Signing Code and Granting It Permissions
Trail: Security Features in Java SE
Lesson: Signing Code and Granting It Permissions

This lesson shows how to use use keytool, jarsigner, Policy Tool and jar to place files into JAR (Java ARchive) files for subsequent signing by the jarsigner tool.

This lesson has two parts. First, you will create and deploy an application. Second; you will act as the recipient of a signed application.

Here are the steps to create and deploy an application:

Note:  For convenience, you pretend to be a user/developer named Susan Jones. You need to define Susan Jones when you generate the keys.

Here are the steps to grant permissions to an application

Note:  For convenience, you pretend to be a user named Ray.

For more information about digital signatures, certificates, keystores, and the tools, see the API and Tools Use for Secure Code and File Exchanges lesson.


Important: You need to perform the tasks in this lesson while working in the directory in which you store the sample application, but you should store the data file needed by the application in a different directory. All examples in this trail assume that you are working in the C:\Test directory, and that the data file is in the C:\TestData directory.

If you are working on a UNIX system, substitute your own directory names.

Here are the steps:

Previous page: Previous Lesson
Next page: Steps for the Code Signer