Skip to main content

Signed JAR files

1 reply [Last post]
gkbrown
Offline
Joined: 2007-02-22

What dictates which JAR files need to be signed in order for an applet to perform a secure operation?

For example, I have an applet that wants to make a network connection to a host other than that from which it was downloaded. The applet is deployed in a JAR file, and has dependencies on code defined in several additional JAR files. All of the JAR files are specified in the "archive" attribute of my tag.

I know I need to sign the JAR file that contains the applet, but I'm not sure which other JAR files need to be signed. Via experimentation, I've verified that they don't all need to be signed, but I don't understand why.

Can anyone provide any insight or point me to documentation that explains in detail how JAR signing works for applets?

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
andrewherron
Offline
Joined: 2008-04-03

This is all from my understanding and exploration of what happens. The AccessController API docs are a good starting point for detailed docs :)

Any time a Privileged Action is performed, the code initiating that action must be signed.

For example, if unsigned code called a method in signed code that accesses the file system, it will be blocked. If the signed code initiates the action, or wraps the file system code in AccessController.doPrivileged(), it will be fine.

I've also seen unsigned code "taint" signed code. The example was a button in the application that calls JTextPane.paste() just does nothing after unsigned code has called *any* method in the application. Meanwhile ctrl+v works fine.