39 - پیام , 342 - نظر

Applet Security

Applet is executable object which is run on client,
Like ActiveX, it must be restricted to prevent from computers damaging your computer.
For this reason, any Applets have their own permissions and restricted to work in the domain which they loaded from.
System security prevents any Applet to bad action on your system.
Applets need Java Runtime Environment (JRE) to execute and JRE controls their permission.
In this manner, Applets are categorized in two groups:
  • Signed applet.
  • Unsigned Applet.

For any information about Signed Applet you can visit http://mindprod.com/jgloss/signedapplets.html.
Here our concern is unsigned Applet.
When your browser reach to applet in a page, automatically execute JVM (Java Virtual Machine) and run applet in it.
Basically any applet had some access. For example it can connect to its, host server(the domain which is loaded from) and communicate with it.
But it can not connect to other servers also. It can not access to your files, in your computers.
Even it can not work with your clipboard, and you can not Cut, Copy or Paste, to or from clipboard.
If you want to permit an applet to do some of restricted action, you must sign int or change your security parameters.
In order to do this, you should edit "java.policy" file on "JRE\lib\security\" directory.
For example you want to grant access to applet from "http://mydomain.tld" to connect to any other servers, you must add these lines to "java.policy":

grant codeBase "http:// mydomain.tld/-" {
    permission java.net.SocketPermission "*", "accept,listen,connect,resolve";
            //permission java.security.AllPermission;
};
 
After this, restart your system and enjoy freed Applet in “http://mydomain.tld”; but at your own risk.

ارسال شده در تاریخ ۳۰ بهمن ۱۳۸۵ - 10:20 صبح

نظرات

هنوز هیچ نظری ارسال نشده است

ارسال نظرات

عنوان:  
نام:  
آدرس الکترونیکی:
زبان:
توضیح:  
لطفا متن مقابل را در زیر وارد کنید
(کوچک یا بزرگ بودن حروف مهم نیست)