Recently, the company is using a Java SSH client (JTA http://javassh.org/space/start) as the client of a remote TELNET/SSH machine in a Web page. However, the use of JTA provided by the applet is always not telnet/ssh, but after downloading the source package, the direct use of the test page in the source package is accessible, and then looked at the information, Look at the JTA log found that because the JTA applet used socket to connect remote machines, and in the applet to use the socket is a security issue, the default is not allowed, for this problem is actually two solutions, The first is to modify each client's Java.policy file, add to the socket access allowed configuration, the other is to the applet's jar file digitally signed, so that the client does not need to make any changes, but in the browser to access the applet when prompted to choose to trust the signed applet can With a. Here's a description of two ways:
1. Modify the local policy file
The following two files in the local
{Java_home}/jre/lib/security/java.policy
{Jre_home}/jre/lib/security/java.policy
In which the grant section is added
Permission java.security.AllPermission;
Then restart the browser to access the applet again to access the remote machine.
2. Add a digital signature
1 Download the latest JTA package, this assumes the use of Jta26.jar
2) Run Keytool-genkey-keystore Jta26.store-alias Jta26
3) Run Keytool-export-keystore jta26.store-alias jta26-file Jta26.cert
4) Run Jarsigner-keystore jta26.store Jta26.jar jta26
5 and then restart the browser to access the applet again to access the remote machine
Resources:
Http://www-personal.umich.edu/~lsiden/tutorials/signed-applet/signed-applet.html