i am doing a master project on how java applet works with web browsers.Can anyone give me details or any link that can be useful.How the web browser interacts with the java applet.
Download the source of Mozilla (Firefox, e.g.)
Read the code that integrates the JRE for applets.
Ask more questions when specific issues arise.
Maybe a simple answer will be enough and it won't require reverse-engineering Mozilla.
Until recently, applets did not interact much with the browser. The browser sent only 'start', 'stop' and 'resize' events to the applet and the applet could order the browser to open new web pages. With the Java 6 update 10, there is a possibility to call Applet functions from JavaScript and to call JavaScript from an Applet, as long as they are on the same page.
The browser creates a 'sandbox' to run the applet. The sandbox limits the access rights of the applet (e.g. applet can connect to TCP ports only on the web server, cannot access files directly on the client file system, etc.). Besides these limitations, an applet is like an autonomous application running on the client box.
You can find info on applets at 'http://java.sun.com/applets/' and 'http://java.sun.com/docs/books/tutorial/deployment/applet/index.html'
Related
I have a created and signed an applet where i need to read from C: of the client computer. When i run the applet from netbeans am able to read C: But when i embed that applet to the browser it cant find the C: drive.
How can i achieve this?
According to Oracle documentation Sandbox applets cannot access client resources such as the local filesystem (...)
Also, privileged applets do not have the security restrictions that are imposed on sandbox applets and can run outside the security sandbox.
Therefore, what you need is a privileged applet.
Since you have already signed the applet and still have problems you can try running the code as privileged code as presented here.
Note: Signed applet will request trust from the user, usually in a little dialog box in the browser. Maybe check if you have set an "always block" setting in your browser in the past ?
I have a web application running with support for some specific pieces of hardware. This is achieved in the following steps:
User runs a small installer that places java files (and a couple
others) on the client machine. The main piece is a jar called "hardwareManager"
User visits web app. The web app runs a java applet which, due to
a .java.policy file placed during the install, has permission to
interact with the client machine outside the browser sandbox.
The applet checks to make sure the hardwareManager is running,
and if not runs a command to start it.
User interacts with the web app which sends commands to the applet via
javascript. The applet then writes commands to a text file
on the client machine. The text file is constantly monitored by the
hardwareManager which runs any commands it reads in.
This works, but seems clunky. I have a couple ideas on how to improve it, but I don't know which, if any, are even worth trying.
Would it be better to set up the hardwareManager as a socketServer and have the applet connect directly to it, rather than going through text files? Is that even possible?
Is there a way to eliminate the applet altogether and have the javascript talk directly to the hardwareManager? Maybe by writing the hardwareManager to be a local http server? What port should it run on? Do javascript xss limitations fit in here somewhere?
It would be less clunky to start the Java application using Java Web Start. This would remove the need to daemonize or install the Java hardware manager.
Another alternative is to use a built-in browser inside Java. I supose this is not an option, since you depend heavily on Javascript (I suppose to provide a rich client experience).
If you already have to install something on the client machine, why did you make the choice to go with a web application?
Talking from experience: We had a Java EE application which needed to print to PoS printers at the client site. We installed a small "synchronizer" application that connects through SSH and synchronizes all clients files. Afterwards, it loads the JAR and executes the program. This program connects through RMI with the server and subscribes to a JMS queue to receive the print assignments.
Applied to your case: Why not let your Java application connect to the server directly? You can use HTTP, SOAP or even JMS over RMI. You can then launch the hardware command from the server (instead of from the limited JavaScript webbrowser environment). This way, you get tons of features: authentication, buffering of commands, and you can even share hardware between multiple clients.
Schematic:
<----AJAX------> Web browser
ApplicationServer
<---HTTP/SOAP--> Java hardware manager application
You can launch the Java application using Java Web Start, which allows you to update the application automatically (instead of needing to pass every client a new installer).
I need to load somehow the html code of a webpage A into a javascript string of another webpage B, on a different host. I know this is impossible to do with javascript alone because of the same origin policy, and I know I could do it loading the page via php on my server and then send results back to the user's client but I wouldn't be able to handle so many requests, so I need it to be done directly by the user's browser. I can use nearly whatever browser scripting language/applet framework common enough to be installed on the majority of my users' computers, like flash and java.
On example, what if I use flash or java to load the external html code and then call a javascript callback function providing the source? Could this work?
Do you have ANY idea? I gratefully accept any suggestion, and I REALLY appreciate examples!
Thank you very much!
Matteo
It would require a digitally signed and trusted applet in order to reach cross-domain, short of the user running a plug-in 2 architecture JRE and the site implementing a Cross-Domain XML.
Ordinarily, unsigned Java applets or applications may only connect
back to the web server from which they originated. This restriction
prevents an applet from causing denial-of-service attacks by making
rapid connections to arbitrary machines on the Internet.
In Java SE 6 update 10, both the Java Web Start and Java Plug-In
technologies contain preliminary support for cross-domain policy
files, which specify how unsigned code may access web services on the
Internet. The crossdomain.xml policy file is hosted on a given server
and allows either selected clients, or clients from anywhere, to
connect to that server. Cross-domain policy files make accessing web
services much easier, particularly from unsigned applets.
"via php on my server and then send results back to the user's client but I wouldn't be able to handle so many requests"
So many requests? That is not so many reqs; just making php script to read couple page and creating new page depending the data. If that is too much for your server ..hard to believe.. you sure can do that kind of thing with flash (clients computer) to load those two pages, and parse the datas to one html page and display it (via js) to clients browser. Kind of weird question after all.. perhaps i did not understand it :)
Is it possible to create a web-chatting application using java Applet ??
As far as I know, using Java Applet we cannot access Web Server due to Sandbox restriction.
But I'm not very sure about this ..
A sand-boxed applet can 'phone home' to its own server with no problems. It is only accessing other servers that requires trust.
as far as I remember we can access server from which we downloaded this applet without problems. Another opportunity is to try to sign the code to make it trusted.
I'm looking to embed a J2ME application as an applet in a web page to be accessed via a mobile phone web browser. Every major web browser supports the embedding of Java applets - does an analog exist for cell phone web browsers?
If not, does there exist a cross-platform way of launching a J2ME application from a mobile web browser?
J2ME doesn't support applets, and you install it onto the device in an application-specific way. You can't launch it from a web browser.
You're most likely out of luck. The best that you'll be able to do is provide a link to the .jar file.
You could, of course, run J2ME applets with normal browsers using http://www.microemu.org/ microemulator, but that won't work on the mobile device's browser.