This section covers the following topics:
To deploy RSA signed applets:
cache_archive_exformat. See Applet Caching.
When users of Java Plug-in encounter an RSA signed applet, the Plug-in will verify whether:
If the applet is correctly signed and the RSA certificate chain and root CA are valid, the Plug-in will pop-up a security dialog telling the user and providing four options:
AllPermissionpermission. Any applet signed with the same certificate will be trusted automatically in the future, and no security dialog will pop up when the certificate is encountered again. This option selection can be changed from the Java Control Panel.
AllPermissionpermission. Any applet signed with the same certificate will be trusted automatically within the same browser session.
Once the user selects the options from the security dialog, the applet will be run in the corresponding security context. Note that all options are selected on the fly; no preconfiguration is required.
The Java Control Panel provides a Certificates Panel for managing RSA signed applets. This panel contains a list of certificates that received "Grant always" permission when the Java Plug-in security dialog (pop-up) ran. Users can remove any certificate from the list, and if an applet signed by a removed certificates is encountered again, a security dialog pop-up will appear asking for permission. Users can also export and view certificates through the Java Control Panel.
RSA signed applets can be entirely disabled in Java Plug-in by
usePolicy permission in the policy
file. If the
usePolicy permission is among the
permissions granted to the given codesource (by the configured
security policy), user prompting will not take place, and only
permissions specified in the security policy will be granted to the
codesource. By default, RSA signed applets are enabled in the Java
Copyright © 1993, 2011, Oracle and/or its affiliates. All rights reserved.