[英]Signed java applet
I am creating a socket connection with an unsigned applet to a different host and I'm getting java.security.AccessControlException: access denied 我正在创建一个与未签名的applet的套接字连接到另一个主机,我得到java.security.AccessControlException:访问被拒绝
If I sign this applet with either "self-cert" or "CA cert" does the applet gain the permissions to create a socket connection to a different host (not the same host it was downloaded from) and does a security message popup if its been certified by a CA? 如果我使用“self-cert”或“CA cert”对此applet进行签名,applet是否获得了创建与其他主机(不是从中下载的同一主机)的套接字连接的权限,并且如果是,则会弹出安全消息是否已通过CA认证?
Thanks 谢谢
If you don't sign the applet, the code which is accessing local resources won't be executed in any way. 如果您不对applet进行签名,则不会以任何方式执行访问本地资源的代码。
If you sign the applet with a self-cert, the enduser would only get a warning message which asks for permission. 如果您使用自我证书对applet进行签名,则最终用户只会收到一条警告消息,要求获得权限。 You however still need to wrap the call inside an
AccessController#doPrivileged()
. 但是,您仍然需要将调用包装在
AccessController#doPrivileged()
。
public void init() {
AccessController.doPrivileged(new PrivilegedAction<Object> {
@Override public Object run() {
// Put your original init() here.
return null;
}
});
}
If you sign the applet with a $$$-cert, the enduser won't get a warning message. 如果您使用$$$ - cert对applet进行签名,则最终用户将不会收到警告消息。
You should see an appropriate dialog for the certificate, unless disabled or that certificate is always accepted. 您应该看到证书的适当对话框,除非禁用或始终接受证书。 Only if the user agrees is the code given full privileges.
只有在用户同意的情况下,才能获得具有完全权限的代码。
A better approach would be to stick to connecting to only the same-origin host. 更好的方法是坚持只连接到同源主机。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.