Andrew Thompson wrote:Thank you for your answer.
Digitally sign the code and instruct the end user to OK the trust dialog when prompted. That will get around all the hassles of using a policy file.
841232 wrote:You don't follow my prompts, you don't answer my questions, I suspect that trying to help you is a waste of my time. OTOH, I will give one (last) chance.
..Converting my applet to a self-signing one seemed to be a good way.
But, the process includes constraints I can not accept.
End-users have to perform some tasks manually on their own computer according to the "End Users" section at : [http://java.sun.com/developer/onlineTraining/Programming/JDCBook/signed.html#enduser]The article is incorrect, or at best misleading. It is not necessapy for Ray to import the certificate if it is signed by a CA, or if you don't mind Ray having to press OK in a trust dialog when the applet runs. And he doesn't have to create a .policy file either unless he wants different security constraints on the applet than the default.
The only constraint I was ready to accept was prompting a dialog to let the user trust my applet.Thats all he has to do.
Now, I think about an other technology to achieve my applicationUnnecessary.
I am quite confused.Yes. It is my applet, and I cannot afford the price that is charged for a properly verified digital certificate from VeriSign.
The following questions arised in my mind :
-> Is the signed applet you mentionned a self-signed one ?
-> Does my policy file allow a signed applet to get information about user.home and user.name ?Don't use them, don't know, don't care.
-> Is the information from the Java webpage wrong ?I would say 'yes it is wrong'. The information in that page is ludicrous. If it took that much effort to get a signed app. working, it would not be worth it, nor would it be practical.
Before it gets lost in the excitement, I'll ask you again. Do you use an IDE?Yes I use Eclipse Indigo 3.7
841232 wrote:The reason I asked is that I have a small example of digitally signing an app. at the JNLP API demo. of the File Services. It has an ant build file that creates a self-signed certificate before using it sign the code. Ant build files are easy to import into an IDE. That might give you a start.
..I use Eclipse Indigo 3.7
Now I think I have got enough information to perform a new test...you do seem to be a motivated learner who takes the initiative. :-)
841232 wrote:It's equally possible that there is no network path from wherever the applet is running to the MySQL server. (Which in general would be a good thing, because exposing a database server to the Internet can lead to data security problems.)
But, at the same time I met another problem.
My applet does not receive any packets from the MySQL server.
I wonder if my two self-signed applets can not communicate with a remote machine because it is not the machine where the Jars are located.
I know that sand-boxed applets can not.