Windows中 Java都會自動使用的lib folder

只要將jar放到 C:\Windows\Sun\Java\Deployment\Lib\Trusted 裡，jre會自行取用而且只會load一次

Java Applet 需 Sign才能在client使用IO等安全性功能

這陣子在做Applet的東西才發現，Applet在client執行時，需要client簽核才可以使用IO等等資源，所以Applet寫好後打包成jar，這jar必須做成signed jar才行。

1.用jdk command產生憑証檔到keystore

keytool -genkey -alias [myKeyName]

2.用jdk command將打包好的jar 做成sign jar

jarsigner myJar.jar [myKeyName]


參造了原文文章：

Sign All Applet JAR files

Applets are back! And now applets can do more than ever before thanks to signed JAR files. By signing your JARs, you can get access to the filesystem and other resources that were previously off-limits, provided the user grants your applet those privileges. And signing JAR files is now very easy thanks to tools bundled with the JDK.

However, be certain to sign all JAR files used by your Java applet. If you sign the JAR file with your main applet class, your applet will launch. If it later uses classes from another JAR file, though, you can run into trouble. If the newly-loaded class tries a restricted operation and its JAR file isn't signed, your applet will fail at that point with a security exception. Rather than waiting for this and debugging it when it occurs, save yourself the trouble and sign all of your JAR files up front.

You can create your own certificate using tools provided by the JDK. keytool -genkey -alias mykey lets you create your own certificate. Be sure to specify an expiration date far in the future with -validity 1000. The default is only 6 months.

Sign your JAR files with jarsigner my.jar mykey (where my.jar is the name of the jar file to sign).

Deploy all of your JAR files to a folder on your web server, add an HTML page with the applet tag, and let the world enjoy your new applet with powerful permissions.

來自：http://frequal.com/java/SignAllAppletJars.html