Accessing smartcard keystore in an applet, through a js call
I am attempting to access the smartcard keystore, by an applet, through a js call.
I am searching for best pratices, and hopefully a guide, minding the security issues. What I can and cannot do in it? Just the use of doPrevileged is enough? What are the limitations that an applet has in those matters? Should use a JApplet or an Applet?I really do need some directions.
I just have one request: I don't want to make use of outside libraries.
Thanks
Addendum: as It seems, the sun documentation explains that:
Signed Appl开发者_运维问答ets
Signed applets do not have the security restrictions that are imposed on unsigned applets and can run outside the security sandbox.
Note:
JavaScript code is treated like unsigned code. When a signed applet is accessed from JavaScript code in an HTML page, the applet is executed within the security sandbox. This implies that the signed applet essentially behaves likes an unsigned applet.
But I have come to other applets that, although their methods are called in js, use JDialog so the user starts the action.
Smartcard is a wide term, you will be fine even with so called cryptocard (the difference is smartcard can host applications while cryptocard provides only fixed set of cryptography functions). There is a new serie (looks it will have only two part though) about this topic here: http://rostislav-matl.blogspot.com/2011/09/using-smart-card-as-keystore-in-java.html .
You'll probably find that finding not too expensive and multiplatform solution is not easy.
精彩评论