tags:

views:

272

answers:

2

I wrote a java applet and self signed it. When I run it in eclipse or as a executable jar it works fine. But when I upload it, it doesn't do anything. It loads, and the self signed cert warning does come up and I click yes but nothing. I was under the impression that signed applets had no restrictions. What could be the problem?

+2  A: 

You sign your applet with a certificate. If that cert doesn't come from authority such as Thawte in "real life" situation your applet will not be considered safe by your browser without user explicitly granting you access by relaxing Jaca policy (or accepting self-signed cert). Dev tools such as Eclipse have that relaxed policy built in so that's why you don't have a problem

And the pricing is pretty stiff

DroidIn.net
Sorry, I didn't make it clear. I do accept the self-signed cert. Still doesn't run.
silverbandit91
There's companies other than Verisign that will do you a much cheaper deal. (And you can use a stolen credit card...)
Tom Hawtin - tackline
Otta spirit! Security by stolen credit card!
DroidIn.net
+1  A: 

See http://java.sun.com/docs/books/tutorial/deployment/applet/security.html. I quote:

When a signed applet is accessed from JavaScript code in an HTML page, the applet is executed within the security sandbox. This implies that the signed applet essentially behaves likes an unsigned applet.

Signing applet code like this has no effect except popping a security warning dialog.

There are a number of things you might have meant by "when I upload it, it doesn't do anything" other than "I create an applet jar and upload it to my server, then reference it in an applet tag of an HTML page and when I open the page, the security warning dialog pops up but I click it and nothing further occurs".

spork
I don't think so, because I have other signed applets that can read and write to files without a problem after confirming the cert.
silverbandit91
Then it sounds like you've found a way to subvert Sun's intent. You should publish.
spork