< Zurück | Inhalt | Weiter >

17.2.5 Applets and security

Security is a complex topic for applets. When SwingTest is running as an applet, it is subject to the Java sandbox principle. The applet can only read and write files from its own codebase (the URL that contains the applet). Indeed, some care must be taken while programming to ensure that applet−safe APIs are used to access files. In general, you will need to work exclusively with URL objects, as direct access using files does not always work, even when using the applet’s codebase.


When you run the SwingTest example you will notice the following exceptions:


Failed to save image: java.security.AccessControlException: access denied (java.io.FilePermission image.jpg write)


java.security.AccessControlException: access denied (java.lang.RuntimePermission exitVM)


The first exception occurs because the applet cannot write the captured image onto the local file system, while the second exception occurs because applets cannot call System.exit to exit the JVM, but are rather under the control of the Java 2 plug−in.


Access permissions can be configured using the Java 2 security policy descriptors. A full discussion of Java 2 security is beyond the scope of this book. For more details refer to


http://java.sun.com/j2se/1.3/docs/guide/security/