Im trying to communicate with the client's smartcard using javax.smartcardio. The applet is only for users within our Intranet. The applet workings fine, when i debug it within Eclipse.
When i open it in the browser (i tried IE9 and Chrome) with following html code:
<body>
<!-- ... -->
<script src="https://www.java.com/js/deployJava.js"></script>
<script>
var attributes = {
code:'test.TestClass', width:300, height:300, scriptable:true} ;
var parameters = {jnlp_href: 'TestJNLP.jnlp'} ;
deployJava.runApplet(attributes, parameters, '1.7');
</script>
<!-- ... -->
</body>
I get the following Exception: AccessControlException
The Java-Console only display this 3 lines: Missing Application-Name manifest attribute for: file:/C:/AppletTestSite/TestApplet.jar Missing Permissions manifest attribute in main jar: file:/C:/AppletTestSite/TestApplet.jar CacheEntry[file:/C:/AppletTestSite/TestApplet.jar]: updateAvailable=true,lastModified=Wed Jan 29 08:40:39 CET 2014,length=6684
Things i tried already:
-using doPrivileged:
public void init() {
try {
AccessController
.doPrivileged(new PrivilegedExceptionAction<Integer>() {
public Integer run() {
ReaderInit(); //<------
return null;
}
});
} catch (PrivilegedActionException e) {
// catch block
e.printStackTrace();
}
}
-Adding permission to the jnlp-file:
<security>
<all-permissions/>
</security>
-Adding following line to the manifest:
Permissions: all-permissions
-self-signed the jar-file with keytool&jarsigner
C:\Program Files\Java\jdk1.7.0_51\bin>jarsigner -verify C:\AppletTestSite\TestApplet.jar
jar verified.
-in the java control panel, set Security Level to Medium and add the site's URL to Exception Site List
Did i miss something or is it just not possible at all anymore(since the 1.7.0_51 update) to access the smartcard without a public trusted CA?
I want to avoit changing the policy file for every single user of the applet.
