Win a copy of Spark in Action this week in the Open Source Projects forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Applets vs. Security...is it worth it?

 
Ranch Hand
Posts: 66
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am in the middle of maintaining/writing an applet. The applet connects to a database, a directory, and perhaps the local disk. I have read tons of documentation on applets, and through my experience I have found that making the connections and accessing the drive is not trivial. I am trying to find a better solution. But I have a couple of questions that, if answered, would help make me make a better decision.
1) if, through an applet, I instanciate a class that inherits from a jframe, do I still face the same security problems?
2) Is there an easy way of securing my applet?
3) Are there any suggestions on any solutions?
Thanks for the time.
Cardwell Cupp
 
Ranch Hand
Posts: 1492
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Cardwell,
An applet is restricted by the sandbox no matter what component it creates.
To play outside the sandbox you simply need to sign your applet and let the user choose to let you play with their disk. See the link: http://java.sun.com/docs/books/tutorial/jar/sign/index.html
Typically what my company does is to place the information you were thinking about placing onto the local disk into some database. That way, no local disk I/O is required and I am in total control of the information.
Regards,
Manfred.
 
Saloon Keeper
Posts: 22245
151
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Java encourages a 3-tier approach. This is actually good even though it make for more complex programming because it nudges you towards best practices for the management of data in an entrprise environment and minimizes the security risks.
I suspect that 9 out of 10 signed applets out there were done that way because people were trying to force things to work the "way we've always done it" when they should have taken the hint and tried to work WITH the architecture instead of fighting it.
Not that I didn't have to learn the hard way myself
 
    Bookmark Topic Watch Topic
  • New Topic