xml-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Albert, Kevin" <kjalb...@software.rockwell.com>
Subject Signing Apache XML Projects' code
Date Tue, 10 Apr 2001 14:21:51 GMT
I have developed an applet using JDK 2 version 1.3, and have signed its jar using an RSA certificate
from Thawte that was purchased by my employer.
When this signed applet is loaded by the JDK 2 Plug-In, the user is given the option of granting
permissions to the applet by the Plug-In's security dialog.  This allows me to distribute
the applet without requiring end-users to configure a policy file for the applet.
This is all great, except that I am also using the Apache Xerces and Xalan jar files from
the applet.  These jars are loaded via the HTML object tag's archive parameter.  When Xerces
or Xalan has to go outside of the Plug-In's "sandbox", permission denied exceptions occur
because these jars are not signed.
I am wondering if the Apache XML Project has an RSA certificate that can be used to sign the
Xerces and Xalan jar files.  I would REALLY prefer not to require that all of my end-users
configure a policy file so the Xerces and Xalan jars can be trusted.
Thanks in advance,
Kevin Albert

View raw message