17.8. More on Applets
Applets are a peculiar kind of program, as they are executed in the context of a web browser. This places some rather severe restrictions on what you can do in an applet to protect the environment in which it executes. Without these restrictions an applet would be a very direct means for someone to interfere with your system—in short, a virus delivery vehicle.
System security in Java programs is managed by a security manager. This is simply an object that provides methods for setting and checking security controls that determine what is and what is not allowed for a Java program. What an applet can and cannot do is determined by both the security manager that the browser running the applet has installed and the security policy that is in effect for the system.
Unless permitted explicitly by the security policy in effect, the main default limitations on an applet are:
An applet cannot have any access to files on the local computer.
An applet cannot invoke any other program on the local computer.
An applet cannot communicate with any computer other than the computer from which the HTML page containing the applet was downloaded.
Obviously there will be circumstances where these restrictions are too stringent. In this case you can set up a security policy that allows certain operations for specific trusted programs, applets, or sites by authorizing them explicitly in a policy file. A policy file is an ASCII text file that defines what is permitted for a particular ...
Get Ivor Horton's Beginning Java™ 2, JDK™ 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.