I distribute a signed applet to at least 100 users. Until recently,
as long as users agreed to the "confirm trusted applet", there was no
problem.
As of Java SE 6, the users are no longer prompted about the Trusted
Applet. The applet simply throws the following error:
java.security.AccessControlException: access denied
(java.awt.AWTPermission accessClipboard)
I tried configuring my java.policy file in order to tackle this
problem.
1. I can fix the problem by adding permissions to the default grant
declaration in my local java.policy file
2. Neither the signedBy or codeBase qualifiers seem to work in my
grant declarations
3. My users will not be very happy if they have to manually edit
this config file in order to use our application.
In the course of my searches, I found many effusive discussions by Sun
engineers about this architecture, but no practical approach on how to
proceed. Has anyone successfully deployed an applet that manages
these security restrictions or is Sun finally killing the Java applet?
-Jim
