When I am executing a jar file from the browser, is the class file running on the client end or on the server end?
I am developing a security web application where files are encrypted and decrypted. I need this to be done on the client side through a pin which client chooses.
Therefore when an jar file is running on the browser, is the class file where encryption and decryption is done processes on the client end or in the server end?
You can launch the jar file with jnlp ( Webstart) but it will not run on browser. Only a launch. You can execute code In Applet / JApplet, which will be in browser. Depends what you need at business logic.
mostly as matheszabi mentioned what business demands.
you are not executing jar anytime in client end. Via Applet/JApplet you are loading the byte source into browser which then executes your actions. For this you need to have java run time to be installed on the client machine for browser support.
if you are using jsp/servlet model you would understand the java execution is always on the server side.
Related
I have to call .exe file on client.
But I dont understand sevler-client communication using Applets.
So few Q:
1.Can I do my task using Applets?
2.Does applets jar methods called on server?
Thanks in advance.
Applet does not maintain a state-full communication between client and server.
It is a Java application that runes inside the browser and has an access to a local system resources (if signed) and existing browser session, i.e. can use the same cookies to perform HTTP calls within the same Server-Side session.
1) Yes, you can do you task in Applet as in any other java application, however, in case of Applet it must be signed with the digital signature: http://www.oracle.com/technetwork/java/javase/tech/java-code-signing-1915323.html#60
2) No. All the classpath dependencies Applet may have, will be downloaded and cached on the client machine. See http://docs.oracle.com/javase/tutorial/deployment/deploymentInDepth/index.html
File system access is often not allowed as applets can (should) run in a sandbox limited-privileges environment. So running an exe file is possible only if the applet has proper permissions. Typically they are given such permissions when signed.
That being said, try not to use applets and write proper Java applications instead. You can always wrap the Java app in an applet, so that it is started from the applet.
Not so sure what you mean by the second question.
I have a web application running with support for some specific pieces of hardware. This is achieved in the following steps:
User runs a small installer that places java files (and a couple
others) on the client machine. The main piece is a jar called "hardwareManager"
User visits web app. The web app runs a java applet which, due to
a .java.policy file placed during the install, has permission to
interact with the client machine outside the browser sandbox.
The applet checks to make sure the hardwareManager is running,
and if not runs a command to start it.
User interacts with the web app which sends commands to the applet via
javascript. The applet then writes commands to a text file
on the client machine. The text file is constantly monitored by the
hardwareManager which runs any commands it reads in.
This works, but seems clunky. I have a couple ideas on how to improve it, but I don't know which, if any, are even worth trying.
Would it be better to set up the hardwareManager as a socketServer and have the applet connect directly to it, rather than going through text files? Is that even possible?
Is there a way to eliminate the applet altogether and have the javascript talk directly to the hardwareManager? Maybe by writing the hardwareManager to be a local http server? What port should it run on? Do javascript xss limitations fit in here somewhere?
It would be less clunky to start the Java application using Java Web Start. This would remove the need to daemonize or install the Java hardware manager.
Another alternative is to use a built-in browser inside Java. I supose this is not an option, since you depend heavily on Javascript (I suppose to provide a rich client experience).
If you already have to install something on the client machine, why did you make the choice to go with a web application?
Talking from experience: We had a Java EE application which needed to print to PoS printers at the client site. We installed a small "synchronizer" application that connects through SSH and synchronizes all clients files. Afterwards, it loads the JAR and executes the program. This program connects through RMI with the server and subscribes to a JMS queue to receive the print assignments.
Applied to your case: Why not let your Java application connect to the server directly? You can use HTTP, SOAP or even JMS over RMI. You can then launch the hardware command from the server (instead of from the limited JavaScript webbrowser environment). This way, you get tons of features: authentication, buffering of commands, and you can even share hardware between multiple clients.
Schematic:
<----AJAX------> Web browser
ApplicationServer
<---HTTP/SOAP--> Java hardware manager application
You can launch the Java application using Java Web Start, which allows you to update the application automatically (instead of needing to pass every client a new installer).
see, i am developing a web application that downloads files from a server via http requests, but in a case the file isn't in the server but in the applet itself, i mean, some binary content is dynamically generated inside the applet and it must be downloaded. Of course i can use the java libraries to save the file in the client file system (if the applet is a signed one), but i was wondering if it can be done connecting the java OutputStream to the browser's download window, in other words, start a download from an applet.
Am i a crazy person ?
by the way, is it possible to do something similar from javascript ?
No, it is not possible to get around security by attaching the output of an applet to the standard file download mechanisms of a browser.
OTOH, since the Next Generation Java Plug-In, it is no longer necessary to have a signed and trusted applet in order to save files(/bytes) to the local file-system. Chase the links in the Applet info. page for more details. For a demo. of using the JNLP API services (that the plug-in2 hooks into for this functionality) see the File service demo..
You can if e.g. you upload the file to the server and then force browser (via LiveConnect or otherwise) to open that file from the server.
As far as I'm aware, there's no cross-browser way to emulate downloading from within an applet. So you should create that download yourself, and let browser do what it does best.
Obviously, it might well make sense to move the actual creation of the stream to your server side.
I have never used JNLP, and I have no web/war server already running so I will install it from sratch:
Which to use?
GlassFish
Tomcat
Apache
Jetty
Another?
I wonder if someone already using JNLP could make any recomendation for the server.
I just want a blank page with a button in the middle for starting the application nothing more, nothing less.
If you use only JNLP you don't need Java server. JNLP is client side. Simple http server like Apache HTTP Server should be OK. HTTP server will be better solution than use of web container/Java EE server because JNLP (usually) is a static content. Even lighthttpd should be enough.
As already stated any server capable to serve HTTP will do. If your WebStart application is not signed by itself (i.e. you code-signed the corresponding Jar files) you could probably consider to publish the JNLP plus its resources via HTTPS. This way your clients will know that the software they are going to execute came from its rightful origin. Although unsigned WebStart applications are restricted in their privileges on the client's machine it still is a measure to elicit trust in your clients. On the other hand this requires more configuration effort with regard to the server you chose.
If your application will need some extended privileges on the client's machine such as access to the file system then I would recommend that you do sign your jar files to gain the necessary privileges automatically (don't forget to specify them in a element within your JNLP).
These are the default restrictions for unsigned WebStart apps:
No access to local disk.
All your jars must be downloaded from the same host. Note, however, that you can download extensions and JREs from any host as long as they are signed and trusted.
Network connections are allowed only to host from which your jars were downloaded. ("Phone home restriction.")
No security manager can be installed.
No native libraries (not even in extensions).
Limited access to system properties. (The application has read/write access to all system properties defined in the jnlp file, as well as read-only access to the same set of properties as applets
You dont need a server to run JNLP(Webstart).. This is how webstart works
it simply is an application that can be started over the web, this would be the procedure from the user perspective:
user goes to yourwebsite.com
user see's link: run my awesome app
user clicks link, which downloads .jnlp file
user runs the jnlp file through java web start (part of java SE, user requires java runtime environment JRE to run this)
java web start reads jnlp to get information about the server that holds the corresponding application
jar files get downloaded automatically (the first time) and then the application starts
user gets bored and closes application
the next day, user comes back and clicks your link again
application is already downloaded, so it starts right away
user gets bored again and closes your application
1 day later, you decide to update your application and you deploy the new jar file on your
server, replacing one of the old files
after 2 days user clicks your link again
java web start recognizes that the user has a different version, downloads update automatically and starts the application again
...
..
.
I have created an applet that communicates with a MS Access database (or at least, it should). It works fine when I run it through Dr Java or NetBeans, but when I embed the .class file in an html page and open the html page, it seems to run but none of the changes it is supposed to make to the database actually happen and it cannot retrieve data from the database either. What do I need to do?
Note: the html file, the class file, and the java source file are all on my computer, and in the same folder. The html file is not published or anything, I just created it myself to test the applet.
If you want the database on a server, you need to have it on the same server as the applet is on. E.g. Use Jetty and write a Servlet that communicates with the database via JDBC. The applet then has to communicate with your Servlet, maybe as a web service.
applets run in a sandbox environment . if applet requires access to user system resources it needs to be signed.
package your ".class" files in a jar . have an html file outside the jar that references your jar inside applet tag. then sign your applet jar. see http://java.sun.com/developer/onlineTraining/Programming/JDCBook/signed.html
-----------UPDATE------------------------------
There are two ways of connecting to a database on the server side.
1- The hard way. Untrusted applets cannot touch the hard disk of a computer. Thus, your applet cannot use native or other local files (such as JDBC database drivers) on your hard drive. The first alternative solution is to create a digitally signed applet which may use locally installed JDBC drivers, able to connect directly to the database on the server side.
2- The easy way. Untrusted applets may only open a network connection to the server from which they were downloaded. Thus, you must place a database listener (either the database itself, or a middleware server) on the server node from which the applet was downloaded. The applet would open a socket connection to the middleware server, located on the same computer node as the webserver from which the applet was downloaded. The middleware server is used as a mediator, connecting to and extract data from the database
(Comment by OP on the other thread.)
Could you please explain how the applet can "phone home" to its own server?
I suspect the basic problem with your current approach is that the JRE is getting confused as to whether the DB and applet are on the same 'server'. The first thing to do is stop thinking about folders or directories (or their associated URLs), and do everything, including access the applet, via. your local server. So the URL to the applet should be something like..
http://localhost:8080/the/applet.html
Then make sure all calls to the DB are done through the server as well.