I have a Java applet that I need to deploy on my website.
My website has a lot of pages and the applet appears on a number of them. My website's base domain is www.mycompany.com
. But the applet will appear on, for example: www.mycompany.com/dog
, www.mycompany.com/cat
, www.mycompany.com/pen
, etc.
The package of the entry point is com.mycompany.MyApplet
.
Following the instructions at Java Security Manifest Changes in the Browser, I have created the below manifest for my app. Will someone please review it for me so that I get it correct? Basically I don't want any sort of warning to show up when people try to run my applet from my website.
MANIFEST
Manifest-Version: 1.0
Created-By: 1.7.0_51
Permissions: sandbox
Application-Name: My Farming Business
Application-Library-Allowable-Codebase: www.mycompany.com/where_the_applet_jar_actually_lives
Caller-Allowable-Codebase:www.mycompany.com
Codebase: www.mycompany.com
Presently I get the following dialog after redeploying with the above manifest:
Application Blocked by Security Settings: Your security settings have blocked an untrusted application from running
Ref: How do I inject new manifest into an existing jar for applet
Also, I have used the following steps to sign my jar:
keytool -genkey -keystore myKeyStore -alias me
keytool -selfcert -keystore myKeyStore -alias me
jarsigner -keystore myKeyStore jarfile.jar me
As for the error you get I can think of three possible problems:
1) Your applet does not ask permission for what it is trying to do.
What happens? The "permissions" is telling the user how much "power" does the application have over the user's computer. "sandbox" doesn't let the application do much and "all-permissions" gain the applet a little more control. of course, you would want to use the lowest permission you can (i.e. sandbox) because the lower permission you use, the less warning prompts the user get. However, if, for example your applet is trying to gain access to the user's personal files but it's "permissions" attribute is set to "sandbox" the applet won't work, as it did not ask permission for what it is trying to do.
How to solve it? Simple, just change Permissions: sandbox
to Permissions: all-permissions
2) Your computer is not allowing self signed applications to run.
What happens? Most browsers have very strict rules applying to applets. especially if you're requiring all-permissions (which you are not).
How to solve it? Change your java security in java control panel to something lower. you can either search for "java control panel" in your computer or go yourself to this path (windows 8 can't find the java control panel for some reason so you have to look for it yourself) C:\program files\java\jre7\bin\javacpl.exe
in the JCP go to security tab and change it to medium.
3) Your operating system doesn't allow you to run applets that you signed your self. (pay attention "applets that you signed your self" not "self signed applets", which is everything that doesn't have an official certificate. Operating systems usually treat them differently.)
How to solve it? Upload the applet to a web host service and enter it from another computer, all computers but the ones you signed the applet with should be able to open the applet.
As for what you mentioned about users not getting any security prompts, it is an almost impossible demand. With the variety of OS, browsers and anti-viruses you can never know. However, there are a few methods in which you can reduce the amount of security prompts:
I highly recommend you to look at the following links:
SSL: Where could I buy a valid SSL certificate?
Permissions: http://docs.oracle.com/javase/tutorial/deployment/applet/security.html
If you've got problem number 1 that would be the manifest file:
Manifest-Version: 1.0
Created-By: 1.7.0_51
Permissions: all-permissions
Application-Name: My Farming Business
Application-Library-Allowable-Codebase: www.mycompany.com/where_the_applet_jar_actually_lives
Caller-Allowable-Codebase:www.mycompany.com
Codebase: *
Eitherwise (If your problem is 2 or 3), you don't even have to change the manifest file.
As @tigran mentioned, if you want to run your applet from several different places you'd probably want to change "codebase" to *.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With