The plug-in used in cFolders, which is also referred to as the “Easyedit” plug-in, is an applet that provides more convenient file handling than the usual HTML methods. The applet is located on some HTML pages and communicates via HTTP(S) with the cFolders server (SAP Web AS) and, optionally, with content servers. This means that in terms of server security, no additional network configuration is required to enable the applet, because it only uses the same HTTP(S) connections as the cFolders application. It is, however, important to understand that this plug-in is executed on the front end and that it requests extended authorizations from the user during runtime. In particular, it needs permission to read and write files to the local file system and permission to execute them.
To be able to do this, the applet has two versions: the first is digitally signed with the official SAP signature for the Microsoft Java Virtual Machine (JVM) and the second for use with the SUN plug-in JVM. With the intact official signature, SAP guarantees that the applet, as provided, has not been changed or modified in any way. To accept the applet‘s signature, the public key of the signature must be imported to the browser. Without this, the browser displays a security warning. To prevent this from being displayed in the future, activate the Always trust content from SAP AG indicator.