If I develop a signed applet and embed it in several webpages, each visitor:
- Should I accept the same applet on every single webpage?
- Should accept it again if the user deletes the temporary internet files?
- Shoud accept it again if the user visits the same webpage with a different browser?
What about unsigned applets?
Thank you
The current Oracle JRE has an tick box option to always accept the certificate. This means that other applets [jars], or just different versions of the same applet, signed with the same certificate will also be always accepted. This is independent of site or cached files. Previously always trusted certificates can be removed in the Java Control Panel under the Security tab.
The current Apple JRE allows always accepting for an applet from the same site. It was recently announced that Apple will be contributing back to the Oracle OpenJDK.
For unsigned applets there is no certificate to accept. They are run without elevated privileges.