Java Reference
In-Depth Information
T
ABLE
10.1
Main Permissions At a Glance
Action
Untrusted
All-Permissions
J2EE Application Client
Access Local File System
Ask User
Yes
Yes
Download
resources
in
Yes
Yes
Yes
Codebase
Download application
No
Yes
Yes
JARs from other Web
servers
Download JREs and
Yes
Yes
Yes
extensions from any
Web server
Exiting the JVM and
Yes
Yes
Yes
thread management
nativelib
allowed
No
Yes
Yes
Access system Clipboard
Ask User
Yes
Yes
Authenticated Applications
Also known as
signed applications
,
authenticated applications
verify the following properties.
•All JAR files (for
jar
and
nativelib
elements) must be signed. A JAR file is considered
signed when all its entries are signed with the same certificate (except of course of stan-
dard files in the META-INF directory).
•To simplify user interaction, only one certificate is used to sign all JAR files mentioned
in a single JNLP file. This means that users are asked for authorization only once.
• If the certificate used to sign JAR files is signed itself, it must be verified against a set of
root certificates, from the major certificate authorities. This set of root certificates usually
comes bundled with the JNLP Client.
Furthermore, JNLP files can be optionally signed; that is, when a copy of the main JNLP file is
included in the main (signed) JAR file with the name “JNLP-INF/APPLICATION.JNLP”, and
the two copies match byte-wise. Then, the JNLP file is considered to be signed. Note that this
feature is only optional, and signing applications as defined above will suffice.
10
In order to be run in a trusted environment (J2EE Application Client or All-Permission), the
application must be signed as defined above. It must also be explicitly authorized by the user
by means of an authorization window shown just before allowing the potentially dangerous
action.
