views:

75

answers:

2

I have a signed applet that builds a menu from an xml file. When it loads I get the java security warning regarding signed and unsigned code. The applet uses jdom.jar

It doesn't matter if I hit yes on the security warning dialog box to block the unsigned code, or if I click no, the applet launches and runs as expected.

I have found out that a line of code in jdom that calls the SAXParserFactory.newInstance() is the cause of the security warning. I have tried signing jdom.jar, but that didn't help.

How can I get rid of the security warning without changing any settings in the Java console?

Thanks in advance.

A: 

You'll need to sign your entire applet if you use any of a list of features such as local file access or custom class loaders. The factory might use a custom class loader. The browser might not accept a self-signed certificate without a warning.

http://download.oracle.com/javase/1.4.2/docs/guide/plugin/developer_guide/rsa_signing.html

Peter DeWeese
A: 

Sign the JAXP jar (or the jar that contains SAXParserFactory)

Bozho
well, get the jaxp jar, sign it, and add it to the classpath :)
Bozho