I have a single sign on application for our intranet which is supposed to read a file off the local computer as well as get the users SID and verify that the user is valid. I have a jar that is embeded in the page and called by javascript. Inside the jar I have used doPrivileged() to allow the code to be called from javascript.
The problem is that when I set the the policy file to allow my companies domain it doesn't work. Also I don't have the ability to do a publicly signed applet only a self signed applet.
Here is an example of the entry in the policy file I am trying to use. Note that this is just for testing purposes and when it is ready I will be granting only those permissions that it needs.
grant codeBase "http://www.company.com/dev/testing/*" {
permission java.security.AllPermission;
};