Discuss this help topic in SecureBlackbox Forum
DC add-on: Embed Java applet to web page
The Java applet can be used to sign data remotely. Java applets are supported in different browsers and now, they are the most universal solution for browser based security related tasks. If Java applets are disabled in the browser, it is possible to launch the applet via Java Web Start as a standalone application (see Run Java applet when Java is disabled in browser topic for details).
With the Java applet, the user is able to use Windows system certificate storage, cryptographic tokens and smart cards (if they provide PKCS#11 drivers), as well as X.509 certificates stored in Java Key Storages (JKS) and PKCS#12 (PFX , P12) files to sign data, provided from the server, and return the signature back to the server.
There are 2 possible ways to use the Java applet in the browser:
The applet can be compiled with JDK 5 and later. Please note that if there is only JRE 5 available on the client computer, the applet will not use Windows system certificate storage, which is supported since JRE 6 only.
The applet can be embedded into a HTML page using the following code:
<applet archive="com.secureblackbox.dc.jar, com.secureblackbox.dc.applet.jar" code="com.secureblackbox.dc.applet.ElDCServerApplet" width=500 height=240> <param name="Data" value="base64-encoded xml request" /> <param name="DataURL" value="absolute or relative url" /> <param name="GoURL" value="absolute or relative url" /> <param name="SessionID" value="unique text" /> <param name="AllowWindowsStorage" value="false|true|no|yes" /> <param name="AllowFileStorage" value="false|true|no|yes" /> <param name="AllowTokenStorage" value="false|true|no|yes" /> <param name="Color" value="color value in form #RRGGBB" /> <param name="Token" value="token name" /> </applet>
Data- this parameter contains a signature request. This request is produced by TElDCAsyncState or TElDCAsyncStateCollection classes (as an XML document) and must be Base64-encoded before embedding into the web page. There are two parameters available to return signed data back to the server:
Additionally one of the below parameters must be included:
POST /<path from DataURL>?sessionid=unique-text HTTP/1.1 Host: <host name from DataURL> Content-Type: application/xml ...The Java applet expects status code 200 to be returned from the server. All other status codes are reported to the user as an error.