Recently, the company is using a Java SSH client (JTA http://javassh.org/space/start) as a Web page remote telnet/ssh Machine Client, but when using the JTA provided applet, always cannot Telnet/ssh, however, after downloading the source code package, you can directly use the test page in the source code package to access it. Later, I checked the information, after reading the JTA log, we found that the JTA applet uses Socket to connect to a remote machine. However, using socket in the applet may cause security problems. By default, it is not allowed, there are actually two solutions to this problem. The first one is to modify the Java of each client. policy file, add the configuration that is allowed to access the socket; the other is to digitally sign the JAR file of the applet, so that the client does not need to make any changes, you only need to trust the signed applet when prompted to access the applet through a browser. The following describes the two methods:
1. Modify the local policy file
The following two local files
{Java_home}/JRE/lib/security/Java. Policy
{Jre_home}/JRE/lib/security/Java. Policy
Add
Permission java. Security. allpermission;
Then restart the browser and access the applet again to access the remote machine.
2. Add a digital signature
1) download the latest JTA package. It is assumed that jta26.jar is used.
2) Run keytool-genkey-keystore jta26.store-alias jta26.
3) Run keytool-export-keystore jta26.store-alias jta26-file jta26.cert.
4) Run jarsigner-keystore jta26.store jta26.jar jta26.
5) Then restart the browser and access the applet again to access the remote machine.
References:
Http://www-personal.umich.edu /~ Lsiden/tutorials/signet-applet/signed-applet.html