YOUR FEEDBACK
vandawaa the crow wrote: This is a great article,I've been search for GPS using J2ME article like this fo...
Dec. 15, 2008 12:43 PM
Did you read today's front page stories & breaking news?
SYS-CON.TV: The Missing Link in SOA Projects. Guest Gartner Analyst Roy Schulte


2008 East
DIAMOND SPONSOR:
Data Direct
Frontiers in Data Access: The Coming Wave in Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
Intel
Virtualization – Path to Predictive Enterprise
Green Hills
IT Security in a Hostile World
JBoss / freedom oss
Practical SOA Approach
GOLD SPONSORS:
Software AG
The Art & Science of SOA: How Governance Enables Adoption
PlateSpin
Effective Planning for Virtual Infrastructure Growth
Fujitsu
Automated Business Process Discovery & Virtualization Service
Ceedo
Workspace Virtualization
Click For 2007 West
Event Webcasts

2008 East
PLATINUM SPONSORS:
Appcelerator
Think Fast: Accelerate AJAX Development with Appcelerator
GOLD SPONSORS:
DreamFace Interactive
The Ultimate Framework for Creating Personalized Web 2.0 Mashups
ICEsoft
AJAX and Social Computing for the Enterprise
Kaazing
Enterprise Comet: Real–Time, Real–Time, or Real–Time Web 2.0?
Nexaweb
Now Playing: Desktop Apps in the Browser!
Sun
jMaki as an AJAX Mashup Framework
POWER PANELS:
The Business Value
of RIAs
What Lies Beyond AJAX?
KEYNOTES:
Douglas Crockford
Can We Fix the Web?
Anthony Franco
2008: The Year of the RIA
Click For 2007 Event Webcasts
SYS-CON.TV
TOP THREE LINKS YOU MUST CLICK ON


General Java
Stepping Out of the Sandbox
How a Java applet gets access to client resources

By: Maha Sengottiyan
Dec. 8, 2008 06:30 PM

An applet, a Java program that runs in a browser, often has to access the client resources. However, the security manager prevents an applet from accessing client resources. To access client resources, the applet has to have the proper permission. With this permission the applet can then access the client system resources by way of the security manager. This phenomenon is called stepping out of the sandbox. The sandbox is the security manager.

To achieve this phenomenon the applet needs to be signed and the client user has to grant the applet permission. Signing the applet ensures that the bytecode isn't tampered with, and the client user can be assured that the contents of the applet are coming from a trusted source as stated by the certificate.

Microsoft Internet Explorer and Netscape no longer support their own JVMs, the ones they use to ship with their browsers. This makes life easier because now we don't have to maintain two different code-signing certificates and two different ways of signing the cab files and .jar files. This used to be the case when you wanted your applet to run in both Netscape and IE.

Applet: What, Where, and How
Applets run using a Java Virtual Machine (JVM) either built into the browser or by a Java plug-in. Applets are written in a special way by extending the base applet class in the Java SDK. The applets run in the sandbox of the JVM, i.e, the applets are restricted by the JVM's security manager in terms of what they can and cannot do when running in the client system. This restriction is maintained because applets are remotely downloaded programs that run in the browser.

Applets are normally used in situations where you'd like to have your application run as an applet rather than a traditional HTML-based application. The applet enables access to client file system resources in the client system. This is when the applet has to step out of the sandbox.

To use an applet in your application you have to do two things: write your applet in Java code and have a JavaServer Pages (JSP) page where you invoke the applet. To simplify JSP development, the JSP spec has a <jsp:plugin... directive that executes the applet. This methodology isolates the developer from browser-specific HTML tags to execute an applet.

See Listings 1 and 2 for a sample applet and a sample JSP, respectively. Figure 1 shows how an applet looks in a browser.

Published Dec. 8, 2008— Reads 2,068
Copyright © 2008 SYS-CON Media. All Rights Reserved.
About Maha Sengottiyan
Maha Sengottiyan is a manager of software engineering for TriZetto. He has been working with Java technology for the last 8 years. Maha holds an MS in computer science and engineering and has the following certifications: PMP (Project Management Professional), SCEA (Sun Certified Enterprise Architect), SCBCD, SCWCD, SCJP and Microsoft Certified Professional (MCP).

LATEST JAVA STORIES & POSTS
By Java News Desk
JetBrains has announced the beta version of their new product – Meta Programming System, or MPS. Meta Programming System, a new concept in the software development environment, implements the Language Oriented Programming paradigm. After several years of research and developmen...
By Maureen O'Gara
As HP chows down on EDS and digests it, EDS CEO Ron Rittenmeyer said he's had enough and is going to bail at the end of the year. Originally EDS was supposed to be a free-standing HP subsidiary with Rittenmeyer reporting to HP CEO Mark Hurd. Now it's going to be absorbed by Ann L...
By Maureen O'Gara
Red Hat is on its way to supporting Google Web Toolkit (GWT) as part of its JBoss Enterprise Application Platform subscription. GWT is the open source project that helps Java developers build AJAX web applications for any browser, something traditional UI technologies for Java EE...
By Kevin Irwin; Matt Walker
Parallel programming in Java is becoming easier with tools such as the fork/join framework, Pervasive DataRush, Terracotta, and Hadoop. This article gives a high-level description of each approach, pointing you in the right direction to begin writing parallel applications of your...
By Maureen O'Gara
It appears that Sun is killing off its Sun Grid proto-cloud, the almost four-year-old Solaris 10-based utility computing platform offering grid compute time by the hour, only to replace it with some other form of cloud. Exactly what remains cloudy. The struggling company has a ne...
By Eclipse News Desk
Genuitec has announced the production release of MyEclipse Enterprise Workbench 7.0. The new release, built upon Eclipse 3.4.1/Ganymede, delivers a comprehensive environment for AJAX and Web Services in the Eclipse space. In addition, MyEclipse 7.0 is delivered on top of the Puls...
SUBSCRIBE TO THE WORLD'S MOST POWERFUL NEWSLETTERS
SUBSCRIBE TO OUR RSS FEEDS & GET YOUR SYS-CON NEWS LIVE!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021
Click Here

SYS-CON FEATURED WHITEPAPERS

MOST READ THIS WEEK
By Maureen O'Gara
By Maha Sengottiyan
By Maureen O'Gara
By Joe Winchester
By Maureen O'Gara
By Maureen O'Gara
By Ross Mason
By Maureen O'Gara
By Graciela Tiscareño-Sato
By Java News Desk
By Dmitry Sotnikov
By Maureen O'Gara
SPONSORED BY INFRAGISTICS
In every field of design one of the first things students do is learn from the work of others. They ...
Oct. 7, 2008 11:15 PM
There are many forces that influence technological evolution. After a decade of building enterprise ...
Jun. 30, 2008 03:45 PM
2008 is going to be an important year for Rich Internet Applications. Most organizations are deliver...
Jun. 20, 2008 12:45 PM
The OpenAjax Alliance is developing an Ajax industry wishlist for future browsers, using a dedicated...
Jun. 18, 2008 07:45 PM
Infragistics announced the availability of two Community Technology Preview (CTP) User Interface (UI...
Jun. 4, 2008 08:00 AM
The YUI development team has released version 2.5.2; you can download the new release from SourceFor...
Jun. 2, 2008 05:00 AM
ADS BY GOOGLE
BREAKING JAVA NEWS
SYS-CON MEDIA