Re: Information

Marianne Mueller (mrm@Eng)
Tue, 22 Apr 1997 18:09:27 -0700

Date: Tue, 22 Apr 1997 18:09:27 -0700
Message-Id: <199704230109.SAA04326@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: marcuzz@cs.uwindsor.ca
Subject: Re: Information

> I wish to know if it is possible, using Java beans, or even
> Java RMI, for an applet running in a web browser to communicate with
> a Java application which is running on the same machine as an
> application, i.e. outside of a web browser.

This is an interesting situation. In general, an applet downloaded
over the net won't be able to do this, using today's Java-enabled
browsers. So, if you're worried about downloaded applets opening a
covert channel in this way, the answer is, they are prevented from
making socket connections except back to the server they came from.

On the other hand, if you want to do this, your option today is to
install the applet on the local machine (on the client), in a
directory that is on the CLASSPATH of the browser. This will let the
applet establish socket connections. We recognize this isn't always
an attractive option, but it is part of the safety feature of the Java
sandbox not to allow the applet to make arbitrary socket connections.

Unfortunately I don't have an example to show you, of a good way to
accomplish the applet<->application hookup using RMI. You might check
out the applet/servlet combos on the Java Web Server page, at
http://jeeves.javasoft.com. I believe they have an RMI demo as well
as an applet/servlet pair that use HTTP.

As for security futures --

We are working on infrastructure for coming JDK releases to allow you
to configure fine-grain access, such as connecting to a particular
socket on a particular machine, for authenticated applets.

For more info on the sandbox, check out

http://java.sun.com/security/
Security Home Page

http://java.sun.com/sfaq/
Frequently Asked Questions

http://jeeves.javasoft.com/hypermail/java-security-archive/index.html
Hypermail archive of Q & A sent to this alias

Marianne