Trail: Security Features in Java SE
Lesson: Signing Code and Granting It Permissions
Section: Steps for the Code Receiver
Subsection: Set Up a Policy File to Grant the Required Permission

指定密钥库

For this lesson you will grant all code in JAR files signed by the alias susan read access to all files in the C:\TestData\ directory. You need to

Specify the keystore containing the certificate information aliased by susan
Create the policy entry granting the permission

The keystore is the one named exampleraystore created in the Import the Certificate as a Trusted Certificate step.

To specify the keystore, choose the Change Keystore command in the Edit menu of the main Policy Tool window. This brings up a dialog box in which you can specify the keystore URL and the keystore type.

To specify the keystore named exampleraystore in the Test directory on the C: drive, type the following file URL into the text box labeled New KeyStore URL

file:/C:/Test/exampleraystore

You can leave the text box labeled New KeyStore Type blank if the keystore type is the default one, as specified in the security properties file. Your keystore will be the default type, so leave the text box blank.

注意: The New KeyStore URL value is a URL and thus should always use slashes (never backslashes) as the directory separator.

When you are done specifying the keystore URL, choose OK. The text box labeled Keystore is now filled in with the URL.

Next, you need to specify the new policy entry.