An applet is a program written in the Java programming language that can be induced in an HTML page, in the same way an image is included in a page. Applets are used to provide interactive features to web applications, which aren't native to HTML. Most of the time, Java applets security totally bans access to resources from a machine (hard disk, the registry, etc..) And network (applet can only communicate with its server origin.)
If you want to create an applet that exceeds these securities, it is required:
- To create a cryptographically signed applet
and
- That the user explicitly allows the applet to access the system
(This is a voluntary action by the user who cannot be exceeded.)
Once these two conditions are met, you can read / write to disk, launch programs (Runtime.getRuntime ec ("...")), download things (url connection) or use the eval ( ) command.
Intructions:
As usual create a .jar file.
Your encryption key will sign you in your applets.
Type: keytool-genkey-alias (your alias name)
and enter the necessary information. Remember the password you entered to protect this key.
You do need to generate your key once. Once your key, you can use it to sign all the applet you want.
(Note that your key can optionally have an expiration date.)
Note: On Windows, the key is placed in the user profile. (Documents and Settingsyourlogin.Keystore)
You must protect at all costs this keystore.
( someone could create malicious applets signed by you!)
Type: jarsigner -verbose monapplet.jar votreNomdAlias
Enter your Key password.
So now, your applet is signed.
Place your applet on the server (this is important), and test.
You will see a window for Security Warning that asks the user if he allows this applet.
Example:
.
===Note that==
