Creating Signed, Persistent Java Applets
by Paul Brigner

Listing One
import java.awt.*;
import java.applet.*;
import java.io.*;

public class MyApplet extends Applet implements 
java.awt.event.ActionListener
{
    java.awt.Button button1;
    java.awt.TextArea textArea1;
    public void init()
    {
        setLayout(null);
        setSize(300,250);
        button1 = new java.awt.Button("Save");
        button1.setBounds(100,175,100,30);
        add(button1);
        textArea1 = new java.awt.TextArea();
        textArea1.setBounds(10,10,280,145);
        add(textArea1);
        textArea1.setText("What you type here will be written to\n" +
                          "c:\\output.txt when you press the button.");
        button1.addActionListener(this);
    }
    public void actionPerformed(java.awt.event.ActionEvent event)
    {
        Object object = event.getSource();
        if (object == button1)
        {
            try {
              try {
                if (Class.forName("com.ms.security.PolicyEngine")
                  != null) {
                     com.ms.security.PolicyEngine.assertPermission(
                                  com.ms.security.PermissionID.FILEIO);
                  }
              } catch (Throwable e) {}
              try {
                if (Class.forName("netscape.security.PrivilegeManager")
                 != null) {
                    netscape.security.PrivilegeManager.enablePrivilege(
                                  "UniversalFileWrite");
                }
              } catch (Throwable e) {}
              FileWriter f = new FileWriter("c:\\output.txt");
              f.write(textArea1.getText());
              f.close();
            } catch (Throwable e) {}
        }
    }
}

Listing Two
REM MakeCAB.bat

SET SDK_BIN=d:\SDK-Java.31\bin\PackSign
SET PATH_SAVE=%PATH%
SET PATH=%PATH%;%SDK_BIN%
SET FRIENDLY_NAME="MyApplet"
SET NAMESPACE="MyNameSpace"
SET VERSION="1,0,0,5"
SET CABFILE=MyApplet.cab
SET PINI=MyApplet.ini
SET CERT_FILE="a:\keys\brigner-msie.spc"
SET KEY_FILE="a:\keys\brigner-msie.pvk"
SET TIME_URL="http://timestamp.verisign.com/scripts/timstamp.dll"

pause "Copy your classes into the package or default directory"

REM build the archive
dubuild %CABFILE% . /I *.class /D %FRIENDLY_NAME% /N %NAMESPACE% /V %VERSION%

REM sign the archive
SET ARGS=-j JavaSign.dll
SET ARGS=%ARGS% -jp %PINI%
SET ARGS=%ARGS% -spc %CERT_FILE%
SET ARGS=%ARGS% -v %KEY_FILE%
SET ARGS=%ARGS% -n %FRIENDLY_NAME%
SET ARGS=%ARGS% %CABFILE%
signcode %ARGS%

REM timestamp the archive
signcode -x -t %TIME_URL%  -tr 5 %CABFILE%

REM drop the environment variables
SET ARGS=
SET PATH=%PATH_SAVE%
SET PATH_SAVE=
SET FRIENDLY_NAME=
SET NAMESPACE=
SET VERSION=
SET CABFILE=
SET CERT_FILE=
SET KEY_FILE=
SET TIME_URL=
SET SDK_BIN=
SET PINI=

pause "Finished!"

Listing Three
[com.ms.security.permissions.FileIOPermission]
Version=2
IncludeRead=
ExcludeRead=
IncludeWrite=c:\output.txt
ExcludeWrite=
IncludeDelete=
ExcludeDelete=
ReadFileURLCodebase=true

[com.ms.security.permissions.NetIOPermission]
Version=2
IncludeConnectIPs=
ExcludeConnectIPs=
IncludeBindIPs=
ExcludeBindIPs=
IncludeMulticastIPs=
ExcludeMulticastIPs=
IncludeConnectHosts=
ExcludeConnectHosts=
IncludeBindHosts=
ExcludeBindHosts=
IncludeMulticastHosts=
ExcludeMulticastHosts=
IncludeConnectGlobalPorts=
ExcludeConnectGlobalPorts=
IncludeBindGlobalPorts=
ExcludeBindGlobalPorts=
ConnectToFileURLCodebase=false
ConnectToNonFileURLCodebase=true

[com.ms.security.permissions.UIPermission]
Version=2
ClipboardAccess=false
TopLevelWindows=true
NoWarningBanners=false
FileDialogs=false
EventQueueAccess=false

[com.ms.security.permissions.PropertyPermission]
Version=2
Unrestricted=false
AllowedSuffixes=applet
IncludedProperties=
ExcludedProperties=

[com.ms.security.permissions.ReflectionPermission]
Version=2
PublicSame=true
PublicDifferent=true
PublicSystem=true
DeclaredSame=true
DeclaredDifferent=false
DeclaredSystem=false

[com.ms.security.permissions.ThreadPermission]
Version=2
AllThreadGroups=false
AllThreads=false

Listing Four
<html>
<head>
<title>MyApplet</title>
</head>

<body>
<p><script LANGUAGE="JavaScript1.2">
<!--   Hide from other browsers
    if (navigator.appName == "Netscape") {
        ref = location.href.substring (0,
                    location.href.lastIndexOf("/") + 1)
      trigger = netscape.softupdate.Trigger
      version_no = new netscape.softupdate.VersionInfo(1,0,0,0)
    if (version_no.compareTo(
          trigger.GetVersionInfo("java/download/MyApplet")) > 0)  {
            location = ref + "MyAppletInstall.html"
    }
    }
// Stop hiding from other browsers -->
</script> 
<p align="center">
<applet code="MyApplet.class" width="300" height="250">
  <param name="namespace" value="MyNameSpace">
  <param name="useslibrary" value="MyApplet">
  <param name="useslibrarycodebase" value="MyApplet.cab">
  <param name="useslibraryversion" value="1,0,0,0">
</applet>
</body>
</html>

Listing Five
REM MakeJAR.bat

SET SDK_BIN=d:\Netscape\bin
SET PATH_SAVE=%PATH%
SET PATH=%PATH%;%SDK_BIN%
SET CERT_DIR="D:\nsprofile\paulb"
SET CERT="Paul Brigner's VeriSign Trust Network ID"
SET INNER_JAR=MyApplet.jar
SET OUTER_JAR=MyAppletInstall.jar
SET INNER_DIR=inner
SET OUTER_DIR=outer
SET INSTALL_SCRIPT=install.js

pause "Copy your class files into the 'INNER' directory."

REM sign and build the inner jar
signtool -d %CERT_DIR% -k %CERT% -Z %INNER_JAR% %INNER_DIR%

REM move the fresh inner JAR into the outer directory
del %OUTER_DIR%\%INNER_JAR%
move %INNER_JAR% %OUTER_DIR%

REM open notepad here to increment the version info number
pause "Check your version info."
notepad %OUTER_DIR%\%INSTALL_SCRIPT%

REM build and sign the outer jar. Specify the install script!
SET ARGS=-d %CERT_DIR%
SET ARGS=%ARGS% -k %CERT%
SET ARGS=%ARGS% -Z %OUTER_JAR%
SET ARGS=%ARGS% -i %INSTALL_SCRIPT%
SET ARGS=%ARGS% %OUTER_DIR%
Signtool %ARGS%

SET ARGS=
SET PATH=%PATH_SAVE%
SET PATH_SAVE=
SET CERT_DIR=
SET CERT=
SET INNER_JAR=
SET OUTER_JAR=
SET INNER_DIR=
SET OUTER_DIR=
SET INSTALL_SCRIPT=
pause "Finished!"


Listing Six
//Install.js
// Make sure Java is enabled before doing anything else.
if ( navigator.javaEnabled() ) {
   // Create a version object and a software update object
   vi = new netscape.softupdate.VersionInfo(1, 0, 0, 0);
   su = new netscape.softupdate.SoftwareUpdate(this, "MyApplet");
   // Start the install process
   err = su.StartInstall("java/download/MyApplet", vi, 
      netscape.softupdate.SoftwareUpdate.LIMITED_INSTALL);
   if (err == 0) {
      // Find the Java download directory on the user's machine
      JavaFolder = su.GetFolder("Java Download");
      // Install the JAR archive. Unpack it and list where it goes
      err = su.AddSubcomponent("MyApplet", vi, "MyApplet.jar",
         JavaFolder, "", this.force);
   }
   // Unless there was a problem, move JAR archive to final location 
   // and update the Client Version Registry
   if (err != 0)
      su.AbortInstall();
   else {
      su.FinalizeInstall();
      alert("Restart your browser and return to this page.");
   }
}




6


