojim cete potpisiti kompenzacionu izjavu!");
    //System.exit(1);
    return ;
    }
    //JOptionPane.showMessageDialog(jComboBox1, alias);
    try {
    potpisi();
    JOptionPane.showMessageDialog(jComboBox1, "Dokument je uspesno potpisan ");

    // TODO add your handling code here:
    } catch (KeyStoreException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (IOException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (NoSuchAlgorithmException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (CertificateException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (UnrecoverableKeyException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (DocumentException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (InvalidKeyException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    } catch (SignatureException ex) {
    Logger.getLogger(CompensateMeOnlineApplet.class.ge tName()).log(Level.SEVERE, null, ex);
    }
    }

    private void jButton2ActionPerformed(java.awt.event.ActionEvent evt) {
    System.exit(1); // TODO add your handling code here:
    }

    // Variables declaration - do not modify
    private javax.swing.JButton jButton1;
    private javax.swing.JButton jButton2;
    private javax.swing.JComboBox jComboBox1;
    // End of variables declaration
    @Override
    public void start()
    {

    }

    public void potpisi() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, DocumentException, InvalidKeyException, SignatureException
    {

    KeyStore ks = KeyStore.getInstance("Windows-MY");
    ks.load(null, null) ;
    //ovo smo ubacili
    Enumeration en = ks.aliases();
    // String alias = (String)en.nextElement();

    PrivateKey key = (PrivateKey)ks.getKey(alias, "password".toCharArray());
    try {
    java.security.cert.Certificate[] chain = ks.getCertificateChain(alias);
    } catch (AccessControlException e) {
    e.printStackTrace();
    }
    /*
    PdfReader reader = new PdfReader("Compensate.pdf");
    FileOutputStream fout = new FileOutputStream("signed.pdf");
    PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0',null,true);
    PdfSignatureAppearance appearance = stp.getSignatureAppearance();
    appearance.setCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED);
    //appearance.setCrypto(key, chain, null,PdfSignatureAppearance.WINCER_SIGNED);
    //appearance.setCrypto(null, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
    appearance.setReason("Potpis kompenzacije");
    appearance.setLocation("Foobar");
    appearance.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, "jedan");

    appearance.setExternalDigest(new byte[128], null, "RSA");
    appearance.preClose();
    Signature signature = Signature.getInstance("SHA1withRSA");
    signature.initSign(key);
    byte buf[] = new byte[8192];
    int n;
    InputStream inp = appearance.getRangeStream();
    while ((n = inp.read(buf)) > 0) {
    signature.update(buf, 0, n);
    }
    PdfPKCS7 sig = appearance.getSigStandard().getSigner();
    sig.setExternalDigest(signature.sign(), null, "RSA");
    PdfDictionary dic = new PdfDictionary();
    dic.put(PdfName.CONTENTS,new PdfString(sig.getEncodedPKCS1()).setHexWriting(tru e));

    appearance.close(dic);
    */
    }

    }

    Just remove the comment from the bottom and remove your code(try- catch) ,when run java console gives :

    Java Plug-in 10.5.1.255
    Using JRE version 1.7.0_05-b05 Java HotSpot(TM) Client VM
    User home directory = C:\Users\Jovo
    ----------------------------------------------------
    c: clear console window
    f: finalize objects on finalization queue
    g: garbage collect
    h: display this help message
    l: dump classloader list
    m: print memory usage
    o: trigger logging
    q: hide console
    r: reload policy configuration
    s: dump system and deployment properties
    t: dump thread list
    v: dump thread stack
    x: clear classloader cache
    0-5: set trace level to <n>
    ----------------------------------------------------
    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.
    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws
    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws
    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy
    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy
    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.
    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws
    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws
    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy
    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy
    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp, org.mozilla.jss
    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal .bind.,com.sun.imageio.,com.sun.org.apache.xerces. internal.utils.,com.sun.org.apache.xalan.internal. utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp, org.mozilla.jss
    basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@d43997
    basic: Plugin2ClassLoader.addURL parent called for file:/C:/Users/Jovo/Documents/NetBeansProjects/CompensateMeOnline8/build/classes/compensatemeonline8/itextpdf-5.1.3.jar
    basic: Plugin2ClassLoader.addURL parent called for file:/C:/Users/Jovo/Documents/NetBeansProjects/CompensateMeOnline8/build/classes/compensatemeonline8/CompensateMeOnlineApplet.jar
    basic: Plugin2ClassLoader.addURL parent called for file:/C:/Users/Jovo/Documents/NetBeansProjects/CompensateMeOnline8/build/classes/compensatemeonline8/bcprov-jdk16-1.46.jar
    security: Blacklist revocation check is enabled
    security: Trusted libraries list check is enabled
    security: Trusted libraries list file not found
    network: Cache entry not found [url: file:/C:/Users/Jovo/Documents/NetBeansProjects/CompensateMeOnline8/build/classes/compensatemeonline8/itextpdf-5.1.3.jar, version: null]
    security: Accessing keys and certificate in Mozilla user profile: null
    security: Loading Deployment certificates from C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment \security\trusted.certs
    security: Loaded Deployment certificates from C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment \security\trusted.certs
    security: Loading certificates from Deployment session certificate store
    security: Loaded certificates from Deployment session certificate store
    security: Validate the certificate chain using CertPath API
    security: Loading Root CA certificates from C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment \security\trusted.cacerts
    security: Loaded Root CA certificates from C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment \security\trusted.cacerts
    security: Loading Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
    security: Loaded Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
    security: Obtain certificate collection in Root CA certificate store
    security: Obtain certificate collection in Root CA certificate store
    security: Obtain certificate collection in Root CA certificate store
    security: Obtain certificate collection in Root CA certificate store
    security: The certificate hasnt been expired, no need to check timestamping info
    security: Found jurisdiction list file
    security: No need to checking trusted extension for this certificate
    security: The CRL support is disabled
    security: The OCSP support is disabled
    security: This OCSP End Entity validation is disabled
    security: Checking if certificate is in Deployment denied certificate store
    security: Checking if certificate is in Deployment permanent certificate store
    security: Checking if certificate is in Deployment session certificate store
    basic: Dialog type is not candidate for embedding
    security: User has granted the priviledges to the code for this session only
    security: Adding certificate in Deployment session certificate store
    security: Added certificate in Deployment session certificate store
    security: Saving certificates in Deployment session certificate store
    security: Saved certificates in Deployment session certificate store
    security: Trusted libraries list file not found
    network: Cache entry not found [url: file:/C:/Users/Jovo/Documents/NetBeansProjects/CompensateMeOnline8/build/classes/compensatemeonline8/CompensateMeOnlineApplet.jar, version: null]
    security: Validate the certificate chain using CertPath API
    security: The certificate hasnt been expired, no need to check timestamping info
    security: Found jurisdiction list file
    security: No need to checking trusted extension for this certificate
    security: The CRL support is disabled
    security: The OCSP support is disabled
    security: This OCSP End Entity validation is disabled
    security: Checking if certificate is in Deployment denied certificate store
    security: Checking if certificate is in Deployment permanent certificate store
    security: Checking if certificate is in Deployment session certificate store
    security: Trusted libraries list file not found
    network: Cache entry not found [url: file:/C:/Users/Jovo/Documents/NetBeansProjects/CompensateMeOnline8/build/classes/compensatemeonline8/bcprov-jdk16-1.46.jar, version: null]
    security: Validate the certificate chain using CertPath API
    security: The certificate hasnt been expired, no need to check timestamping info
    security: Found jurisdiction list file
    security: No need to checking trusted extension for this certificate
    security: The CRL support is disabled
    security: The OCSP support is disabled
    security: This OCSP End Entity validation is disabled
    security: Checking if certificate is in Deployment denied certificate store
    security: Checking if certificate is in Deployment permanent certificate store
    security: Checking if certificate is in Deployment session certificate store
    security: Trusted libraries list file not found
    security: Trusted libraries list file not found
    security: Trusted libraries list file not found
    network: Cache entry not found [url: file:/C:/Users/Jovo/Documents/NetBeansProjects/CompensateMeOnline8/build/classes/, version: null]
    basic: Dialog type is not candidate for embedding
    network: Cache entry not found [url: file:/C:/Users/Jovo/Documents/NetBeansProjects/CompensateMeOnline8/build/classes/, version: null]
    basic: Applet loaded.
    basic: Applet resized and added to parent container
    basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 264511 us, pluginInit dt 5567067 us, TotalTime: 5831578 us
    java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
    at java.security.AccessControlContext.checkPermission (Unknown Source)
    at java.security.AccessController.checkPermission(Unk nown Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at sun.security.mscapi.KeyStore.engineLoad(KeyStore.j ava:755)
    at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStor e.java:62)
    at java.security.KeyStore.load(Unknown Source)
    at compensatemeonline8.CompensateMeOnlineApplet.init( CompensateMeOnlineApplet.java:46)
    at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter .init(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager$AppletExecutionR unnable.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
    Ignored exception: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
    basic: Dialog type is not candidate for embedding
    basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter@d43997
    security: Reset deny session certificate store

    I think that the problem is in signing the Bouncy castle lib.

  8. #8
    DarrylBurke's Avatar
    DarrylBurke is offline Forum Police
    Join Date
    Sep 2008
    Location
    Madgaon, Goa, India
    Posts
    11,457
    Rep Power
    20

    Default Re: web applet for signing pdf with smart card

    If you're forever cleaning cobwebs, it's time to get rid of the spiders.

  9. #9
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    12,224
    Rep Power
    20

    Default Re: web applet for signing pdf with smart card

    An applet running in Netbeans doesn't have security restrictions.
    An applet running in a browser does.
    Please do not ask for code as refusal often offends.

    ** This space for rent **

  10. #10
    jovokrneta is offline Member
    Join Date
    Jul 2012
    Posts
    5
    Rep Power
    0

    Default Re: web applet for signing pdf with smart card

    "An applet running in Netbeans doesn't have security restrictions.
    An applet running in a browser does." ,yes I know this,so I sign the jar files so that applet could call System parameters on client,but something is not working.I first signed all files that go into my applet itext lib,bouncy castle lib and Myapplet.jar.After some time I found out that bouncy castle lib comes is already signed,and that I most likely cannot have some files in applet signed by me and some signed by someone other.So what I do is that I unjar boucy castle,itext lib ,delete the manifest file and jar them all together
    with myapplet.class in a one jar which I sign by myself ,but AGAIN it says :


    java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")

    I am getting out of ideas what to do.
    Anybody!?

Similar Threads

  1. Problen signing Applet
    By cc12cc12 in forum Java Applets
    Replies: 0
    Last Post: 03-08-2012, 10:35 AM
  2. Applet Signing Issues...
    By cnu.nandhikonda@gmail.com in forum Java Applets
    Replies: 0
    Last Post: 02-01-2012, 09:34 AM
  3. applet signing
    By milkman128 in forum Java Applets
    Replies: 11
    Last Post: 10-06-2008, 03:05 PM
  4. applet and signing
    By Preethi in forum New To Java
    Replies: 0
    Last Post: 06-05-2008, 04:17 PM
  5. Signing An Applet!!!!! Me Need Help!!!!! Plz!
    By marco in forum Java Applets
    Replies: 3
    Last Post: 07-29-2007, 06:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •