Valerie Bradley
September 30th, 1999, 03:05 PM
To all,
OK, this is related to browsers, applets, and the ability to get out of the sandbox (or, the "litterbox" as a friend of mine calls it).
I have a Java application that uses JNI to interface to a native code DLL, and this DLL performs our network communication. (Reusing native DLL to save development time.) It works just fine.
Now, the project requirements state that the application must also run as an applet from a web browser. Fine, no problem.... until we added the JNI stuff. Now I get security exceptions left and right.
I've been reading up on several sites (including the Java Glossary at http://www.mindprod.com/gloss.html!) on how to work around the sandbox, and I'm pretty sure I understand what I need to do for both IE and Netscape: Signing the applet is enough for IE, but not for Netscape. The examples I've found so far use the Netscape Capabilities API to request permission to perform the "dangerous" operations like reading/writing to the local file system. If permission isn't granted, or if the applet never even asks for permission, then access is denied.
I'd prefer to avoid using any browser-specific code or proprietary classes, so I'm wondering if I can use the Java 2 Security package classes to gain the same kind of permissions that you get with the Netscape Capabilities API. My gut instinct is "no", since it's the browser's security model, not Java's, that is imposing the access restrictions. Am I right? (I hope I'm wrong!) :)
Thanks in advance for your input!!
- Valerie
Software Engineer
Intel Corporation
* All opinions are mine and not those of my employer.
OK, this is related to browsers, applets, and the ability to get out of the sandbox (or, the "litterbox" as a friend of mine calls it).
I have a Java application that uses JNI to interface to a native code DLL, and this DLL performs our network communication. (Reusing native DLL to save development time.) It works just fine.
Now, the project requirements state that the application must also run as an applet from a web browser. Fine, no problem.... until we added the JNI stuff. Now I get security exceptions left and right.
I've been reading up on several sites (including the Java Glossary at http://www.mindprod.com/gloss.html!) on how to work around the sandbox, and I'm pretty sure I understand what I need to do for both IE and Netscape: Signing the applet is enough for IE, but not for Netscape. The examples I've found so far use the Netscape Capabilities API to request permission to perform the "dangerous" operations like reading/writing to the local file system. If permission isn't granted, or if the applet never even asks for permission, then access is denied.
I'd prefer to avoid using any browser-specific code or proprietary classes, so I'm wondering if I can use the Java 2 Security package classes to gain the same kind of permissions that you get with the Netscape Capabilities API. My gut instinct is "no", since it's the browser's security model, not Java's, that is imposing the access restrictions. Am I right? (I hope I'm wrong!) :)
Thanks in advance for your input!!
- Valerie
Software Engineer
Intel Corporation
* All opinions are mine and not those of my employer.