Documentation

Signing Code and Granting It Permissions
Steps for the Code Signer
Download and Try the Sample Application
Create a JAR File Containing the Class File
Generate Keys
Sign the JAR File
Export the Public Key Certificate
Steps for the Code Receiver
Observe the Restricted Application
Import the Certificate as a Trusted Certificate
Set Up a Policy File to Grant the Required Permission
Start Policy Tool
Specify the Keystore
Add a Policy Entry with a SignedBy Alias
Save the Policy File
See the Policy File Effects
Trail: Security Features in Java SE
Lesson: Signing Code and Granting It Permissions
« Previous • Trail • Next »

Steps for the Code Receiver

In this lesson, you will act as the receiver of the signed jar file containing the count.class file. It requests access to your system resources on your system that it normally would not have permission to access.

This procedure requires you to perform the following steps listed below.

  1. Observe the Restricted Application. This application will not be able to access your system resources until you import Susan's certificate and create a policy file.
  2. Import Susan's certificate as a trusted certificate using the keytool -import command, and give it the alias susan.
  3. Set up a policy file to grant permission for the count application signed by susan to read the specified file on your system.
  4. Test your reconfigured count application to verify that with a trusted certificate and access to your new policy file that grants it permission to read files on your system, count can now read your data file.
« PreviousTrailNext »
Previous page: Export the Public Key Certificate
Next page: Observe the Restricted Application