Previous section: The JNI Technology

Issues in using JNI with Applets

o       The JVM Security Restrictions

o       Browser Incompatibilities

The JVM Security Restrictions

Within the JVM, the applets are by default treated as untrusted. This leads to lesser privileges as compared to those offered to the standalone Java applications. As long as the code is running in the constraints of the Java Sandbox, it is not allowed to perform certain actions, which are considered to be potentially unsafe for the system.

Actions like – reading a file, reading system properties, interfering with running threads, loading or linking of libraries; are prohibited for any code that is running in the Sandbox.

Therefore under normal conditions, an applet cannot invoke JNI calls as it involves actions that are considered as unsafe. The Security Manager in scene detects these actions and considering them as violations, it throws the SecurityException.

Every potentially unsafe method has to undergo certain checks from the underlying Security Manager failing to which, the access for performing the operation is denied.

Due to these restrictions posed by the JVM, the applets cannot normally invoke JNI calls.

Browser Incompatibilities

To invoke the JNI calls through an applet, the Security Manager has to be bypassed. The applet has to have unrestricted access to the system.

For this purpose, the API’s are provided by the netscape.security package for Netscape and by the com.ms.security package for Internet Explorer.

The packages mentioned above force us to write different code for different browsers.

Next section: Java Security Model - Sandbox

Table of Contents

Top of Page | Home

© 2001 – EBSolute Technologies