 |
Java开发网 |
|
注册 |
登录 |
帮助 |
搜索 |
排行榜 |
发帖统计
|
| 您没有登录 |
» Java开发网 » Java Security
 打印话题
寄给朋友
订阅主题
|
    
|
| 作者 | Oracle Form Server中的JavaBean引用,X509证书的分发问题? |
robinhoodx
 
发贴: 216 积分: 80 
|
 于 2003-11-19 11:30
    
需要在Oracle Forms Server 6i Application中调用JavaBean,所用的JavaBean采用PJC技术,如果JavaBean要访问客户本地资源,作为Applet,只能在sendbox中运行,如果要放开权限,就需要签名的JavaBean,就需要在客户端作如下操作(一个例子): cd \program files\oracle\jinitiator 1.1.7.18 cd bin javakey -c PJC true cd \downloadedJavaBeans\GetClientInfo\misc\ javakey -ic PJC PJC.x509 其中PJC.x509是分发到客户端的证书,在具体部署的时候,有没有什么办法,可以直接将服务器端生成的证书部署到各个客户端,不要这样麻烦的客户端配置,否则,还叫什么b/s?很头疼! |
| 作者 | Re:Oracle Form Server中的JavaBean引用,X509证书的分发问题? [Re:robinhoodx] |
feiggle
发贴: 70 积分: 20
|
于 2003-11-25 11:35
可以看看如下一文: http://61.144.28.248/d6i/bbs_armok01/bbs_content.jsp?bbsSerialNo=381182&bbsPageNo=1 |
| 作者 | Re:Oracle Form Server中的JavaBean引用,X509证书的分发问题? [Re:robinhoodx] |
|
feiggle
发贴: 70 积分: 20
|
于 2003-12-11 16:50
这一段看了看文档,对于这个问题,有解决的办法,有一些faq可能对大家的疑惑有点用途,希望对大家有所用,看来,大家研究oracle的不是很多,我也是客串,对于JInitiator 1.3 以上版本有用! COMMON QUESTIONS AND ANSWERS Some of the more common questions about JAR file signing for Forms are covered in this section. Can I use the Forms certificate to sign my own JAR files? No, the private key of the Forms certificate is not distributed. Can I re-sign the Forms JAR files with my own Certificate? You can re-sign all of the Forms JAR Files except f90all_jinit.jar, which is a specially compressed version of f90all.jar. You will have to re-apply your signing whenever you upgrade or patch Forms. Do I need to create a different signing identity for each of my JAR files? No, you can use a single identity to sign multiple JAR files. If my clients upgrade their JInitiator version, will they have to re-import my custom certificates? Yes. Each install of JInitiator has its own keystore. After an upgrade, the new version of JInitiator will prompt the user again to trust the self signing identity. Is there a way that I can embed my certificates into the installable version of JInitiator, before making it available to my clients for download? There is no in-built mechanism within JInitiator or the Java Plug-in to do this. However, it is possible to “wrap” the JInitiator installation executable inside another installer script that first installs JInitiator and then imports your certificates using the keytool –import command. Do I have to use a certificate from a Certificate Authority to sign my files? No. Using a certificate from a Certificate Authority will establish a chain of trust for your signed code, but it is not a requirement. Can a JAR file be signed with more than one certificate? No, a JAR can only be signed with a single certificate. Does the information in this document apply if I am using JInitiator 1.3 with Forms 6i? Yes. The information in this document is specific to the JInitiator version not the Forms version. SUMMARY The process of signing custom code in JAR files to allow access outside of the Java Applet “sandbox” is simple to carry out, with tools that are readily available. With the advent of JInitiator 1.3 the deployment of certificates for self signed JAR files becomes essentially automatic, requiring only a minimum of user interaction to achieve, opening the door to the deployment of systems with a much wider range of functionality at no additional deployment cost. |
|
|
已读帖子 新的帖子 被删除的帖子 |
|
 |
Powered by Jute Powerful Forum® Version Jute 1.5.6 Ent Copyright © 2002-2021 Cjsdn Team. All Righits Reserved. 闽ICP备05005120号-1 客服电话 18559299278 客服信箱 714923@qq.com 客服QQ 714923 |