Quick Tour of Controlling Applets |
One way the Java platform provides protection from attack from a virus, for example, is through the use of a security manager. Currently JDK system code invokes security manager methods to perform resource access control checks.Most browsers install a security manager, so applets typically run under the scrutiny of a security manager. Each such applet is not allowed to access resources unless it is explicitly granted permission to do so by the security policy in effect. In Java platforms that are compatible with JDK 1.2, the permission must be granted by an entry in a policy file.
Here's the source code for an applet named
WriteFile
that tries to create and to write to a file namedwritetest
in the current directory. The applet shouldn't be able to create the file unless it has explicit permission in a policy file.Type this command in your command window:
Type this command on a single line, without spaces in the URL.appletviewer http://java.sun.com/docs/books/tutorial/ security1.2/tour1/example-1dot2/WriteFile.htmlYou should see a message about a security exception, as shown in the following figure. This is the expected behavior; the system caught the applet trying to access a resource it doesn't have permission to access.
Quick Tour of Controlling Applets |