Java 2 Network Security
We will show you two simple examples, and we will explain to you the main
concepts that are involved. However, we will not go through all the details,
because this will be done in other sections of the book.
1.4.1 An Example of Applet Security in Java 2
In 1.3.2, "Java as an Aid to Security" on page 8, we introduced an interesting
scenario, where the user on the client machine may wish to print something
from an applet, but does not want the security manager to allow anyone to do
that. On the contrary, the user might grant this right only to especially
trustworthy entities. So this is the sequence of the operations:
1. An applet packaged in a signed Java Archive (JAR) file is downloaded.
2. The Java Runtime Environment (JRE)
6
detects that it has come from a
trustworthy URL location and is signed with the private key of a particular
entity
7
.
3. The JRE then verifies that the entity that signed the JAR file is the entity
that owns the accompanying public key certificate and that the contents of
the JAR file have not been tampered with.
4. Finally, the JRE verifies that the entity that signed the JAR file has a
matching certificate in the keystore database. This ensures that the entity
is trustworthy.
1.4.1.1 The Java Code
Let's consider the following piece of code:
Figure 1. (Part 1 of 2). GetPrintJob.java Applet Source Code
6
In this book, Java 2 Runtime Environment, Standard Edition, V1.2 (J2RE) is often referred to as Java Runtime
Environment (JRE) 1.2.
7
In Java 2, signatures by multiple entities can be applied on the same JAR file.
import java.awt.*;
import java.awt.event.*;
import java.applet.*;
public class GetPrintJob extends Applet implements ActionListener
{
boolean p = true;
public GetPrintJob()
{
super();