1 2 Previous Next 17 Replies Latest reply: Jul 25, 2012 6:41 AM by 950958 RSS

    web applet for signing pdf with smart card

    950958
      I have developed an applet to sign a pdf using a smart card.I have signed the jars myapplet.jar as itext and bouncy castle libs.The applet works ok from netbeans-it signs the pdf that is in the project folder,but when I put it to HTMl either on desktop or on server it says:


      java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
           at java.security.AccessControlContext.checkPermission(Unknown Source)
           at java.security.AccessController.checkPermission(Unknown Source)
           at java.lang.SecurityManager.checkPermission(Unknown Source)
           at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755)
           at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62)
           at java.security.KeyStore.load(Unknown Source)
           at CompensateMeOnlineApplet.init(CompensateMeOnlineApplet.java:67)
           at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.init(Unknown Source)
           at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
           at java.lang.Thread.run(Unknown Source)

      I did not make any security changes since I signed the jars.
      What am I missing?
        • 1. Re: web applet for signing pdf with smart card
          sabre150
          Which BC jars are you using?
          • 2. Re: web applet for signing pdf with smart card
            950958
            bcprov-jdk16-1.46.jar and itextpdf-5.1.3.jar there are ok I think.
            • 3. Re: web applet for signing pdf with smart card
              sabre150
              947955 wrote:
              bcprov-jdk16-1.46.jar and itextpdf-5.1.3.jar there are ok I think.
              Why do you need BC provider? Note - singing bcprov-jdk16-1.46.jar will remove the existing signing which is needed to allow BC provider to be used. JCE provider jars need to be authenticated against a certificate that is authenticated by a Sun/Oracle certificate (1). I'm betting that your certificate is not.

              Note (1) - that is not the whole story but will suffice for the moment.
              • 4. Re: web applet for signing pdf with smart card
                950958
                You see I have a php app that generates a pdf that needs to be signed by up to 60 people(one same document).Along the way this is what I got to -to an applet that does this for me ,here you got the code for an applet that at this moment signs a pdf in the project folder-works fine from the Netbeans ,but when I put it to HTML it gives me that error.I think that all the jars I use have to be signed,which I did using keytool and jarsigner.So if I got you right you think I do not need to sign BC provider?Anyway here is my applet it works ok in Netbeans
                /*
                 * To change this template, choose Tools | Templates
                 * and open the template in the editor.
                 */
                package compensatemeonline7;
                
                /**
                 *
                 * @author Jovo
                 */
                /*
                 * To change this template, choose Tools | Templates
                 * and open the template in the editor.
                 */
                
                
                /**
                 *
                 * @author Jovo
                 */
                /*
                 * To change this template, choose Tools | Templates
                 * and open the template in the editor.
                 */
                
                /*
                 * To change this template, choose Tools | Templates
                 * and open the template in the editor.
                 */
                
                /*
                 * To change this template, choose Tools | Templates
                 * and open the template in the editor.
                 */
                
                
                import com.itextpdf.text.DocumentException;
                import com.itextpdf.text.Rectangle;
                import com.itextpdf.text.pdf.*;
                import java.io.FileOutputStream;
                import java.io.IOException;
                import java.io.InputStream;
                import java.security.*;
                import java.security.cert.CertificateException;
                import java.util.Enumeration;
                import java.util.logging.Level;
                import java.util.logging.Logger;
                import javax.swing.JOptionPane;
                
                /**
                 *
                 * @author Jovo
                 */
                public class CompensateMeOnlineApplet extends java.applet.Applet {
                String alias=new String();
                
                
                    /**
                     * Initializes the applet CompensateMeOnlineApplet
                     */
                    @Override
                    public void init() {
                        try {
                            try {
                                java.awt.EventQueue.invokeAndWait(new Runnable() {
                
                                    @Override
                                    public void run() {
                                        initComponents();
                                    }
                                });
                            } catch (Exception ex) {
                                ex.printStackTrace();
                            }
                           
                           KeyStore ks = KeyStore.getInstance("Windows-MY");
                             ks.load(null, null) ;
                             
                             Enumeration en = ks.aliases();
                            //  String alias = (String)en.nextElement();
                               //alias = (String)en.nextElement();
                               
                               Enumeration en1 = ks.aliases();
                               while(en1.hasMoreElements()){
                   jComboBox1.addItem((String)en1.nextElement());
                   
                }
                        } catch (IOException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (NoSuchAlgorithmException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (CertificateException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (KeyStoreException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        }
                        
                    }
                
                    /**
                     * This method is called from within the init() method to initialize the
                     * form. WARNING: Do NOT modify this code. The content of this method is
                     * always regenerated by the Form Editor.
                     */
                    // <editor-fold defaultstate="collapsed" desc="Generated Code">                          
                    private void initComponents() {
                
                        jComboBox1 = new javax.swing.JComboBox();
                        jButton1 = new javax.swing.JButton();
                        jButton2 = new javax.swing.JButton();
                
                        setCursor(new java.awt.Cursor(java.awt.Cursor.DEFAULT_CURSOR));
                
                        jComboBox1.setModel(new javax.swing.DefaultComboBoxModel(new String[] { "Odaberite potpis" }));
                
                        jButton1.setText("Potpisi");
                        jButton1.addActionListener(new java.awt.event.ActionListener() {
                            public void actionPerformed(java.awt.event.ActionEvent evt) {
                                jButton1ActionPerformed(evt);
                            }
                        });
                
                        jButton2.setText("Izadji");
                        jButton2.addActionListener(new java.awt.event.ActionListener() {
                            public void actionPerformed(java.awt.event.ActionEvent evt) {
                                jButton2ActionPerformed(evt);
                            }
                        });
                
                        javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this);
                        this.setLayout(layout);
                        layout.setHorizontalGroup(
                            layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                            .addGroup(layout.createSequentialGroup()
                                .addContainerGap()
                                .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                                    .addGroup(layout.createSequentialGroup()
                                        .addComponent(jComboBox1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
                                        .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
                                        .addComponent(jButton1, javax.swing.GroupLayout.PREFERRED_SIZE, 75, javax.swing.GroupLayout.PREFERRED_SIZE)
                                        .addGap(0, 89, Short.MAX_VALUE))
                                    .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
                                        .addGap(0, 0, Short.MAX_VALUE)
                                        .addComponent(jButton2)))
                                .addContainerGap())
                        );
                        layout.setVerticalGroup(
                            layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                            .addGroup(layout.createSequentialGroup()
                                .addContainerGap()
                                .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
                                    .addComponent(jComboBox1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
                                    .addComponent(jButton1))
                                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 23, Short.MAX_VALUE)
                                .addComponent(jButton2)
                                .addContainerGap())
                        );
                    }// </editor-fold>                        
                
                    private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {                                         
                alias=(String)jComboBox1.getSelectedItem();   
                if (alias.equals("Odaberite potpis"))
                {
                JOptionPane.showMessageDialog(jComboBox1, "Morate odabrati potpis kojim cete potpisiti kompenzacionu izjavu!");
                //System.exit(1);
                return ;
                }
                //JOptionPane.showMessageDialog(jComboBox1, alias);
                        try {
                            potpisi();
                JOptionPane.showMessageDialog(jComboBox1, "Dokument je uspesno potpisan ");
                
                            // TODO add your handling code here:
                        } catch (KeyStoreException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (IOException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (NoSuchAlgorithmException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (CertificateException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (UnrecoverableKeyException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (DocumentException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (InvalidKeyException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        } catch (SignatureException ex) {
                            Logger.getLogger(CompensateMeOnlineApplet.class.getName()).log(Level.SEVERE, null, ex);
                        }
                    }                                        
                
                    private void jButton2ActionPerformed(java.awt.event.ActionEvent evt) {                                         
                System.exit(1);        // TODO add your handling code here:
                    }                                        
                
                    // Variables declaration - do not modify                     
                    private javax.swing.JButton jButton1;
                    private javax.swing.JButton jButton2;
                    private javax.swing.JComboBox jComboBox1;
                    // End of variables declaration                   
                    @Override
                public void start()
                {
                
                }
                 
                 public void potpisi() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, DocumentException, InvalidKeyException, SignatureException
                 {
                      
                         
                          
                
                        KeyStore ks = KeyStore.getInstance("Windows-MY");
                        ks.load(null, null) ;
                        //ovo smo ubacili
                        Enumeration en = ks.aliases();
                       // String alias = (String)en.nextElement();
                 PrivateKey key = (PrivateKey)ks.getKey(alias, "password".toCharArray());
                        java.security.cert.Certificate[] chain = ks.getCertificateChain(alias);
                        PdfReader reader = new PdfReader("Compensate.pdf");
                        FileOutputStream fout = new FileOutputStream("signed.pdf");
                        PdfStamper stp = PdfStamper.createSignature(reader, fout, '\0',null,true);
                        PdfSignatureAppearance appearance = stp.getSignatureAppearance();
                        appearance.setCrypto(null, chain, null, PdfSignatureAppearance.SELF_SIGNED);
                        //appearance.setCrypto(key, chain, null,PdfSignatureAppearance.WINCER_SIGNED);
                         //appearance.setCrypto(null, chain, null, PdfSignatureAppearance.WINCER_SIGNED);
                        appearance.setReason("Potpis kompenzacije");
                        appearance.setLocation("Foobar");
                        appearance.setVisibleSignature(new Rectangle(100, 100, 200, 200), 1, "jedan");
                        
                        appearance.setExternalDigest(new byte[128], null, "RSA");
                        appearance.preClose();
                        Signature signature = Signature.getInstance("SHA1withRSA");
                        signature.initSign(key);
                        byte buf[] = new byte[8192];
                       int n;
                       InputStream inp = appearance.getRangeStream();
                       while ((n = inp.read(buf)) > 0) {
                       signature.update(buf, 0, n);
                       }
                        PdfPKCS7 sig = appearance.getSigStandard().getSigner();
                        sig.setExternalDigest(signature.sign(), null, "RSA");
                        PdfDictionary dic = new PdfDictionary();
                        dic.put(PdfName.CONTENTS,new PdfString(sig.getEncodedPKCS1()).setHexWriting(true));
                        
                        appearance.close(dic);
                
                 }
                 
                }
                Edited by: sabre150 on Jul 22, 2012 7:53 PM

                Moderator action: added [ code] tags so as to make the code readable. Please add the tags yourself in the future.
                • 5. Re: web applet for signing pdf with smart card
                  950958
                  I have a smart card that has been issued by National Ca and with it I got a middlewere,so I do not deal a lot with smart card access.I need this to work mainly on Windows.
                  • 6. Re: web applet for signing pdf with smart card
                    950958
                    This is what I have from the java console



                    Java Plug-in 10.5.1.255
                    Using JRE version 1.7.0_05-b05 Java HotSpot(TM) Client VM
                    User home directory = C:\Users\Jovo
                    ----------------------------------------------------
                    c: clear console window
                    f: finalize objects on finalization queue
                    g: garbage collect
                    h: display this help message
                    l: dump classloader list
                    m: print memory usage
                    o: trigger logging
                    q: hide console
                    r: reload policy configuration
                    s: dump system and deployment properties
                    t: dump thread list
                    v: dump thread stack
                    x: clear classloader cache
                    0-5: set trace level to <n>
                    ----------------------------------------------------
                    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
                    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws
                    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws
                    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy
                    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy
                    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
                    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.
                    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws
                    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws
                    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy
                    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy
                    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
                    security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
                    security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss
                    security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
                    security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss
                    basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@1b0e76a
                    basic: Plugin2ClassLoader.addURL parent called for http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar
                    basic: Plugin2ClassLoader.addURL parent called for http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar
                    basic: Plugin2ClassLoader.addURL parent called for http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar
                    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar, version: null]
                    network: Connecting http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
                    network: Downloading resource: http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar
                         Content-Length: 1,876,535
                         Content-Encoding: null
                    network: CleanupThread used 50030 us
                    network: Wrote URL http://www.compensatemeonline.com/classes/bcprov-jdk16-1.46.jar to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\187b89d-2365b3b3-temp
                    security: Blacklist revocation check is enabled
                    security: Trusted libraries list check is enabled
                    security: Trusted libraries list file not found
                    network: CleanupThread used 2 us
                    security: Accessing keys and certificate in Mozilla user profile: null
                    security: Loading Deployment certificates from C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
                    security: Loaded Deployment certificates from C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
                    security: Loading certificates from Deployment session certificate store
                    security: Loaded certificates from Deployment session certificate store
                    security: Validate the certificate chain using CertPath API
                    security: Loading Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
                    security: Loaded Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
                    security: Obtain certificate collection in Root CA certificate store
                    security: Obtain certificate collection in Root CA certificate store
                    security: Obtain certificate collection in Root CA certificate store
                    security: Obtain certificate collection in Root CA certificate store
                    security: The certificate hasnt been expired, no need to check timestamping info
                    security: Found jurisdiction list file
                    security: No need to checking trusted extension for this certificate
                    security: The CRL support is disabled
                    security: The OCSP support is disabled
                    security: This OCSP End Entity validation is disabled
                    security: Checking if certificate is in Deployment denied certificate store
                    security: Checking if certificate is in Deployment permanent certificate store
                    security: Checking if certificate is in Deployment session certificate store
                    basic: Dialog type is not candidate for embedding
                    security: User has granted the priviledges to the code for this session only
                    security: Adding certificate in Deployment session certificate store
                    security: Added certificate in Deployment session certificate store
                    security: Saving certificates in Deployment session certificate store
                    security: Saved certificates in Deployment session certificate store
                    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar, version: null]
                    network: Connecting http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
                    network: CleanupThread used 2 us
                    network: Downloading resource: http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar
                         Content-Length: 1,699,668
                         Content-Encoding: null
                    network: Wrote URL http://www.compensatemeonline.com/classes/itextpdf-5.1.3.jar to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\390baf1-728da15c-temp
                    security: Trusted libraries list file not found
                    network: CleanupThread used 1 us
                    security: Validate the certificate chain using CertPath API
                    security: The certificate hasnt been expired, no need to check timestamping info
                    security: Found jurisdiction list file
                    security: No need to checking trusted extension for this certificate
                    security: The CRL support is disabled
                    security: The OCSP support is disabled
                    security: This OCSP End Entity validation is disabled
                    security: Checking if certificate is in Deployment denied certificate store
                    security: Checking if certificate is in Deployment permanent certificate store
                    security: Checking if certificate is in Deployment session certificate store
                    basic: Dialog type is not candidate for embedding
                    security: User has granted the priviledges to the code for this session only
                    security: Adding certificate in Deployment session certificate store
                    security: Added certificate in Deployment session certificate store
                    security: Saving certificates in Deployment session certificate store
                    security: Saved certificates in Deployment session certificate store
                    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/, version: null]
                    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class, version: null]
                    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
                    network: CleanupThread used 3 us
                    network: Downloading resource: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class
                         Content-Length: 10,488
                         Content-Encoding: null
                    network: Wrote URL http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet.class to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\34175a2b-436646d4-temp
                    network: CleanupThread used 1 us
                    basic: Dialog type is not candidate for embedding
                    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/, version: null]
                    basic: Applet loaded.
                    basic: Applet resized and added to parent container
                    basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 173981 us, pluginInit dt 27159251 us, TotalTime: 27333232 us
                    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class, version: null]
                    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
                    network: CleanupThread used 2 us
                    network: Downloading resource: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class
                         Content-Length: 694
                         Content-Encoding: null
                    network: Wrote URL http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$1.class to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\54848521-39ad75f2-temp
                    network: CleanupThread used 1 us
                    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class, version: null]
                    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
                    network: CleanupThread used 2 us
                    network: Downloading resource: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class
                         Content-Length: 796
                         Content-Encoding: null
                    network: Wrote URL http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$2.class to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\443894ae-22ff9bc1-temp
                    network: CleanupThread used 2 us
                    network: Cache entry not found [url: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class, version: null]
                    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com:80/ with proxy=DIRECT
                    network: Connecting http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class with cookie "PHPSESSID=o4hi3pmcst9146v0g418l34sv7"
                    network: CleanupThread used 2 us
                    network: Downloading resource: http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class
                         Content-Length: 796
                         Content-Encoding: null
                    network: Wrote URL http://www.compensatemeonline.com/classes/CompensateMeOnlineApplet$3.class to File C:\Users\Jovo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\338ad6c4-7e5c84c9-temp
                    network: CleanupThread used 2 us
                    java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
                         at java.security.AccessControlContext.checkPermission(Unknown Source)
                         at java.security.AccessController.checkPermission(Unknown Source)
                         at java.lang.SecurityManager.checkPermission(Unknown Source)
                         at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755)
                         at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62)
                         at java.security.KeyStore.load(Unknown Source)
                         at CompensateMeOnlineApplet.init(CompensateMeOnlineApplet.java:67)
                         at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.init(Unknown Source)
                         at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
                         at java.lang.Thread.run(Unknown Source)
                    Ignored exception: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
                    basic: Dialog type is not candidate for embedding
                    basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter@1b0e76a
                    security: Reset deny session certificate store
                    • 7. Re: web applet for signing pdf with smart card
                      DarrylBurke
                      Cross posted:
                      http://www.coderanch.com/t/587760/Applets/java/java-applet-signing-pdf-smart
                      http://www.java-forums.org/new-java/61587-web-applet-signing-pdf-smart-card.html

                      Related topic:
                      http://stackoverflow.com/questions/11180838/php-javascript-java-applet-smart-card-signing-pdf-on-server

                      db
                      • 8. Re: web applet for signing pdf with smart card
                        950958
                        So I am posting to all possible sites for a solution,I come up with

                        System.SetSecurityManager(null); that could solve the day,am I right?
                        • 9. Re: web applet for signing pdf with smart card
                          sabre150
                          947955 wrote:
                          So I am posting to all possible sites for a solution,I come up with
                          If you don't say what sites you have cross-posted to then people could waste time answering on once site when a solution exists an another.

                          >
                          System.SetSecurityManager(null); that could solve the day,am I right?
                          I hope not. What would be the point of having a security manager that is supposed to protect the user of your Applet if you could bypass it?

                          Despite the detail you have given indicating a security problem and you trying to solve this by removing the security manager you seem to be ignoring my concern about your signing of the BC JCE jar. Since I never sign the BC jar and have never used one in an Applet I don't know whether or not this signing is the cause of your problem but it goes against the fact that JCE provider jars need to be signed such that the root certificate when validating the signature must be a Sun/Oracle certificate. See section 5 of http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/HowToImplAJCEProvider.html#Step%205 .

                          It must be worth investigating.

                          Edited by: sabre150 on Jul 23, 2012 2:44 PM
                          • 10. Re: web applet for signing pdf with smart card
                            gimbal2
                            A quick google for the exception turned up this:

                            http://stackoverflow.com/questions/6512373/how-can-i-use-mscapi-inside-an-applet-to-load-a-keystore

                            which hints at it being a problem with the keystore used to sign the applet. But there is also a second hint in there: clearing the java cache might make you see a change.
                            • 11. Re: web applet for signing pdf with smart card
                              950958
                              I signed the applet the same, way except that my keystore is called my.keystore and the part with
                              Priveged... simply doesn't make it run ok.
                              • 12. Re: web applet for signing pdf with smart card
                                950958
                                I tried not to sign Bc and it gives me all the same exception.
                                • 13. Re: web applet for signing pdf with smart card
                                  950958
                                  This is the way I signed my applet

                                  http://www.mobilefish.com/tutorials/java/java_quickguide_keytool.html
                                  • 14. Re: web applet for signing pdf with smart card
                                    950958
                                    I did all up to step 6 of the signing link I provided.
                                    1 2 Previous Next