Newsletter sign-up
View all newsletters

Enterprise Java Newsletter
Stay up to date on the latest tutorials and Java community news posted on JavaWorld

Sponsored Links

Optimize with a SATA RAID Storage Solution
Range of capacities as low as $1250 per TB. Ideal if you currently rely on servers/disks/JBODs

JavaWorld.com > Java Standard Edition >

Alternative deployment methods, Part 2: The best of both worlds

Add a new trick to your Java application-deployment toolbox

By Todd Sundsted, JavaWorld.com, 07/14/00

  • Print
  • Feedback
.

Page 3 of 3

Security considerations

The boot-strap applet requires access to a user's filesystem to install deployment resources on said user's machine. Java wisely prevents this, since giving out untrusted code access to your filesystem is risky. Thus, applets are forced to remain "inside the sandbox."

Both of the major browsers (Netscape Navigator and Microsoft Internet Explorer) provide proprietary APIs that free applets from the sandbox. Also, Java 2 allows digitally signed code to perform specific restricted operations with the user's permission. Unfortunately, without the Java Plug-In, Java 2 is not yet supported by the major browsers. Since the plug-in is not an option on some platforms and in some environments, the applet must potentially support all three security models.

Coverage of these three security models would require an article apiece -- rather than explore this interesting but peripheral topic, I've provided numerous links (see Resources) for those who wish to learn more.

Conclusion

The technique outlined above looks good in theory and works well in practice. I've included the code (see Resources) so you can put the technique to work immediately. If you're interested in an introduction to the technique's inner workings, I suggest you return for Part 3, where I'll take you on a tour of the code and provide some examples to get you going.

About the author

Todd Sundsted has been writing programs since computers became available in convenient desktop models. Though originally interested in building distributed applications in C++, Todd moved on to the Java programming language when it became the obvious choice for that sort of thing. In addition to writing, Todd is a Java architect with ComFrame Software Corporation.

Read more about Core Java in JavaWorld's Core Java section.

  • Print
  • Feedback

Resources