This discussion is archived
1 2 Previous Next 17 Replies Latest reply: Jul 25, 2012 4:41 AM by 950958 RSS

web applet for signing pdf with smart card

950958 Newbie
Currently Being Moderated
I have developed an applet to sign a pdf using a smart card.I have signed the jars myapplet.jar as itext and bouncy castle libs.The applet works ok from netbeans-it signs the pdf that is in the project folder,but when I put it to HTMl either on desktop or on server it says:


java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
     at java.security.AccessControlContext.checkPermission(Unknown Source)
     at java.security.AccessController.checkPermission(Unknown Source)
     at java.lang.SecurityManager.checkPermission(Unknown Source)
     at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755)
     at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62)
     at java.security.KeyStore.load(Unknown Source)
     at CompensateMeOnlineApplet.init(CompensateMeOnlineApplet.java:67)
     at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.init(Unknown Source)
     at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
     at java.lang.Thread.run(Unknown Source)

I did not make any security changes since I signed the jars.
What am I missing?
  • 1. Re: web applet for signing pdf with smart card
    sabre150 Expert
    Currently Being Moderated
    Which BC jars are you using?
  • 2. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    bcprov-jdk16-1.46.jar and itextpdf-5.1.3.jar there are ok I think.
  • 3. Re: web applet for signing pdf with smart card
    sabre150 Expert
    Currently Being Moderated
    947955 wrote:
    bcprov-jdk16-1.46.jar and itextpdf-5.1.3.jar there are ok I think.
    Why do you need BC provider? Note - singing bcprov-jdk16-1.46.jar will remove the existing signing which is needed to allow BC provider to be used. JCE provider jars need to be authenticated against a certificate that is authenticated by a Sun/Oracle certificate (1). I'm betting that your certificate is not.

    Note (1) - that is not the whole story but will suffice for the moment.
  • 4. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    You see I have a php app that generates a pdf that needs to be signed by up to 60 people(one same document).Along the way this is what I got to -to an applet that does this for me ,here you got the code for an applet that at this moment signs a pdf in the project folder-works fine from the Netbeans ,but when I put it to HTML it gives me that error.I think that all the jars I use have to be signed,which I did using keytool and jarsigner.So if I got you right you think I do not need to sign BC provider?Anyway here is my applet it works ok in Netbeans
    /*
     * To change this template, choose Tools | Templates
     * and open the template in the editor.
     */
    package compensatemeonline7;
    
    /**
     *
     * @author Jovo
     */
    /*
     * To change this template, choose Tools | Templates
     * and open the template in the editor.
     */
    
    
    /**
     *
     * @author Jovo
     */
    /*
     * To change this template, choose Tools | Templates
     * and open the template in the editor.
     */
    
    /*
     * To change this template, choose Tools | Templates
     * and open the template in the editor.
     */
    
    /*
     * To change this template, choose Tools | Templates
     * and open the template in the editor.
     */
    
    
    import com.itextpdf.text.DocumentException;
    import com.itextpdf.text.Rectangle;
    import com.itextpdf.text.pdf.*;
    import java.io.FileOutputStream;
    import java.io.IOException;
    import java.io.InputStream;
    import java.security.*;
    import java.security.cert.CertificateException;
    import java.util.Enumeration;
    import java.util.logging.Level;
    import java.util.logging.Logger;
    import javax.swing.JOptionPane;
    
    /**
     *
     * @author Jovo
     */
    public class CompensateMeOnlineApplet extends java.applet.Applet {
    String alias=new String();
    
    
        /**
         * Initializes the applet CompensateMeOnlineApplet
         */
        @Override
        public void init() {
            try {
                try {
                    java.awt.EventQueue.invokeAndWait(new Runnable() {
    
                        @Override
                        public void run() {
                            initComponents();
                        }
                    });
                } catch (Exception ex) {
                    ex.printStackTrace();
                }
               
               KeyStore ks = KeyStore.getInstance("Windows-MY");
                 ks.load(null, null) ;
                 
                 Enumeration en = ks.aliases();
                //  String alias = (String)en.nextElement();
                   //alias = (String)en.nextElement();
                   
                   Enumeration en1 = ks.aliases();
                   while(en1.hasMoreElements()){
       jComboBox1.addItem((String)en1.nextElement());
       
    }
            } catch (IOException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (NoSuchAlgorithmException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (CertificateException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (KeyStoreException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            }
            
        }
    
        /**
         * This method is called from within the init() method to initialize the
         * form. WARNING: Do NOT modify this code. The content of this method is
         * always regenerated by the Form Editor.
         */
        // <editor-fold defaultstate="collapsed" desc="Generated Code">                          
        private void initComponents() {
    
            jComboBox1 = new javax.swing.JComboBox();
            jButton1 = new javax.swing.JButton();
            jButton2 = new javax.swing.JButton();
    
            setCursor(new java.awt.Cursor(java.awt.Cursor.DEFAULT_CURSOR));
    
            jComboBox1.setModel(new javax.swing.DefaultComboBoxModel(new String[] { "Odaberite potpis" }));
    
            jButton1.setText("Potpisi");
            jButton1.addActionListener(new java.awt.event.ActionListener() {
                public void actionPerformed(java.awt.event.ActionEvent evt) {
                    jButton1ActionPerformed(evt);
                }
            });
    
            jButton2.setText("Izadji");
            jButton2.addActionListener(new java.awt.event.ActionListener() {
                public void actionPerformed(java.awt.event.ActionEvent evt) {
                    jButton2ActionPerformed(evt);
                }
            });
    
            javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this);
            this.setLayout(layout);
            layout.setHorizontalGroup(
                layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                .addGroup(layout.createSequentialGroup()
                    .addContainerGap()
                    .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                        .addGroup(layout.createSequentialGroup()
                            .addComponent(jComboBox1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
                            .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
                            .addComponent(jButton1, javax.swing.GroupLayout.PREFERRED_SIZE, 75, javax.swing.GroupLayout.PREFERRED_SIZE)
                            .addGap(0, 89, Short.MAX_VALUE))
                        .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
                            .addGap(0, 0, Short.MAX_VALUE)
                            .addComponent(jButton2)))
                    .addContainerGap())
            );
            layout.setVerticalGroup(
                layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                .addGroup(layout.createSequentialGroup()
                    .addContainerGap()
                    .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
                        .addComponent(jComboBox1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
                        .addComponent(jButton1))
                    .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 23, Short.MAX_VALUE)
                    .addComponent(jButton2)
                    .addContainerGap())
            );
        }// </editor-fold>                        
    
        private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {                                         
    alias=(String)jComboBox1.getSelectedItem();   
    if (alias.equals("Odaberite potpis"))
    {
    JOptionPane.showMessageDialog(jComboBox1, "Morate odabrati potpis kojim cete potpisiti kompenzacionu izjavu!");
    //System.exit(1);
    return ;
    }
    //JOptionPane.showMessageDialog(jComboBox1, alias);
            try {
                potpisi();
    JOptionPane.showMessageDialog(jComboBox1, "Dokument je uspesno potpisan ");
    
                // TODO add your handling code here:
            } catch (KeyStoreException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (IOException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (NoSuchAlgorithmException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (CertificateException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (UnrecoverableKeyException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (DocumentException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (InvalidKeyException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (SignatureException ex) {
                Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
            }
        }                                        
    
        private void jButton2ActionPerformed(java.awt.event.ActionEvent evt) {                                         
    System.exit(1);        // TODO add your handling code here:
        }                                        
    
        // Variables declaration - do not modify                     
        private javax.swing.JButton jButton1;
        private javax.swing.JButton jButton2;
        private javax.swing.JComboBox jComboBox1;
        // End of variables declaration                   
        @Override
    public void start()
    {
    
    }
     
     public void potpisi() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, DocumentException, InvalidKeyException, SignatureException
     {
          
             
              
    
            KeyStore ks = KeyStore.getInstance("Windows-MY");
            ks.load(null, null) ;
            //ovo smo ubacili
            Enumeration en = ks.aliases();
           // String alias = (String)en.nextElement();
     PrivateKey key = (PrivateKey)ks.getKey(alias, "password".toCharArray());
            java.security.cert.Certificate[] chain = ks.getCertificateChain(alias);
            PdfReader reader = new PdfReader("Compensate.pdf");
            FileOutputStream fout = new FileOutputStream("signed.pdf");
            PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0',null,true);
            PdfSignatureAppearance appearance = stp.getSignatureAppearance();
            appearance.setCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED);
            //appearance.setCrypto(key, chain, null,PdfSignatureAppearance.WINCER_SIGNED);
             //appearance.setCrypto(null, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
            appearance.setReason("Potpis kompenzacije");
            appearance.setLocation("Foobar");
            appearance.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, "jedan");
            
            appearance.setExternalDigest(new byte[128], null, "RSA");
            appearance.preClose();
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign(key);
            byte buf[] = new byte[8192];
           int n;
           InputStream inp = appearance.getRangeStream();
           while ((n = inp.read(buf)) > 0) {
           signature.update(buf, 0, n);
           }
            PdfPKCS7 sig = appearance.getSigStandard().getSigner();
            sig.setExternalDigest(signature.sign(), null, "RSA");
            PdfDictionary dic = new PdfDictionary();
            dic.put(PdfName.CONTENTS,new PdfString(sig.getEncodedPKCS1()).setHexWriting(true));
            
            appearance.close(dic);
    
     }
     
    }
    Edited by: sabre150 on Jul 22, 2012 7:53 PM

    Moderator action: added [ code] tags so as to make the code readable. Please add the tags yourself in the future.
  • 5. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    I have a smart card that has been issued by National Ca and with it I got a middlewere,so I do not deal a lot with smart card access.I need this to work mainly on Windows.
  • 6. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    This is what I have from the java console



    Java Plug-in 10.5.1.255
    Using JRE version 1.7.0_05-b05 Java HotSpot(TM) Client VM
    User home directory = C:\Users\Jovo
    ----------------------------------------------------
    c: clear console window
    f: finalize objects on finalization queue
    g: garbage collect
    h: display this help message
    l: dump classloader list
    m: print memory usage
    o: trigger logging
    q: hide console
    r: reload policy configuration
    s: dump system and deployment properties
    t: dump thread list
    v: dump thread stack
    x: clear classloader cache
    0-5: set trace level to <n>
    ----------------------------------------------------
    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws
    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws
    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy
    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy
    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws
    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws
    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy
    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy
    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss
    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss
    basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@1b0e76a
    basic: Plugin2ClassLoader.addURL parent called for http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar
    basic: Plugin2ClassLoader.addURL parent called for http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar
    basic: Plugin2ClassLoader.addURL parent called for http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar
    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar, version: null]
    network: Connecting http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
    network: Downloading resource: http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar
         Content-Length: 1,876,535
         Content-Encoding: null
    network: CleanupThread used 50030 us
    network: Wrote URL http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\187b89d-2365b3b3-temp
    security: Blacklist revocation check is enabled
    security: Trusted libraries list check is enabled
    security: Trusted libraries list file not found
    network: CleanupThread used 2 us
    security: Accessing keys and certificate in Mozilla user profile: null
    security: Loading Deployment certificates from C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
    security: Loaded Deployment certificates from C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
    security: Loading certificates from Deployment session certificate store
    security: Loaded certificates from Deployment session certificate store
    security: Validate the certificate chain using CertPath API
    security: Loading Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
    security: Loaded Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
    security: Obtain certificate collection in Root CA certificate store
    security: Obtain certificate collection in Root CA certificate store
    security: Obtain certificate collection in Root CA certificate store
    security: Obtain certificate collection in Root CA certificate store
    security: The certificate hasnt been expired, no need to check timestamping info
    security: Found jurisdiction list file
    security: No need to checking trusted extension for this certificate
    security: The CRL support is disabled
    security: The OCSP support is disabled
    security: This OCSP End Entity validation is disabled
    security: Checking if certificate is in Deployment denied certificate store
    security: Checking if certificate is in Deployment permanent certificate store
    security: Checking if certificate is in Deployment session certificate store
    basic: Dialog type is not candidate for embedding
    security: User has granted the priviledges to the code for this session only
    security: Adding certificate in Deployment session certificate store
    security: Added certificate in Deployment session certificate store
    security: Saving certificates in Deployment session certificate store
    security: Saved certificates in Deployment session certificate store
    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar, version: null]
    network: Connecting http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
    network: CleanupThread used 2 us
    network: Downloading resource: http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar
         Content-Length: 1,699,668
         Content-Encoding: null
    network: Wrote URL http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\390baf1-728da15c-temp
    security: Trusted libraries list file not found
    network: CleanupThread used 1 us
    security: Validate the certificate chain using CertPath API
    security: The certificate hasnt been expired, no need to check timestamping info
    security: Found jurisdiction list file
    security: No need to checking trusted extension for this certificate
    security: The CRL support is disabled
    security: The OCSP support is disabled
    security: This OCSP End Entity validation is disabled
    security: Checking if certificate is in Deployment denied certificate store
    security: Checking if certificate is in Deployment permanent certificate store
    security: Checking if certificate is in Deployment session certificate store
    basic: Dialog type is not candidate for embedding
    security: User has granted the priviledges to the code for this session only
    security: Adding certificate in Deployment session certificate store
    security: Added certificate in Deployment session certificate store
    security: Saving certificates in Deployment session certificate store
    security: Saved certificates in Deployment session certificate store
    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/, version: null]
    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class, version: null]
    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
    network: CleanupThread used 3 us
    network: Downloading resource: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class
         Content-Length: 10,488
         Content-Encoding: null
    network: Wrote URL http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\34175a2b-436646d4-temp
    network: CleanupThread used 1 us
    basic: Dialog type is not candidate for embedding
    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/, version: null]
    basic: Applet loaded.
    basic: Applet resized and added to parent container
    basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 173981 us, pluginInit dt 27159251 us, TotalTime: 27333232 us
    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class, version: null]
    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
    network: CleanupThread used 2 us
    network: Downloading resource: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class
         Content-Length: 694
         Content-Encoding: null
    network: Wrote URL http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\54848521-39ad75f2-temp
    network: CleanupThread used 1 us
    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class, version: null]
    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
    network: CleanupThread used 2 us
    network: Downloading resource: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class
         Content-Length: 796
         Content-Encoding: null
    network: Wrote URL http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\443894ae-22ff9bc1-temp
    network: CleanupThread used 2 us
    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class, version: null]
    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
    network: CleanupThread used 2 us
    network: Downloading resource: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class
         Content-Length: 796
         Content-Encoding: null
    network: Wrote URL http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\338ad6c4-7e5c84c9-temp
    network: CleanupThread used 2 us
    java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
         at java.security.AccessControlContext.checkPermission(Unknown Source)
         at java.security.AccessController.checkPermission(Unknown Source)
         at java.lang.SecurityManager.checkPermission(Unknown Source)
         at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755)
         at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62)
         at java.security.KeyStore.load(Unknown Source)
         at CompensateMeOnlineApplet.init(CompensateMeOnlineApplet.java:67)
         at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.init(Unknown Source)
         at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
         at java.lang.Thread.run(Unknown Source)
    Ignored exception: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
    basic: Dialog type is not candidate for embedding
    basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter@1b0e76a
    security: Reset deny session certificate store
  • 7. Re: web applet for signing pdf with smart card
    DarrylBurke Guru Moderator
    Currently Being Moderated
    Cross posted:
    http://www.coderanch.com/t/587760/Applets/java/java-applet-signing-pdf-smart
    http://www.java-forums.org/new-java/61587-web-applet-signing-pdf-smart-card.html

    Related topic:
    http://stackoverflow.com/questions/11180838/php-javascript-java-applet-smart-card-signing-pdf-on-server

    db
  • 8. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    So I am posting to all possible sites for a solution,I come up with

    System.SetSecurityManager(null); that could solve the day,am I right?
  • 9. Re: web applet for signing pdf with smart card
    sabre150 Expert
    Currently Being Moderated
    947955 wrote:
    So I am posting to all possible sites for a solution,I come up with
    If you don't say what sites you have cross-posted to then people could waste time answering on once site when a solution exists an another.

    >
    System.SetSecurityManager(null); that could solve the day,am I right?
    I hope not. What would be the point of having a security manager that is supposed to protect the user of your Applet if you could bypass it?

    Despite the detail you have given indicating a security problem and you trying to solve this by removing the security manager you seem to be ignoring my concern about your signing of the BC JCE jar. Since I never sign the BC jar and have never used one in an Applet I don't know whether or not this signing is the cause of your problem but it goes against the fact that JCE provider jars need to be signed such that the root certificate when validating the signature must be a Sun/Oracle certificate. See section 5 of http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/HowToImplAJCEProvider.html#Step%205 .

    It must be worth investigating.

    Edited by: sabre150 on Jul 23, 2012 2:44 PM
  • 10. Re: web applet for signing pdf with smart card
    gimbal2 Guru
    Currently Being Moderated
    A quick google for the exception turned up this:

    http://stackoverflow.com/questions/6512373/how-can-i-use-mscapi-inside-an-applet-to-load-a-keystore

    which hints at it being a problem with the keystore used to sign the applet. But there is also a second hint in there: clearing the java cache might make you see a change.
  • 11. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    I signed the applet the same, way except that my keystore is called my.keystore and the part with
    Priveged... simply doesn't make it run ok.
  • 12. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    I tried not to sign Bc and it gives me all the same exception.
  • 13. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    This is the way I signed my applet

    http://www.mobilefish.com/tutorials/java/java_quickguide_keytool.html
  • 14. Re: web applet for signing pdf with smart card
    950958 Newbie
    Currently Being Moderated
    I did all up to step 6 of the signing link I provided.
1 2 Previous Next

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points