Signed applet - Any way to check if user will get the security popup?

Discussion in 'Java' started by john.burton@jbmail.com, Dec 7, 2006.

  1. Guest

    I don't want to bypass the security at all even if I could, I
    understand why it's there.

    But I have a little applet on a webpage used by a closed group of users
    which works if not signed but provides some additional features if it
    is signed.

    What I don't want though is for users to get the dialog box you get
    with a signed applet saying do you want to accept it... If the user has
    chosen "Always trust this publisher" then it doesn't ask and that's
    great but if not I'd rather it say nothing and run without additional
    privileges than ask the user.

    Is there any way I can supress the dialog and simply not run with
    priveleges in this case? Or any way I can detect from javascript or an
    unsigned applet if the user is likely to be asked?

    I can't think of a way to achieve this but thought I'd ask !
    , Dec 7, 2006
    #1
    1. Advertising

  2. wrote:
    > I don't want to bypass the security at all even if I could, I
    > understand why it's there.
    >
    > But I have a little applet on a webpage used by a closed group of users
    > which works if not signed but provides some additional features if it
    > is signed.
    >
    > What I don't want though is for users to get the dialog box you get
    > with a signed applet saying do you want to accept it... If the user has
    > chosen "Always trust this publisher" then it doesn't ask and that's
    > great but if not I'd rather it say nothing and run without additional
    > privileges than ask the user.
    >
    > Is there any way I can supress the dialog and simply not run with
    > priveleges in this case?


    Not as far as I understand. If an applet is signed,
    the user is asked if they will accept the signed code.

    >...Or any way I can detect from javascript or an
    > unsigned applet if the user is likely to be asked?


    They *will* be asked, unless they happen to have ticked
    an 'always trust this publisher' checkbox for an earlier
    applet signed with the same certificate.

    > I can't think of a way to achieve this but thought I'd ask !


    Using web-start, you can offer the choice to your
    end users (where it should be). Offer the applet as
    both no permissions and j2ee-application-client
    permissions, explaining the difference on the
    web-page, and everything should be sweet..

    Andrew T.
    Andrew Thompson, Dec 7, 2006
    #2
    1. Advertising

  3. Guest

    Andrew Thompson wrote:

    > wrote:
    > > I don't want to bypass the security at all even if I could, I
    > > understand why it's there.
    > >
    > > But I have a little applet on a webpage used by a closed group of users
    > > which works if not signed but provides some additional features if it
    > > is signed.
    > >
    > > What I don't want though is for users to get the dialog box you get
    > > with a signed applet saying do you want to accept it... If the user has
    > > chosen "Always trust this publisher" then it doesn't ask and that's
    > > great but if not I'd rather it say nothing and run without additional
    > > privileges than ask the user.
    > >
    > > Is there any way I can supress the dialog and simply not run with
    > > priveleges in this case?

    >
    > Not as far as I understand. If an applet is signed,
    > the user is asked if they will accept the signed code.
    >
    > >...Or any way I can detect from javascript or an
    > > unsigned applet if the user is likely to be asked?

    >
    > They *will* be asked, unless they happen to have ticked
    > an 'always trust this publisher' checkbox for an earlier
    > applet signed with the same certificate.
    >
    > > I can't think of a way to achieve this but thought I'd ask !

    >
    > Using web-start, you can offer the choice to your
    > end users (where it should be). Offer the applet as
    > both no permissions and j2ee-application-client
    > permissions, explaining the difference on the
    > web-page, and everything should be sweet..


    Pretty much as I thought but thanks for the reply.

    Webstart isn't really an option for this, the purpose of the applet is
    to provide a feature on a webpage that needs a bit of interactivity in
    addition to other web based information, it's just that for maximum
    utility it needs to check what's installed on the users machine
    already. I simply wanted to make that feature unavailable as having the
    permissions dialog pop up on a web page is very intrusive, and I'd
    rather have the users agree elsewhere to always accept the certificate
    - and just "gray out" the feature if they haven't already granted
    permission.
    , Dec 7, 2006
    #3
  4. wrote:
    > Andrew Thompson wrote:

    ....
    > > Using web-start,

    .....
    > Webstart isn't really an option for this, the purpose of the applet is
    > to provide a feature on a webpage that needs a bit of interactivity in
    > addition to other web based information,


    You're right there - many applets do not interact with
    the page itself, so that is not a problem, but JWS
    cannot handle the scenario you describe.

    Andrew T.
    Andrew Thompson, Dec 7, 2006
    #4
  5. Guest

    Andrew Thompson wrote:

    > wrote:
    > > Andrew Thompson wrote:

    > ...
    > > > Using web-start,

    > ....
    > > Webstart isn't really an option for this, the purpose of the applet is
    > > to provide a feature on a webpage that needs a bit of interactivity in
    > > addition to other web based information,

    >
    > You're right there - many applets do not interact with
    > the page itself, so that is not a problem, but JWS
    > cannot handle the scenario you describe.


    I suppose I *could* rewrite the whole thing as a webstart application
    though, not just the applet part. Hmm.
    , Dec 7, 2006
    #5
  6. wrote:
    > Andrew Thompson wrote:
    >
    > > wrote:
    > > > Andrew Thompson wrote:

    > > ...
    > > > > Using web-start,

    > > ....
    > > > Webstart isn't really an option for this, the purpose of the applet is
    > > > to provide a feature on a webpage that needs a bit of interactivity


    What sort of things are happening on the
    other parts of the page? I got the impression
    it might include other things which are hard
    to support in pure Java (such as Flash or
    modern video formats/codecs).

    > > > ...in addition to other web based information,


    ( Of course the web-start app. should have no more
    trouble accessing the web based info. than an applet. )

    Andrew T.
    Andrew Thompson, Dec 7, 2006
    #6
  7. Guest

    Andrew Thompson wrote:

    > wrote:
    > > Andrew Thompson wrote:
    > >
    > > > wrote:
    > > > > Andrew Thompson wrote:
    > > > ...
    > > > > > Using web-start,
    > > > ....
    > > > > Webstart isn't really an option for this, the purpose of the applet is
    > > > > to provide a feature on a webpage that needs a bit of interactivity

    >
    > What sort of things are happening on the
    > other parts of the page? I got the impression
    > it might include other things which are hard
    > to support in pure Java (such as Flash or
    > modern video formats/codecs).


    Ah it's nothing like that complicated and nothing very important!

    I have a website for my world of warcraft guild with forums, and
    several other database driven applications which are all somewhat
    independent. I've made a web page which integrates the information from
    each of those applications into a single summary for each resistered
    user. I'm working on an applet which does some graphical displays of
    screenshots and information in a nicer, more interactive format than is
    possible with straight html... I might well have used flash for it
    except that it costs quite a lot of money to get a flash development
    kit as far as I can tell and I program java for a living so it's an
    obvious choice for me.

    One of the other things I have is a list of links to downloadable
    addons to the game. It would be nice if the user's personal web page
    could inspect their computer and find out if they already have various
    addons installed and if so if they have the latest version. Obviously
    to do this I would need a signed applet to be able to access their
    disk. But it really needs to be an applet to integrate visually with
    the rest of the information on the page. Because it's a fairly closed
    user group I have no problem with using a self-signed certificate for
    this application and asking people to choose to always accept applets
    signed my myself. However if people don't do this, or if they choose
    not to they'll get a popup from the applet every time the page loads
    when it would be far better to simply not offer that facility.

    I suppose I could rethink the whole thing and have a link to a webstart
    application to check their addons, but it starts to get complicated
    then for what are in some cases relatively unsophisticated users. It
    would be much better to have a single page with an applet on from a
    usability point of view.
    , Dec 7, 2006
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. hocus
    Replies:
    0
    Views:
    386
    hocus
    Sep 9, 2003
  2. ts
    Replies:
    2
    Views:
    2,432
  3. Alexandre Brizard
    Replies:
    8
    Views:
    713
    Roedy Green
    Jan 18, 2006
  4. Alex Shinn

    mac ie popup of a popup security error

    Alex Shinn, Feb 19, 2004, in forum: Javascript
    Replies:
    1
    Views:
    96
    Alex Shinn
    Feb 19, 2004
  5. Jens Peter Hansen
    Replies:
    7
    Views:
    493
    Randy Webb
    Jun 19, 2004
Loading...

Share This Page