CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 3 of 3
  1. September 30th, 1999, 03:05 PM #1
    Valerie Bradley
    Valerie Bradley is offline Member
    Join Date
    Apr 1999
    Location
    Portland, OR, USA
    Posts
    29

    Java 2 Security classes vs. Netscape Capabilities API

    To all,

    OK, this is related to browsers, applets, and the ability to get out of the sandbox (or, the "litterbox" as a friend of mine calls it).

    I have a Java application that uses JNI to interface to a native code DLL, and this DLL performs our network communication. (Reusing native DLL to save development time.) It works just fine.

    Now, the project requirements state that the application must also run as an applet from a web browser. Fine, no problem.... until we added the JNI stuff. Now I get security exceptions left and right.

    I've been reading up on several sites (including the Java Glossary at http://www.mindprod.com/gloss.html!) on how to work around the sandbox, and I'm pretty sure I understand what I need to do for both IE and Netscape: Signing the applet is enough for IE, but not for Netscape. The examples I've found so far use the Netscape Capabilities API to request permission to perform the "dangerous" operations like reading/writing to the local file system. If permission isn't granted, or if the applet never even asks for permission, then access is denied.

    I'd prefer to avoid using any browser-specific code or proprietary classes, so I'm wondering if I can use the Java 2 Security package classes to gain the same kind of permissions that you get with the Netscape Capabilities API. My gut instinct is "no", since it's the browser's security model, not Java's, that is imposing the access restrictions. Am I right? (I hope I'm wrong!)

    Thanks in advance for your input!!


    - Valerie
    Software Engineer
    Intel Corporation

    * All opinions are mine and not those of my employer.
    Reply With Quote Reply With Quote
  2. October 1st, 1999, 01:41 PM #2
    Guest

    Re: Java 2 Security classes vs. Netscape Capabilities API

    Valerie,

    What I do is create Netscape specific classes to wrap the things that require permissions and make the Netscape specific security calls. Then I do some browser detection and load the classes with Class.forName calls only when using a Netscape browser. I do all the work in the Netscape constructors so that, IE doesn't have a fit when it sees byte code that references the Netscape Capabilities API.

    Gerry Rempel
    Coastal Spirit Software Inc

    Reply With Quote Reply With Quote
  3. December 4th, 2000, 03:47 PM #3
    klug
    klug is offline Member
    Join Date
    Oct 2000
    Location
    Russia
    Posts
    58

    Re: Java 2 Security classes vs. Netscape Capabilities API

    Help me please.

    How can I call native methods in Applet.
    (or how can I configure my security manager to allow loadLibrary(…) call)
    system WindowsNT 4.0 sp6.

    Or I can’t do that in any case?

    Thank you in advance, Alex.
    [email protected]

    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules




Click Here to Expand Forum to Full Width

Featured