aspose file tools*
The moose likes Architect Certification (SCEA/OCMJEA) and the fly likes Applet Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Certification » Architect Certification (SCEA/OCMJEA)
Bookmark "Applet Security" Watch "Applet Security" New topic
Author

Applet Security

Joe O'Toole
Ranch Hand

Joined: Mar 02, 2009
Posts: 51
Hi

If an applet is signed but the usePolicy is not defined in the java.policy, will the user be prompted to allow all permissions to be granted to the applet or will this be done without prompting the user

Thanks
Joe
Tim Moores
Rancher

Joined: Sep 21, 2011
Posts: 2408
A signed applet has all permissions, regardless what any policy says. Once the applet certificate is accepted by the user, no further checks will be done.
ntumba lobo
Ranch Hand

Joined: Oct 21, 2008
Posts: 180
That's not entirely true, a signed applets doesnt have necessary all the permissions. Signed applet just means it is a trusted code and can run outside the sandbox.
However the trusted code still has to comply to the rules defined in the security manager in the JVM, if it doent the operation will just be denied.
An exception is thrown, the user is not prompted.


SCJP 5 , SCWCD 5, SCEA 5
Joe O'Toole
Ranch Hand

Joined: Mar 02, 2009
Posts: 51
Thanks!

1 other question on this. If an applet is not signed but loaded from local directory it runs outside of the sandbox, right?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Applet Security