Applet无法正常进入,请进来看看,一共送500分.
来源: 互联网 发布时间:2015-09-06
本文导语: 我快被这个抓狂了!!!! 我写了一个Applet,上传到Server上后,然后大家作为Client来测试. 有的机器没问题. 有的机器上jre的console上就报: connection refused. 有的机器上在过了第一次认证后(就是IE接到401的时候弹的那个认证对话...
我快被这个抓狂了!!!!
我写了一个Applet,上传到Server上后,然后大家作为Client来测试.
有的机器没问题.
有的机器上jre的console上就报: connection refused.
有的机器上在过了第一次认证后(就是IE接到401的时候弹的那个认证对话框),就一直弹出该死的认证对话框要输入用户名和密码(是jre样子的那种认证对话框),输了它又弹出来.
疯掉了啊!!!!!我要抓狂了啊!!!!
jre有的机器是最新的1.4.0,有的是1.3.1,但都可能出现上述三种情况之一.....救命啊,各位大大!我接触java只两个月,搞不定啊.
搞定后,我再发帖送剩下的400分啊!!!
我写了一个Applet,上传到Server上后,然后大家作为Client来测试.
有的机器没问题.
有的机器上jre的console上就报: connection refused.
有的机器上在过了第一次认证后(就是IE接到401的时候弹的那个认证对话框),就一直弹出该死的认证对话框要输入用户名和密码(是jre样子的那种认证对话框),输了它又弹出来.
疯掉了啊!!!!!我要抓狂了啊!!!!
jre有的机器是最新的1.4.0,有的是1.3.1,但都可能出现上述三种情况之一.....救命啊,各位大大!我接触java只两个月,搞不定啊.
搞定后,我再发帖送剩下的400分啊!!!
|
安全级别不够高,建议数字签名。
邮箱是多少,我发给你!快!!!!!!!!!!!!!!!
邮箱是多少,我发给你!快!!!!!!!!!!!!!!!
|
签名很简单:
Topic:
Digital certificates for applets
Question:
How can I create a digital certificate and sign an applet?
Answer:
These steps describe the creation of a self-signed applet. This is useful for testing purposes. For use of public reachable applets, there will be needed a "real" certificate issued by an authority like VeriSign or Thawte. (See Step 10 - no user will import and trust a self-signed applet from an unkown developer).
The applet needs to run in the plugin, as only the plugin is platform- and browser-independent. And without this independence, it doesn't make sense to use Java programming...
Create your code for the applet as usual. It is not necessary to set any permissions or use security managers in the code.
Install JDK 1.3 path for use of the following commands:
jdk 1.3 pathbin
Commands are keytool, jar, jarsigner. Password for the keystore is any password. Only Sun knows why... perhaps ;-)
Generate key:
keytool -genkey -keyalg rsa -alias tstkey Enter keystore
password: *******
What is your first and last name?
[Unknown]: Your Name What is the name of
your organizational unit?
[Unknown]: YourUnit What is the name of your organization?
[Unknown]: YourOrg What is the name of your
City or Locality?
[Unknown]: YourCity What is the name of
your State or Province?
[Unknown]: YS What is the two-letter country
code for this unit
[Unknown]: US Is CN=Your Name, OU=YourUnit, O=YourOrg,
L=YourCity, ST=YS, C=US correct? [no]: yes
(wait...)
Enter key password for tstkey (RETURN if same
as keystore password):
(press [enter])
Export key: keytool -export -alias tstkey -file tstcert.crt
Enter keystore password: ******* Certificate stored in file tstcert.crt
Create JAR: jar cvf tst.jar tst.class Add all classes used in your project by typing the classnames in the same line.
added manifest adding: tst.class(in = 849) (out= 536)(deflated 36%)
Verify JAR: jar tvf tst.jar
0 Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/ 68 Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/MANIFEST.MF 849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class
Sign JAR: jarsigner tst.jar tstkey Enter Passphrase for keystore: *******
Verifiy Signing: jarsigner -verify -verbose -certs tst.jar
130 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/MANIFEST.MF 183 Thu Jul
27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.SF 920 Thu Jul 27
13:04:12 GMT+02:00 2000 META-INF/TSTKEY.RSA 0 Thu Jul 27
12:58:28 GMT+02:00 2000 META-INF/ smk 849 Thu Jul 27
12:49:04 GMT+02:00 2000 tst.class
X.509, CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US (tstkey)
s = signature was verified m = entry is listed in manifest k = at least one certificate was found in keystore i = at least one certificate was found in identity scope jar verified.
> Create HTML-File for use of the applet by the Sun Plugin 1.3 (recommended to use HTML Converter Version 1.3)
Place a link to the .crt file (created in step 4) in the HTML-File. This .crt file has to be opened by the browser and has to be set to trusted, as the root CA for testing is not known to the browser. For use with "real" certificates, this step should not be necessary.
Topic:
Digital certificates for applets
Question:
How can I create a digital certificate and sign an applet?
Answer:
These steps describe the creation of a self-signed applet. This is useful for testing purposes. For use of public reachable applets, there will be needed a "real" certificate issued by an authority like VeriSign or Thawte. (See Step 10 - no user will import and trust a self-signed applet from an unkown developer).
The applet needs to run in the plugin, as only the plugin is platform- and browser-independent. And without this independence, it doesn't make sense to use Java programming...
Create your code for the applet as usual. It is not necessary to set any permissions or use security managers in the code.
Install JDK 1.3 path for use of the following commands:
jdk 1.3 pathbin
Commands are keytool, jar, jarsigner. Password for the keystore is any password. Only Sun knows why... perhaps ;-)
Generate key:
keytool -genkey -keyalg rsa -alias tstkey Enter keystore
password: *******
What is your first and last name?
[Unknown]: Your Name What is the name of
your organizational unit?
[Unknown]: YourUnit What is the name of your organization?
[Unknown]: YourOrg What is the name of your
City or Locality?
[Unknown]: YourCity What is the name of
your State or Province?
[Unknown]: YS What is the two-letter country
code for this unit
[Unknown]: US Is CN=Your Name, OU=YourUnit, O=YourOrg,
L=YourCity, ST=YS, C=US correct? [no]: yes
(wait...)
Enter key password for tstkey (RETURN if same
as keystore password):
(press [enter])
Export key: keytool -export -alias tstkey -file tstcert.crt
Enter keystore password: ******* Certificate stored in file tstcert.crt
Create JAR: jar cvf tst.jar tst.class Add all classes used in your project by typing the classnames in the same line.
added manifest adding: tst.class(in = 849) (out= 536)(deflated 36%)
Verify JAR: jar tvf tst.jar
0 Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/ 68 Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/MANIFEST.MF 849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class
Sign JAR: jarsigner tst.jar tstkey Enter Passphrase for keystore: *******
Verifiy Signing: jarsigner -verify -verbose -certs tst.jar
130 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/MANIFEST.MF 183 Thu Jul
27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.SF 920 Thu Jul 27
13:04:12 GMT+02:00 2000 META-INF/TSTKEY.RSA 0 Thu Jul 27
12:58:28 GMT+02:00 2000 META-INF/ smk 849 Thu Jul 27
12:49:04 GMT+02:00 2000 tst.class
X.509, CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US (tstkey)
s = signature was verified m = entry is listed in manifest k = at least one certificate was found in keystore i = at least one certificate was found in identity scope jar verified.
> Create HTML-File for use of the applet by the Sun Plugin 1.3 (recommended to use HTML Converter Version 1.3)
Place a link to the .crt file (created in step 4) in the HTML-File. This .crt file has to be opened by the browser and has to be set to trusted, as the root CA for testing is not known to the browser. For use with "real" certificates, this step should not be necessary.
|
如果不增加applet的权限,applet无法与除本机以外的任何socket,懂否?
|
grant {
permission java.net.SocketPermission "152.168.4.90", "accept, connect, listen, resolve";
permission java.net.SocketPermission "196.168.1.132", "accept, connect, listen, resolve";
permission java.net.SocketPermission "196.168.1.32", "accept, connect, listen, resolve";
permission java.net.SocketPermission "196.168.1.131", "accept, connect, listen, resolve";
};
grant{
permission java.security.AllPermission;
};
把你的java.policy 文件里面添加上面几句,不过后面一个grant其实包含了前面一个的,不过后面一个最好不要加
permission java.net.SocketPermission "152.168.4.90", "accept, connect, listen, resolve";
permission java.net.SocketPermission "196.168.1.132", "accept, connect, listen, resolve";
permission java.net.SocketPermission "196.168.1.32", "accept, connect, listen, resolve";
permission java.net.SocketPermission "196.168.1.131", "accept, connect, listen, resolve";
};
grant{
permission java.security.AllPermission;
};
把你的java.policy 文件里面添加上面几句,不过后面一个grant其实包含了前面一个的,不过后面一个最好不要加
|
上面几句的IP是你需要连接服务器地址,如果很多,好像我记得可以用"*"代替任何IP,如果不行就用后面一句,也就是说加了
grant{
permission java.security.AllPermission;
};
在你的java.policy文件里面,applet就可以做任何事情了,包括删除文件,连接服务器等等,你试试看把
grant{
permission java.security.AllPermission;
};
在你的java.policy文件里面,applet就可以做任何事情了,包括删除文件,连接服务器等等,你试试看把
您可能感兴趣的文章:
本站(WWW.)旨在分享和传播互联网科技相关的资讯和技术,将尽最大努力为读者提供更好的信息聚合和浏览方式。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。