vj#: Lars,
The Applets I developed awhile back using Visual J++ 1.1 were signed
with a verisign Authenticode certificate to allow I/O operations. Now that I
have converted, successfully thanks to you, my applets into J# Browser
Controls. Can I use my verisign key to sign the J# Browser Controls so that
they can be placed back on a CD and run from there with I/O operations ?

Jay

Jay,

There is no need to digitally sign a J# Browser control. In Java applets
needed to be signed to have access out side of the Java "sandbox" since J#
Browser controls don't run in a Java VM, there is no more "Java sandbox".
J# Browser controls can only be run from the virtual directory of a web
server. If you need to run them from a CD or local hard drive directory
your best bet would be to implement a Windows Form Application instead. You
can use the JLCA (Java Language Conversion Assistant) to convert your Java
code to a C# Windows Application or you can manually modify your J# code.

I hope this is helpful,

Michael Green
Microsoft Developer Support


--------------------
| NNTP-Posting-Date: Wed, 18 Feb 2004 10:26:27 -0600
| From: "Jay Canale" <jccanale@bcn.net>
| Newsgroups: microsoft.public.dotnet.vjsharp
| Subject: Okay Lars--More Help
| Date: Wed, 18 Feb 2004 11:22:24 -0500
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| Message-ID: <1eWdnU3dcIqpD67dRVn-jw@bcn.net>
| Lines: 10
| NNTP-Posting-Host: 209.213.1.11
| X-Trace:
sv3-Z9cIjGUPxMZfJOMY6JP+WiyCp01JT1IwMAsndRnCP2E/wTKPtk4V8e2F5ajvWYf6KEnaNXKe
A/mnTCY!r6skNVXYYx1HtluRbc7Hyhl20ncE/ecxcDzFmNox9aBT7LNBJJBxqA9qatfDYvYeBfuH
p70=
| X-Complaints-To: abuse@bcn.net
| X-DMCA-Complaints-To: abuse@bcn.net
| X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
| X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your
complaint properly
| X-Postfilter: 1.1
| Path:
cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
.phx.gbl!newsfeed00.sul.t-online.de!newsfeed01.sul.t-online.de!t-online.de!n
ewspeer1-gui.server.ntli.net!ntli.net!newspeer1-win.server.ntli.net!news2.eu
ro.net!news.glorb.com!nx02.iad01.newshosting.com!newshosting.com!border1.nnt
p.ash.giganews.com!border2.nntp.sjc.giganews.com!border1.nntp.sjc.giganews.c
om!nntp.giganews.com!local1.nntp.sjc.giganews.com!nntp.bcn.net!news.bcn.net.
POSTED!not-for-mail
| Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.vjsharp:5463
| X-Tomcat-NG: microsoft.public.dotnet.vjsharp
|
| Lars,
| The Applets I developed awhile back using Visual J++ 1.1 were signed
| with a verisign Authenticode certificate to allow I/O operations. Now
that I
| have converted, successfully thanks to you, my applets into J# Browser
| Controls. Can I use my verisign key to sign the J# Browser Controls so
that
| they can be placed back on a CD and run from there with I/O operations ?
|
| Jay
|
|
|

Hi Jay,

I don't know any thing about signing. Never used it.

The Browser Controls are probably running in a single "surrogate" ActiveX
component (clsid:a399591c-0fd0-41f8-9d25-bd76f632415f). From this page:
http://msdn.microsoft.com/workshop/security/authcode/signing.asp

We see that ActiveX components are supported. But we probably don't have
access to the surrogate ActiveX component holding our Browser Controls.

--
Regards,
Lars-Inge Tønnessen
http://emailme.larsinge.com
http://www.larsinge.com

Hello Michael,

[quoted text, click to view]

What does this mean? "offline support (without requiring a Web server)"

http://msdn.microsoft.com/vjsharp/downloads/browsercontrolsbeta/
J# Browser Controls v1.1b adds functionality for scripting support
(interaction of J# Browser Controls with script functionality on a Web page)
and offline support (without requiring a Web server).

--
Regards,
Lars-Inge Tønnessen
http://emailme.larsinge.com
http://www.larsinge.com

Hi Lars-Inge,

The new beta is supposed to allow you to run J# Browser Controls without
placing them on a web server. I had not seen this information before so
that's why I said they needed to be run on a web server. If anyone is
interested in this ability, please download the beta and try it out. Keep
in mind that it is a beta and so it shouldn't be used for shipping products.

Thanks,

Michael Green
Microsoft Developer Support

--------------------
| Reply-To: "Lars-Inge Tønnessen" <http://emailme.larsinge.com>
| From: "Lars-Inge Tønnessen" <http://emailme.larsinge.com>
| References: <1eWdnU3dcIqpD67dRVn-jw@bcn.net>
<cqKsPrl9DHA.1988@cpmsftngxa07.phx.gbl>
| Subject: Re: Okay Lars--More Help
| Date: Wed, 18 Feb 2004 22:08:56 +0100
| Lines: 19
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| Message-ID: <#BJ0pNm9DHA.1936@TK2MSFTNGP12.phx.gbl>
| Newsgroups: microsoft.public.dotnet.vjsharp
| NNTP-Posting-Host: stud-016.vpn.uit.no 129.242.154.149
| Path:
cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
phx.gbl!TK2MSFTNGP12.phx.gbl
| Xref: cpmsftngxa07.phx.gbl microsoft.public.dotnet.vjsharp:5476
| X-Tomcat-NG: microsoft.public.dotnet.vjsharp
|
| Hello Michael,
|
| >J# Browser controls can only be run from the virtual directory of a web
| >server.
|
| What does this mean? "offline support (without requiring a Web server)"
|
| http://msdn.microsoft.com/vjsharp/downloads/browsercontrolsbeta/
| J# Browser Controls v1.1b adds functionality for scripting support
| (interaction of J# Browser Controls with script functionality on a Web
page)
| and offline support (without requiring a Web server).
|
| --
| Regards,
| Lars-Inge Tønnessen
| http://emailme.larsinge.com
| http://www.larsinge.com
|
|
|

Michael,
Currently the company I work for is working on a large java project for
the last two years. Now that my work is coming to an end we found out that
with future releases of Windows there will be no more MSJVM. I don't need to
tell you that my company is freaking out and I am under the gun to learn the
most I can about alternatives. We need the most simple solution that
doesn't involve trying to get more money out of the customer and doesn't
cost our company lots of money in trying to redo all the applets.

I tried to convert one of the Java applets over to a C# Application and let
me tell you there was a mess. Nothing worked and there was so many problems
with the 3rd party graphing tools we were using. So far I have been able to
convert an applet to a J# Browser Control with a incredible large amount of
help from Lars (thanks Lars). There are some problems, but they are
manageable ones. The big part of the project is that we are making an
electronic book that has hyperlinks embedded in the text to run Applets that
are part of each chapter. The J# Browser Controls help but I don't know if
you can do it with C#. Also, I was able to package the J# Browser Controls
onto a CD and run them from the CD with the new version having offline
support, but I cannot open up certain frames in the applets unless I set the
security using the "Adjust .NET Security" with the Microsoft .NET Framework
1.1 Wizards to Full Trust. Even with it set to Full Trust I still get
"Warning" messages on the window, dialogs and frames I use in the applets.
Until I can figure out more on this whole # business I will probably be
bugging you alot for help. My career is virtually dependant on it.

If J# Browser Controls don't have a "sandbox" then how does that stop
someone from writting malicious code on there websites?


Jay


----- Original Message -----
From: "Michael Green" <mikegreonline@microsoft.com>
Newsgroups: microsoft.public.dotnet.vjsharp
Sent: Wednesday, February 18, 2004 2:46 PM
Subject: RE: Okay Lars--More Help


[quoted text, click to view]

Jay,

I understand the situation you are in, we will do our best to help you out.

| I tried to convert one of the Java applets over to a C# Application and
let
| me tell you there was a mess. Nothing worked and there was so many
problems
| with the 3rd party graphing tools we were using.

Keep in mind that converting from a Java applet to a C# Windows Forms
application is a big leap. There aren't always one to one mappings between
JDK API and Windows Forms API. Migrating to C# will usually involve
modifying code.

| So far I have been able to convert an applet to a J# Browser Control with
a incredible large amount of
| help from Lars (thanks Lars). There are some problems, but they are
manageable ones. The big part
| of the project is that we are making an electronic book that has
hyperlinks embedded in the text to run
| Applets that are part of each chapter. The J# Browser Controls help but I
don't know if you can do it with
| C#.

The J# libraries you use to implement J# Browser controls are .Net Runtime
assemblies so you can use them from C#, although if you are comfortable
writing in Java, it's probably easier to just stick with J#.

| Also, I was able to package the J# Browser Controls onto a CD and run
them from the CD with the new
| version having offline support, but I cannot open up certain frames in
the applets unless I set the security
|using the "Adjust .NET Security" with the Microsoft .NET Framework 1.1
Wizards to Full Trust. Even with it
| set to Full Trust I still get "Warning" messages on the window, dialogs
and frames I use in the applets.

You'll need to be a bit more specific here. What code group(s) are you
giving Full Trust to? What do these frames contain? What kind of code is
running in them?

| Until I can figure out more on this whole # business I will probably be
| bugging you alot for help. My career is virtually dependant on it.

We're here and will be happy to help out as best we can.

| If J# Browser Controls don't have a "sandbox" then how does that stop
| someone from writting malicious code on there websites?

.Net Security handles that for us. It's much too big of a topic to handle
here but let me give you a quick summary. Code in .Net is given certain
permissions based on it's evidence. A piece of code's evidence contains
information like where the code was downloaded from. The way the security
policy is set up is there are a series of "Code Groups" each Code Group has
a "Membership Condition" and a "Permission Set". The Membership Condition
determines whether a piece of code belongs to a particular Code Group. If
so it's granted the Permission Set associated with that Code Group. This is
an oversimplification as there are 3 different levels Code Groups can be
defined on, but to get the gist of .Net security I'm skipping over them for
now. By default code downloaded from the internet is not given FullTrust,
in fact it's given very few permissions at all, and in that way the code is
not allowed to do anything nasty. This is all covered in the MSDN
Documentation for .Net ,but there is a book that does an excellent job at
describing how this all works. It's called ".Net Framework Security" and
it's ISBN is 0-672-32184-X. Take a look at the MSDN docs, this book, or
both, and if you have any questions feel free to post them here and we'll
do our best to explain things.

I hope this is helpful,

Michael Green
Microsoft Developer Support