Reputation: 1498
Change security permissions of third party JAR?
I am using a third party library in my applet, packaged in a JAR, that is requesting for full permissions on the user's computer and presenting a security certificate. I am not using it for any purpose that would require permissions. Is there any way to modify the JAR so it no longer requests such permissions when accessed? If I remove the security certificate from the JAR and re-compress it, will it function?
Upvotes: 0
Views: 919
Answers (1)
Reputation: 168825
There are a number of ways to strip the digital signatures.
- Use the Jar tool to extract the Jar, then make a new Jar of the classes & resources.
- Use Ant to do the same.
- Change the file extension to
.zipand open it in a Zip tool that will allow you to delete theMETA-INFdirectory. Then rename it back to.jar. Ugly hack, might have side effects.
If I remove the security certificate from the JAR and re-compress it, will it function?
There may be things it is doing that require trust but are not immediately apparent. If so, the Java Console should be helpful. On Oracle JREs, you can refuse the security prompt to check this, the code will be loaded sand-boxed. That won't work on an Iced Tea JRE, which will not load the applet at all if the user refuses the trust dialog.
Upvotes: 1
Related Questions
- Signed JAR being blocked by Java Security
- Signing .Jar file
- Java applet still getting security error after signing jar
- How can I set the publisher name in my signed jar file, using a self-signed certificate?
- sign jar file with ssl certificate .crt file used for https?
- changing manifest in netbeans (Trusted-Library=true attribute)
- How to use a provided keystore to sign a jar file
- Sign java applet without security pop-up
- Signed applet loads signed jar-files using URLClassLoader with security issue
- Permissions error for a signed Java applet when including external JAR files