Re: A simple question

Gigi Ankeny (Gigi.Ankeny@Eng)
Thu, 4 Dec 1997 09:55:46 -0800 (PST)

Date: Thu, 4 Dec 1997 09:55:46 -0800 (PST)
From: Gigi Ankeny <Gigi.Ankeny@Eng>
Subject: Re: A simple question
To: java-security@web2.javasoft.com, berland@hugo.rz.fh-ulm.de

Christophe,

There are many ways to solve your problem depending on the complexity
of your particular application.

For example, if you are fully aware of the intended applet clients,
you can distribute a secret password to those clients and build a wrapper
Applet outside your real "applet". We can call this Decorator Applet.
this Decorator Applet will process Access Control and authenticate
a user before calling the core classes.

If distribution of a secret is not desired, you can try to store the
passwords in your server, using encryption of the authentication message
to protect password in the wire or using key Exchange to establish shared
secret.

Signing the Applet would allow a client to download your applet, but
does not restrict who can download.

Check out related web sites for further information on how to do access
control and different flavors of authentication mechanism. A good start is
trying to understand MIT's Kerberos.

Hope it helps,

Gigi Ankeny

> I'm very young in the java world and I read the usingJavakey.html page
> to learn about security. I don't know if I totally misunderstoo but i
> think that my problem is the opposit of what you explained.
> I have an applet on my server and I would like to allow only certain
> person to read this applet. Is it possible with a JAR archive that I
> have signed ? Can I sign it for many people ?
>
> I really need help to go forward.
> Many thanks in advance.
>
> Christophe
>
>