Newsletter sign-up
View all newsletters

Sign up for our technology specific newsletters.

Enterprise Java
Email Address:
JavaWorld.com > Java Development Tools >

Escape the sandbox: Access native methods from an applet

Find out how you can directly invoke the Win32 API -- the IE-free way

By Steve Small, JavaWorld.com, 10/01/98

  • Digg
  • Reddit
  • SlashDot
  • Stumble
  • del.icio.us
  • Technorati
  • dzone
Applet developers deploying on a Win32 platform sometimes find it necessary to invoke native Win32 methods from within an applet. Not realizing that other options are available, they may turn to Active X or JDirect, both of which rely on Internet Explorer on the client side. While this may be acceptable for some controlled intranets, in many cases it creates an impossible restriction. In this article, I'll show how to implement the same functionality using a Netscape client.

Previous articles (see Resources) have covered both creating signed applets that can access resources "outside the sandbox" and using native methods from within Java code using JNI. In this article, we're going to combine these two concepts to effectively create a Microsoft-free version of JDirect. We'll also use LiveConnect (built into Netscape Communicator) to invoke native methods directly from JavaScript.

While our example covers the Win32 API explicitly, you can easily extend the approach to run native code from an applet on any platform running the Netscape browser -- just create a different version of the native library.

Two features of Netscape's applet security model make implementing this functionality tricky. First, the native library must reside on the local drive on the client PC. While sensible, this policy requires that a DLL created using JNI be downloaded to the client.

An even trickier feature requires any class that directly invokes a native method to be loaded by the system class loader rather than by the applet class loader. Netscape looks for classes in its own classpath first and loads classes found there with its system class loader. If it can't find a class there, it looks in the applet's codebase. If a class is loaded from the codebase, it gets loaded by an AppletClassLoader and thus has fewer privileges. Therefore, the class that invokes native methods must reside in Netscape's classpath by the time it's first loaded by any applet.

In our example, we'll invoke two very simple Win32 methods called GetUserName() and GetComputerName(). GetUserName() returns the Windows user name, and GetComputerName() returns the Windows computerID. We can use this approach with any methods in the Win32 API. I've broken down our task into the following steps:

  1. Create the native library and Java "wrapper" class that uses JNI
  2. Create the Java applet class
  3. Create a signed jar file
  4. Create HTML code with JavaScript
  5. Deploy the applet


Create the native library and Java JNI class

The class file that invokes native methods needs to be downloaded to the client machine when the applet is started. This step is just standard JNI and is well described in a number of references (see Resources). This UserInfo class doesn't need to do much -- it simply contains two native methods declarations: 

     public class UserInfo {
      public native String getUserName() throws Error;
       public native String getComputerName() throws Error;
     }


To create our native interface, we need to compile UserInfo, then run the javah utility (on the Windows platform) on the generated class file to produce a C header file. This file is produced automatically and shouldn't require any editing on your part.

  • Digg
  • Reddit
  • SlashDot
  • Stumble
  • del.icio.us
  • Technorati
  • dzone
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a JavaWorld account? Log in here. Register now for a free account.
Resources
  • Complete source code listing of UserInfoApplet, plus an example batch file to build the applet and create a signed jar http://www.javaworld.com/jw-10-1998/apptowin32/jw-10-apptowin32.zip
  • Sun's Java Native Interface Specification, tutorial, and FAQ provide a very good overview of native methods http://www.javasoft.com/products/jdk/1.1/docs/guide/jni/index.html
  • See Netscape's list of documentation related to object signing including tutorials, resources, tools, and FAQs http://developer.netscape.com/docs/manuals/signedobj/overview.html
  • Read Rinaldo Di Giorgio's "Use native methods to expand the Java environment" (JavaWorld, July 1997) for a good introduction to using native methods from within Java code using JNI http://www.javaworld.com/jw-07-1997/jw-07-javadev.html
  • Bret Sommers's "Outside the Sandbox" (Java Report Online, February 1998) provides an excellent tutorial describing signed applet creation http://www.javareport.com/html/features/archive/9802/somers.shtml
  • Java Tip 19"Java makes it easy to copy files from a Web site" (JavaWorld, December 1996) describes a clever utility for copying files from a URL http://www.javaworld.com/javaworld/javatips/jw-javatip19.html
  • VeriSign offers Netscape Class 2 and Class 3 SPCs http://www.verisign.com
  • Thawte Certification also offers Class 3 SPCs http://www.thawte.com
  • For a very complete treatment of the Java Native Interface, see Essential JNI by Rob Gordon (Prentice Hall, ISBN0-13-679895-0)