how to grant an applet permission for the resource accesses it needs?

Question

hi,

i have a problem with define permission for my applet that would to spacial resource access like get user.name property or file system command like create,read, write directory or files...

the applet must write any data -ex. images- that received from a web application in such files in temp directory with using user.name to make a folder to these...

i want to sign applet and grant permission for it so that every client which runs my applet permission it to resource access that is needed, how i can do it? is it possible?

is it a method without client side grant permission? i know that's not good security policy and maybe incorrect idea , but with my problem statement what's your idea? how i can do this?

Answer 1

From 6u10, without being signed you can use FileSaveService to allow files to be saved under control of the user.

Answer 2

Once your applet is signed, any code that needs file permissions needs to be wrapped in a privileged block as follows.

final String location = locationVal;

File f = (File) AccessController.doPrivileged(new PrivilegedAction()
{
public Object run()
{
  System.out.println("Getting File : " + location);
  File outputFile1 = new File(location);
  return outputFile1;
}
});

For getting a system property you need to use the privileged block again. Something like this.

String javaVersion = (String) AccessController.doPrivileged(new PrivilegedAction()
{
    public Object run()
    {
        try
        {
            return System.getProperty("java.version");
        } 
        catch (Exception e)
        {
        System.out.println("Exception caught:" + e.toString());
    return null;
    }
}
});