Java applet using web services over ssl

Question

I need to have my java applet use a soap based web service over ssl. I know that you can have a servlet act as a go-between/proxy, but I want to have the applet use the web service directly over SSL. The problem is supplying the certs to the web server hosting the web services. I supplied these Java Applet Runtime Settings via the Java Control Panel:

-Djavax.net.ssl.keyStore= <local path to .p12 >

-Djavax.net.ssl.keyStorePassword= <password >

I also imported the client cert (.p12) as a Client certificate via the Java Control Panel. I was hoping to do:

KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(System.getProperty("javax.net.ssl.keyStore"), System.getProperty("javax.net.ssl.keyStorePassword").toCharArray());

and use the KeyStore from there. But, no dice! It seems that I can't access those properties from within the applet. I don't want to hardcode the paths, either. I'm using JRE 1.6.0_10

Is there any other way to have the applet use a web service without the servlet proxy approach? It's likely I'm going down the wrong path. Also, I'd be interested in having this work when the web service is different from the one that's hosting the applet, if possible.

BTW: The servlet proxy approach that I want to move away from is spelled out here: http://www.ibm.com/developerworks/xml/library/x-jappws/

Thanks!

Answer 1

To access the properties and to connect to a host other than the one the applet was served from you will need (a) a signed applet, and (b) permissions granting your applet the access it needs.

You may want to look into Java Web Start to deliver the application instead of using an applet.

EDIT: The permissions might be automatic once the applet is signed.