Signed Java Applet access denied java.io.FilePermission read

Question

I created a java applet for e-signature . Applet runs normal and works perfectly while i am running on ide (intelliJ) . But when i deployed project to .jar file and tried to run on browser (firefox) i got some error saying that .jar is untrusted. Then i made some researches and signed my applet with jarsigner . I follewed these steps :

keytool -genkey -keyalg rsa -alias MyCert
keytool -certreq -alias MyCert
jarsigner C:\TestApplet.jar MyCert

also tried commands at oracle web site .link here

After i signed my applet error gone and i could run my applet. But when i try to sign a file i got an error saying that applet dont have permision to access cert store folder. Error is :

java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Users\ChooseClick.sertifikadeposu" "read")

Correct. After many security vulnerabilities were found, applets (even signed applets) are not given permission to the cert store folder. — Elliott Frisch
So do i have any thing to do. I can maybe install lower java version ? :( — salih baki sayer
Don't use applets. You could install a lower firefox version, but then it's vulnerable to exploit. — Elliott Frisch
if i dont use applet i cannot access to usb drive and certificate from browser and user cannot sign a file. — salih baki sayer
Sounds like you need a different architecture. Don't use applets. — Elliott Frisch

salih baki sayer salih baki sayer · Accepted Answer · 2016-01-17T02:14:17

I found the solution. To able to access files or any other restricted action at java , you must use prilivaged blocks :

    AccessController.doPrivileged(new PrivilegedAction() {
    public Object run() {
       //actions that need permission goes here

        return null;
    }
  });

you can use this block in any function.

Signed Java Applet access denied java.io.FilePermission read

1 Answers