Comments
By Roger Strukhoff
Richard Davies wrote: The UK has a good crop of technology pioneers in cloud computing - for example ElasticHosts, FlexiScale, Flexiant, OnApp - and also some strong government initiatives such as G-Cloud. We will have to see whether this kind of technical leadership converts into swift mass-market adoption or not.
Jan. 8, 2012 11:38 AM EST
Cloud Computing
Conference & Expo
November 2-4, 2009 NYC
Register Today and SAVE !..
Did you read today's front page stories & breaking news?
SYS-CON.TV: How Do You Minimize Unpleasant Surprises in Your Java Code? Guest Nigel Cheshire
SYS-CON.TV
SYS-CON.TV Webcasts
Jackbe: The Big A(architecture in AJAX)
Instantiations: Eclipse Rich Internet Platform with Taylor and Milinkovich
Yahoo!: Applying AJAX to Speed User's Journey
Enerjy Webcast: Java Code Quality Management
App Server Shoot-out: Microsoft, IBM, JBoss, Sun, BEA, and Oracle
Today's Top SOA Links


General Java
Stepping Out of the Sandbox
How a Java applet gets access to client resources

By: Maha Sengottiyan
Dec. 8, 2008 06:30 PM

An applet, a Java program that runs in a browser, often has to access the client resources. However, the security manager prevents an applet from accessing client resources. To access client resources, the applet has to have the proper permission. With this permission the applet can then access the client system resources by way of the security manager. This phenomenon is called stepping out of the sandbox. The sandbox is the security manager.

To achieve this phenomenon the applet needs to be signed and the client user has to grant the applet permission. Signing the applet ensures that the bytecode isn't tampered with, and the client user can be assured that the contents of the applet are coming from a trusted source as stated by the certificate.

Microsoft Internet Explorer and Netscape no longer support their own JVMs, the ones they use to ship with their browsers. This makes life easier because now we don't have to maintain two different code-signing certificates and two different ways of signing the cab files and .jar files. This used to be the case when you wanted your applet to run in both Netscape and IE.

Applet: What, Where, and How
Applets run using a Java Virtual Machine (JVM) either built into the browser or by a Java plug-in. Applets are written in a special way by extending the base applet class in the Java SDK. The applets run in the sandbox of the JVM, i.e, the applets are restricted by the JVM's security manager in terms of what they can and cannot do when running in the client system. This restriction is maintained because applets are remotely downloaded programs that run in the browser.

Applets are normally used in situations where you'd like to have your application run as an applet rather than a traditional HTML-based application. The applet enables access to client file system resources in the client system. This is when the applet has to step out of the sandbox.

To use an applet in your application you have to do two things: write your applet in Java code and have a JavaServer Pages (JSP) page where you invoke the applet. To simplify JSP development, the JSP spec has a <jsp:plugin... directive that executes the applet. This methodology isolates the developer from browser-specific HTML tags to execute an applet.

See Listings 1 and 2 for a sample applet and a sample JSP, respectively. Figure 1 shows how an applet looks in a browser.

Published Dec. 8, 2008— Reads 9,037
Copyright © 2008 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
About Maha Sengottiyan
Maha Sengottiyan is a manager of software engineering for TriZetto. He has been working with Java technology for the last 8 years. Maha holds an MS in computer science and engineering and has the following certifications: PMP (Project Management Professional), SCEA (Sun Certified Enterprise Architect), SCBCD, SCWCD, SCJP and Microsoft Certified Professional (MCP).

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021
SYS-CON Featured Whitepapers
Most Read This Week
By Jeremy Geelan
By Bob Hockman
By Brian McCallion
By Steven Yaskin
By Jeremy Geelan
By Jeremy Geelan
By Udayan Banerjee
By Jeremy Hess
By Udayan Banerjee
By Maureen O'Gara
By Liz McMillan
By Hollis Tibbetts
ADS BY GOOGLE