File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Applets and the fly likes  security? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Applets
Bookmark " security?" Watch " security?" New topic


mira yang
Ranch Hand

Joined: Nov 08, 2003
Posts: 33
Please look at this:
Q: Are there any security issues running JMF applets with Java 2?
If JMF is locally installed on a machine, there will be no security issues running JMF applets. If JMF is not locally installed, JMF applets may not be able to perform some functions like playing back locally stored media files or saving media files locally. Such actions are considered to be high risk and are protected by the Java 2 security manager. If a user chooses to allow that, he/she can do so by making use of a policy file.
For audio recording:
permission javax.sound.sampled.AudioPermission "record";
My question is : what's the policy file? where is it saved and how to config it so that the applet can record audio?
Thanks is antipication.
Maulin Vasavada
Ranch Hand

Joined: Nov 04, 2001
Posts: 1873
Hi Mira
This link would be helpful to understand the policy thing.
But if I try to quickly highlight on policy file then,
- applet runs on a client machine. Hence the applet code is not allowed to perform certain actions. e.g. delete any file on the client system because if without the user's permission (the user on the client) machine if the applet coded, downloaded from some site, deletes the whole c:\* then its a big concern. I guess that much you already have figured out..
- NOW, how the user specifies permissions he/she wants to give to some applet downloaded from some site so that if he/she is aware of the applet's requirement (that it needs to read some file) then it will not fail?
This is done by the policy file specified by the user on the machine where applet is running.
-Where do we write this policy file? Ans: two locations are possible.
1. in your user home directory on the system and name the file as .java.policy (as you would see in the link provided above)
2. we would put java.policy in the jre/security folder of the JRE used by the browser. Now, how to know the JRE used by the browser is a seperate issues and I hope you are aware of the SUN JRE Plugin etc things...If not feel free to post more questions..
Here note the difference in the file names. one has "." at beginning theother doesn't...
mira yang
Ranch Hand

Joined: Nov 08, 2003
Posts: 33
I agree. Here's the link:
subject: security?
jQuery in Action, 3rd edition