There is a "JRE Class White List" for the Google App Engine.
What I would really like is a "Black List" -- in other words, Java APIs that will not work on GAE. Does such a list exist? Have any developers run into problems with Java APIs on GAE?
+4
A:
I don't know a blacklist, but the following link may be helpful: http://groups.google.com/group/google-appengine-java/web/will-it-play-in-app-engine
Miguel Ping
2009-04-15 16:09:05
Thanks Miguel. That is a helpful start.
Julien Chastang
2009-04-15 16:23:57
+5
A:
It seems that they've taken more of a white-list approach: http://code.google.com/appengine/docs/java/jrewhitelist.html.
There is also more detail about the sandbox (what files it can access and so on) here: http://code.google.com/appengine/docs/java/runtime.html#The_Sandbox
The restrictions seem to be pretty intuitive (like restricted filesystem access, no JNI, etc).
Cd-MaN
2009-04-15 16:30:46
Actually, the generic idea of security limitations is understandable. But I disagree in that this explains HOW the white list was composed.My feeling is that it's based more on developers familiarity with APIs, and that parts of JDK they didn't know well they left out.My specific example is JSR-173 (aka "Stax"), classes under javax.xml.stream (that was excluded for no apparent reason), but there are probably others as well.So I hope someone has a good explanation on "how" part.
StaxMan
2009-04-20 02:39:49
+1
A:
I got a card advertising this service at Google I/O:
LTech AppEngine Compatibility Analyzer
Sounds like it might be of use to you. I have not tried it, if you do try it, please come back and comment. Thanks!
Mark Renouf
2009-06-01 00:45:54