vicker313 tech blog

October 27, 2013

Java Applet Permission Security Issue

Filed under: Java — vicker313 @ 8:32 pm

Due to the security enhancement of Java framework (especially in version 1.7 update 45), user might encounter numbers of problem when running Java Applet. There are 2 things that we need to take notes:

  1. The new Java framework will not allow Applet to be run without the permission attribute in the manifest file. To add the attribute:
    1. Create a manifest file with the following sample code:
      Codebase: *
      Permissions: all-permissions
      Application-Library-Allowable-Codebase: *
      Caller-Allowable-Codebase: *
    2. Update the manifest file into the jar file:
      1. jar uvfm <applet jar file> <manifest file> <class files>
  2. The new Java framework will not allow Applet to be run without a Publisher. This is tricky because for development or small organization, they might not have CA certificate (even signed applet will show UNKNOWN publisher if it does not have a CA certificate).  To deal with this, we need to set the Java Security Level at client side to Medium (at the Configure Java menu).

Create Java Applet Jar

Filed under: Java — vicker313 @ 8:18 pm

To create Java Applet Jar, there are 2 steps need to be taken:

  1. Compile the Java files into class files and create a Jar file from the class files:
    1. javac <java files>
    2. jar cvf <applet.jar> <class files>
  2. Create a keystore and sign the created applet jar file:
    1. keytool -genkey -keystore <keystore> -alias <alias>
    2. keytool -selfcert -keystore <keystore> -alias <alias>
    3. jarsigner -keystore <keystore> <jar file> <alias>

Now you can deploy the Jar file as Applet.

Blog at