ReadaFile

M. Gallant 03/28/2002

This simple RSA signed applet for JavaPlugin 1.3+ allows simple display of text files as selected by the user. A 1024 bit RSA self-signed test certificate was generated with k2ytool.exe from j2se v1.4 .The html was converted with the htmlConverter utility version 1.3.

How this RSA signed java applet runs from this web server depends on how your local java policy file (default is .java.policy)is configured. If there is no such policy file configured on your machine and your security policy file has not been modified, then you will be prompted with a certificate-signature dialog, asking if you wish to grant ALL or NO privileges.

By default, RSA signed applets for JavaPlugin do NOT use the policy file, even if present. To force the use of the local policy file, you need to add a "usePolicy" grant entry in the policy file. For example the following policy file will override the ALL/NOTHING RSA signature capability with the limited privileges of reading only files in the local folder C:\testfolder: whether they are signed or not:


   grant {
	permission java.lang.RuntimePermission "usePolicy";
	permission java.io.FilePermission "C:\\testfolder\\*", "read";
   };
To require that the file be signed with a certificate corresponding to the keystore alias jacksigner but with only the same limited privileges, you can use:


 keystore "file:/C:/documents and settings//.keystore", "jks";

   grant signedBy "jacksigner" {
	permission java.lang.RuntimePermission "usePolicy";
	permission java.io.FilePermission "C:\\testfolder\\*", "read";
   };
If this second case, you would have needed to import the signer's public certificate into your .keystore file.

ReadaFile.java source