Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / August 2006

Tip: Looking for answers? Try searching our database.

JWS newbie security question

Thread view: 
Enable EMail AlertsStart New Thread
aaronfude@gmail.com - 21 Aug 2006 20:39 GMT
Hi,

Trying to deploy my java application on the intranet via JWS for the
very first time. All of my jars are unsigned and I get an error
(described below). I though that the user was supposed to decide
whether or not to allow access. So why do I get an error instead?

An error occurred while launching/running the application.

Title: Yadda Yadda
Vendor: IT Department
Category: Security Error

Unsigned application requesting unrestricted access to system
Unsigned resource: http://localhost/infoflow/infoflow.jar

Thanks!

Aaron Fude
Reply to this Message
Rohit Kumbhar - 21 Aug 2006 21:54 GMT
> Hi,
>
> Trying to deploy my java application on the intranet via JWS for the
> very first time. All of my jars are unsigned and I get an error
> (described below). I though that the user was supposed to decide
> whether or not to allow access. So why do I get an error instead?

This will also depend on the settings on the client machine. The option
of allowing user to grant permission to unauthorised content should be
checked.

Rohit
Reply to this Message
aaronfude@gmail.com - 21 Aug 2006 23:54 GMT
> > Hi,
> >
[quoted text clipped - 8 lines]
>
> Rohit

Hi,

Thanks for the response. It is checked. Anywhere else I can look?

Thanks

Aaron Fude
Reply to this Message
Andrew Thompson - 22 Aug 2006 02:24 GMT
....
> > > Trying to deploy my java application on the intranet via JWS for the
> > > very first time. All of my jars are unsigned and I get an error
> > > (described below). I though that the user was supposed to decide
> > > whether or not to allow access.

Does the JNLP request 'all permissions'?

> > So why do I get an error instead?
> >
> > This will also depend on the settings on the client machine. The option
> > of allowing user to grant permission to unauthorised content should be
> > checked.

I  had not heard that a client based permission/setting could
override the security normally associated with *JWS* (though
I am not saying it is not possible).

OTOH, you should be successful if you sign the Jar files,
even with a 'self generated'* certificate.

* I forget the exact term.  One you make yourself, that is
not 'verified' by verisign or such.  Alternately you might look
into the 'freemail' certificate they offer.

Andrew T.
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.