Previous | Next | Trail Map | Security in JDK 1.2  | Quick Tour of Controlling Applets

Observe Applet Restrictions

One way the Java platform provides protection from attack (for example, a virus) is through the use of a security manager. Currently, JDK system code invokes security manager methods to perform resource access control checks.

Most browsers install a security manager, so applets typically run under the scrutiny of a security manager. Each such applet is not allowed to access resources unless it is explicitly granted permission to do so by the security policy currently in effect. In Java platforms that are compatible with JDK 1.2, the permission must be granted by an entry in a policy file.

Here's the source code for an applet named WriteFile that tries to create and write to a file named writetest in the current directory. The applet shouldn't be able to create the file unless it has explicit permission in a policy file.

Type this command in your command window:

appletviewer http://java.sun.com/docs/books/tutorial/
  security1.2/tour1/example-1dot2/WriteFile.html
(Type this command on a single line, without any spaces in the URL.)

You should see a message about a security exception. This is the expected behavior; the system caught the applet trying to access a resource it doesn't have permission to access.


Previous | Next | Trail Map | Security in JDK 1.2  | Quick Tour of Controlling Applets