Previous | Next | Trail Map | Security in JDK 1.2  | Quick Tour of Controlling Applets

Observe Applet Restrictions

One way the Java platform provides protection from attack from a virus, for example, is through the use of a security manager. Currently JDK system code invokes security manager methods to perform resource access control checks.

Most browsers install a security manager, so applets typically run under the scrutiny of a security manager. Each such applet is not allowed to access resources unless it is explicitly granted permission to do so by the security policy in effect. In Java platforms that are compatible with JDK 1.2, the permission must be granted by an entry in a policy file.

Here's the source code for an applet named WriteFile that tries to create and to write to a file named writetest in the current directory. The applet shouldn't be able to create the file unless it has explicit permission in a policy file.

Type this command in your command window:

appletviewer http://java.sun.com/docs/books/tutorial/
security1.2/tour1/example-1dot2/WriteFile.html
Type this command on a single line, without spaces in the URL.

You should see a message about a security exception, as shown in the following figure. This is the expected behavior; the system caught the applet trying to access a resource it doesn't have permission to access.


Previous | Next | Trail Map | Security in JDK 1.2  | Quick Tour of Controlling Applets