Documentation

The Java™ Tutorials
Signing Code and Granting It Permissions
Steps for the Code Signer
Download and Try the Sample Application
Create a JAR File Containing the Class File
Generate Keys
Sign the JAR File
Export the Public Key Certificate
Steps for the Code Receiver
Observe the Restricted Application
Import the Certificate as a Trusted Certificate
Set Up a Policy File to Grant the Required Permission
Start Policy Tool
Specify the Keystore
Add a Policy Entry with a SignedBy Alias
Save the Policy File
See the Policy File Effects
Trail: Security Features in Java SE
Lesson: Signing Code and Granting It Permissions
Section: Steps for the Code Receiver
« Previous • Trail • Next »

Set Up a Policy File to Grant the Required Permission

Next, you will use the Policy Tool to create a policy file named exampleraypolicy and in it grant a permission to code from a signed JAR file.

The JAR file must have been signed using the private key corresponding to the public key imported into Ray's keystore (exampleraystore) in the previous step. The certificate containing the public key is aliased by susan in the keystore. We will grant such code permission to read any file in the C:\TestData\ directory.

The steps are:

  1. Start Policy Tool
  2. Specify the Keystore
  3. Add a Policy Entry with a SignedBy Alias
  4. Save the Policy File
« PreviousTrailNext »
Previous page: Import the Certificate as a Trusted Certificate
Next page: Start Policy Tool