有一种实现的方法,叫signed applet,就是注册的applet,需要网页浏览者下载相关datastore和public key,比较麻烦,和activeX的签署认证相似。可以到google上用signed applet关键字查,有好几篇文章有相应的步骤说明。比如实现UploadApplet.class的制作步骤:制作者:andy
1. jar cvf SignedApplet.jar UploadApplet.class
2. keytool -genkey -alias signedfiles -keystore andystore -keypass kpi135 -storepass abcdef
questions: <CN=andy, OU=superlink, O=superlink, L=guangzhou, ST=guangdong, C=86>
3. jarsigner -keystore andystore -storepass abcdef -keypass kpi135 -signedjar SSignedApplet.jar SignedApplet.jar signedfiles
4. keytool -export -keystore andystore -storepass abcdef -alias signedfiles -file publickey.cer生成四个文件:SignedApplet.jar, andystore, SSignedApplet.jar, publickey.cer使用者(zhangyang):
1. keytool -import -alias andy -file publickey.cer -keystore zhangyangstore -storepass abcdefgh
2. the write.jp file: keystore "zhangyangstore"; grant SignedBy "andy" {
permission java.util.PropertyPermission
"user.home", "read"
permission java.io.FilePermission
"${user.home}/newfile", "write"
permission java.io.FilePermission
"${user.home}", "read"
};3. appletviewer -J java.security.policy=write.jp http://localhost:8080/examples/appletservlet.htm
1. jar cvf SignedApplet.jar UploadApplet.class
2. keytool -genkey -alias signedfiles -keystore andystore -keypass kpi135 -storepass abcdef
questions: <CN=andy, OU=superlink, O=superlink, L=guangzhou, ST=guangdong, C=86>
3. jarsigner -keystore andystore -storepass abcdef -keypass kpi135 -signedjar SSignedApplet.jar SignedApplet.jar signedfiles
4. keytool -export -keystore andystore -storepass abcdef -alias signedfiles -file publickey.cer生成四个文件:SignedApplet.jar, andystore, SSignedApplet.jar, publickey.cer使用者(zhangyang):
1. keytool -import -alias andy -file publickey.cer -keystore zhangyangstore -storepass abcdefgh
2. the write.jp file: keystore "zhangyangstore"; grant SignedBy "andy" {
permission java.util.PropertyPermission
"user.home", "read"
permission java.io.FilePermission
"${user.home}/newfile", "write"
permission java.io.FilePermission
"${user.home}", "read"
};3. appletviewer -J java.security.policy=write.jp http://localhost:8080/examples/appletservlet.htm
1.手工修改本地.java.policy文件。
2.对生成的applet进行数字签名。然后搜索("数字签名")本论坛,你的问题就解决了。