Java Applet-部分签名?
[英]Java Applet - Partially Signed?
问题描述
Is it possible to sign only part of an applet? 
是否可以仅签署小程序的一部分? Ie, have an applet that pops up no security warnings about being signed, but if some particular function is used (that requires privileges) then use the signed jar? 即,有一个applet不会弹出有关签名的安全警告,但是如果使用了某些特定功能(需要特权),则使用签名的jar?
From what I can tell, some (perhaps most) browsers will pop up the warning for a signed applet even if you don't request privileges at all at execution time. 据我所知,即使您在执行时根本不请求特权,某些(也许大多数)浏览器也会弹出警告,提示您有签名的applet。 I'd rather avoid that if possible. 如果可能,我宁愿避免这种情况。
3 个解决方案
解决方案1
1 已采纳 2008-09-16 23:09:44
尝试将代码拆分为一个未签名的jar和一个签名的jar。
解决方案2
1 2008-09-18 15:00:16
In theory you can (signed + unsigned jar), but in practice it will result that your code will be handled as unsigned. 从理论上讲,您可以(带符号的+无符号的jar),但是实际上,这将导致您的代码被视为无符号的。 The access decision should be made from the thread, not the immediate caller. 访问决策应从线程而不是直接调用者做出。 If the thread contains in the stack a call made from an object from unsigned code, the whole call should be treated as unsigned. 如果线程在堆栈中包含由无符号代码的对象进行的调用,则整个调用应视为无符号。 If you work around this you've found a bug. 如果您解决此问题,您将发现一个错误。
In other words... No . 换句话说... 不 。
If I'm not being to curious, may I inquire why do you want to partially sign your code? 如果我不感到好奇,请问为什么要部分签名代码?
解决方案3
-1 2008-09-16 22:39:59
I've been given the impression that Sun wants to discourage the creation of Applets and encourage the usage of Java Web Start. 给我的印象是Sun希望阻止Applets的创建并鼓励使用Java Web Start。 I think this issue of signing applets is part of the problem. 我认为签署小程序这一问题是问题的一部分。 See this documentation from Sun: Java Web start FAQ . 请参阅Sun的本文档: Java Web start FAQ 。
I haven't tried this, but could you segment the features that need signing into separate jars that only require permission checks when the user needs the functionality in those jars? 我没有尝试过,但是您能否将需要登录的功能细分到单独的jar中,而仅当用户需要这些jar中的功能时才需要权限检查?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.