Security - Signed JAR/Applet
Hello,
1. I have created a keystore and certificate using keytool (JDK1.3.1_02)
2. Signed our jar using jarsigner 鈥搆eystore.
3. When I try to run this from the browser it gives
java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkCreateClassLoader(Unknown Source)
at java.lang.ClassLoader.<init>(Unknown Source)
at java.security.SecureClassLoader.<init>(Unknown Source)
at com.jarsafe.x.<init>(Unknown Source)
at com.jarsafe.Main.init(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
FYI, One more thing, my jar is protected by JARSAFE and jarsafe loads my jar. For this, Jarsafe has to create a new classloader and using that it will run my jar in the browser. When it tries to create a new class loader it gives this exception.
When I try to run using a policy file with all security permission, at the client system, it works fine. Why is it not working with the selfsigned JAR file. Why that selfsigned jar does not have permission to create the class loader? I want to use only this selfsigned jar.
Our jar should have permission to create a classloader and since our jar is signed using the self-signed certificate, it supposed to work after signing using this keystore. I don鈥檛 know why it is not working.
Can any one help me out?
Thanks
