I am creating a socket connection with an unsigned applet to a different host and I'm getting java.security.AccessControlException: access denied
If I sign this applet with either "self-cert" or "CA cert" does the applet gain the permissions to create a socket connection to a different host (not the same host it was downloaded from) and does a security message popup if its been certified by a CA?
Thanks
If you don't sign the applet, the code which is accessing local resources won't be executed in any way.
If you sign the applet with a self-cert, the enduser would only get a warning message which asks for permission. You however still need to wrap the call inside an AccessController#doPrivileged().
public void init() {
AccessController.doPrivileged(new PrivilegedAction<Object> {
@Override public Object run() {
// Put your original init() here.
return null;
}
});
}
If you sign the applet with a $$$-cert, the enduser won't get a warning message.
You should see an appropriate dialog for the certificate, unless disabled or that certificate is always accepted. Only if the user agrees is the code given full privileges.
A better approach would be to stick to connecting to only the same-origin host.