签名的java小程序
我正在使用未签名的小程序创建到不同主机的套接字连接,并且我收到 java.security.AccessControlException: 访问被拒绝
如果我使用“self-cert”或“CA cert”签署此小程序,小程序是否获得权限创建到不同主机(不是下载的同一主机)的套接字连接,如果经过 CA 认证,是否会弹出安全消息?
谢谢
I am creating a socket connection with an unsigned applet to a different host and I'm getting java.security.AccessControlException: access denied
If I sign this applet with either "self-cert" or "CA cert" does the applet gain the permissions to create a socket connection to a different host (not the same host it was downloaded from) and does a security message popup if its been certified by a CA?
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果您不签署该小程序,则访问本地资源的代码将不会以任何方式执行。
如果您使用自证书签署小程序,最终用户只会收到一条请求许可的警告消息。但是,您仍然需要将调用包装在
AccessController#doPrivileged()。如果您使用 $$$-cert 签署小程序,最终用户将不会收到警告消息。
If you don't sign the applet, the code which is accessing local resources won't be executed in any way.
If you sign the applet with a self-cert, the enduser would only get a warning message which asks for permission. You however still need to wrap the call inside an
AccessController#doPrivileged().If you sign the applet with a $$$-cert, the enduser won't get a warning message.
您应该看到证书的相应对话框,除非已禁用或该证书始终被接受。只有用户同意,代码才会被授予完全权限。
更好的方法是坚持仅连接到同源主机。
You should see an appropriate dialog for the certificate, unless disabled or that certificate is always accepted. Only if the user agrees is the code given full privileges.
A better approach would be to stick to connecting to only the same-origin host.