|
|
|
|
Applet Security ConstraintsApplets run within a browser, subject to the constraints of a security manager. In JDK 1.0.x, applets loaded over the web were completely constrained:
In JDK 1.1.x, and beyond, applets may be trusted as a result of being signed -- they may carry a secure certificate that identifies the source of the applet, and verifies that the source may be trusted. Unfortunately, Netscape's way of signing applets is not compatible with Microsoft's way, and vice versa. This has been solved with the use of the Sun Java Plug-in. Customizable security levels are already implemented in some browsers, but signed applet support requires JDK 1.1.x support (or above) in the browser. With each version of Java has come an increased level of granularity in terms of the ability to control what a particular trusted applet is allowed to do. Initially, with JDK 1.1, applets could be either untrusted, or completely trusted. Later versions of Java allowed more ability to specify exactly what a trusted applet could, or could not, do. Today, modern browsers use Sun's Java Plug-in, which allows the browser to support completely up to date versions of Java. However, this does mean that someone has to download and install the Java Plug-in for some browsers (notably Microsoft Internet Explorer). Since the Java Plug-in is rather large, this can be a non-trivial task. Testing AppletsWhile you're developing applets, you can try them out in a browser, but debugging is likely to be done within an applet viewer:
The Class HierarchyHere's the class hierarchy for applications and applets:
An Not so different from what we've seen before, right? |
|
This page was last modified on 02 October, 2007 |