I am in the middle of maintaining/writing an applet. The applet connects to a database, a directory, and perhaps the local disk. I have read tons of documentation on applets, and through my experience I have found that making the connections and accessing the drive is not trivial. I am trying to find a better solution. But I have a couple of questions that, if answered, would help make me make a better decision. 1) if, through an applet, I instanciate a class that inherits from a jframe, do I still face the same security problems? 2) Is there an easy way of securing my applet? 3) Are there any suggestions on any solutions? Thanks for the time. Cardwell Cupp
Hi Cardwell, An applet is restricted by the sandbox no matter what component it creates. To play outside the sandbox you simply need to sign your applet and let the user choose to let you play with their disk. See the link:http://java.sun.com/docs/books/tutorial/jar/sign/index.html Typically what my company does is to place the information you were thinking about placing onto the local disk into some database. That way, no local disk I/O is required and I am in total control of the information. Regards, Manfred.
Java encourages a 3-tier approach. This is actually good even though it make for more complex programming because it nudges you towards best practices for the management of data in an entrprise environment and minimizes the security risks. I suspect that 9 out of 10 signed applets out there were done that way because people were trying to force things to work the "way we've always done it" when they should have taken the hint and tried to work WITH the architecture instead of fighting it. Not that I didn't have to learn the hard way myself
"privilege" comes from the Latin words for "private" and "law" (legal) and dates to feudal times. To "claim privilege" meant that you were above the laws that applied to the common people.