Date: Mon, 17 Mar 1997 20:18:26 -0800
Message-Id: <199703180418.UAA03484@puffin.eng.sun.com>
From: Marianne Mueller <mrm@eng.sun.com>
To: vogt-lowell.1@osu.edu
Subject: Re: How does applet write to a local file?
By default, in Java-enabled browsers, downloaded applets cannot read
or write to local files. Check out the Java Applet Security FAQ at
http://java.sun.com/sfaq for a description of the Java applet sandbox
for downloaded applets. In particular you might be interested in the
examples at the bottom of that page.
You can use the
acl.write
property for the HotJava browser, but other Java-enabled browsers
don't support that particular properties file. (You can also test
that this works OK with the JDK appletviewer.) But you can't use that
property to allow the applet to read or write on Netscape Navigator or
Microsoft Internet Explorer.
One workaround for this restriction is to install the applet on a
directory that is on your browser's CLASSPATH. Refer to the SFAQ for
details on all this. Note that there's a crucial distinction between
downloaded applets (which are confined to the sandbox) and applets
that you choose to install locally (which are allowed full access.)
This workaround clearly won't work for people who visit your web page
and use applets that are on it, since from their point of view, the
applet will be downloaded to their browser.
Starting with JDK 1.1, you can configure your Java runtime to allow
signed applets to run as through they are trusted local applets. See
http://java.sun.com/security/signExample/ for a walk-through of this.
Note that for now, you'll want to load the signed applet on your
intranet, not over the net, due to a bug that is fixed in JDK 1.1.1.
That release will ship very soon.
Marianne