tags:

views:

188

answers:

2
Q: 

Accessing Java applet from another Java applet

A web application uses a Java applet that stores a password, submitted by the user, in a private property and uses this property in several public methods.

I wonder if it is possible for another Java applet loaded from the same or different web site to call the methods of this applet or possibly access the private property containing the password?

Do different applets run in a same or different JVMs? If they run in the same JVM, can one applet somehow get a reference to another running applet?

The password-storing applet is signed. I work from assumption that the snooping applet that wants to get the password can also be signed.

A: 

I think your answer is here. A signed applet can have, with the client's permission, access to outside the sandbox so in theory you might be able to.

Which makes me think -- what if I were to have my (malicious) applet signed? Would I be able to acquire some user data, by concocting the poor user into clicking 'yes'? The question is left as an exercise to the reader (ok, I'm joking here).

lorenzog  2009-12-17 17:49:27
+1  A: 

You can use AppletContext to get a reference from one applet to another. The current applet will have to know what to typecast the result into if you want to call any public methods other than those defined by the Applet class itself.

Dan  2009-12-17 18:00:15
Thanks, Dan. AppletContext allows to access other applets in the same page. That's already something. Is there any way to find applets loaded by other pages?
 2009-12-18 07:50:13
You'll have to go through Javascript in that case. Make sure the calling applet has `mayscript` enabled, and use `JSObject` to make the call to a Javascript function that can in turn use the DOM to query elements in other windows. Note that both windows will have to have come from the same server.
Dan  2009-12-18 18:32:32

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java