Advertisement Jump to content
Sign in to follow this  

[java] Applet security

This topic is 4917 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Ive read the sun documentation on this but its still confusing as can be for me to understand the proper sequence or procedure to make an applet inside a jar archive "trusted". I want to get my archive signed with a certificate so it can be trusted and be able to open a connection to a database. Ive seen this done by a prompt that asks the user if they would like to give an applet permissions and thuis be trusted but I dont know how I can get my archive to do that as well. Can someone tell me the sequence of steps I should go through to get my applet to do this? Any help and suggestions would be greatly appreciated.

Share this post

Link to post
Share on other sites
First of all, here are the links to the programs you need to use, so you can see the other command-line switches and what they do: keytool jarsigner

The first thing you need is a jar file with your applet inside. Then you can call this from the command line.
C:\Path-to-Jar-file>keytool -genkey -alias mykey -keystore .mykey

The alias "mykey" and keystore ".mykey" can be anything you want. You will be prompted for some information, and a password. Remember the password. If that works, then...

C:\Path-to-Jar-file>jarsigner -keystore .mykey -storepass password jarfilename.jar mykey

Notice that you need to pass the name of the keystore, and the alias goes at the end. You do not need to generate your own keystore, but I like to do that so it can be included with the project, and anyone call resign the jar if they have the password.

Hope that helps :)

Share this post

Link to post
Share on other sites
I would like to point out that it's not necessary for an Applet to be signed in order to be able to connect to a database.

However, the following things must all be true:
- You should bundle the JDBC driver
- The JDBC driver should be a type IV (all Java-based), or at least type III (Java-based frontend with some sort of middle tier). This rules out Type II drivers (which use native libraries client-side) and JDBC:ODBC.
- The server you're connecting to should, from the client's perspective, have the same hostname as the web server the applet itself is coming from. This means that if your applet is coming from, it must connect to However, if you have a load balancer or some other NAT device in front of, the database and web servers could still be on different machines.

That said, no sane online banking applet would use JDBC to connect to its backend:
- Some JDBC drivers cannot encrypt data etc, so the (JDBC) connection may not be secure
- You'd have to have a username/password in the applet which the user could reverse engineer then connect directly to the database themselves. Even if the user had very limited access, that might still be too much.


Share this post

Link to post
Share on other sites
Sign in to follow this  

  • Advertisement

Important Information

By using, you agree to our community Guidelines, Terms of Use, and Privacy Policy. is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!