2.4. Signed Applets

JDK 1.1 introduced the concept of signed applets. Recall that in the original sandbox model, all remote code—that is, all applets—are automatically untrusted and are restricted to running inside the sandbox. Such restrictions, although contributing to a safe computing environment, are too limiting. Within a LAN, for example, a company might deploy an applet that is used to maintain employee pension data. An employee who downloads and runs the applet to change the plan allocation would want the applet to automatically update his own accounting record stored in his own file directory.

To facilitate such features, JDK 1.1 added support for digital signatures so that an applet’s class files, after their development, could be ...

Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.