Home > Archive > Java Help > August 2007 > [JWS sandbox] Re: Java App for an Online Experiment
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
[JWS sandbox] Re: Java App for an Online Experiment
|
|
| Guillaume Cabanac 2007-08-28, 5:52 am |
| > If the DB is coming from the same domain as the
> app., it can do it in a sandbox.
Hi,
Do the application and DB have to be from the same *domain* or *host* (as it
is mentioned in the JWS FAQ
http://java.sun.com/j2se/1.5.0/docs...de/faq.html#113) ?
<quote>
If an application is written to run in a restricted execution environment
(sandbox), then access to disk is not permitted and the application may only
connect to the host on which it resides.
</quote>
Thanks.
Guillaume Cabanac
| |
| Andrew Thompson 2007-08-28, 5:52 am |
| Guillaume Cabanac wrote:
...[color=darkred]
>Do the application and DB have to be from the same *domain* or *host* (as it
>is mentioned in the JWS FAQ
I was almost about to mention before, that I was
not sure of the distinction between domain and
host, and why not give it the acid test of putting
up a second JNLP that tries a sandboxed launch?
Note their might also be a third possibility that when
data is requested off a different domain/host, the
Plug-In pops a message asking the user if that is
OK.
I was surprised to see this 'allow on prompt' behaviour
on a socket based example I worked on recently, and
hazilly recall seeing it in a JEditorPane example that
was browsing 'any old URL'.
--
Andrew Thompson
http://www.athompson.info/andrew/
Message posted via JavaKB.com
http://www.javakb.com/Uwe/Forums.as...-setup/200708/1
| |
| Guillaume Cabanac 2007-08-28, 5:52 am |
| >>> If the DB is coming from the same domain as the
> ..
>
> I was almost about to mention before, that I was
> not sure of the distinction between domain and
In my view a domain (foo.com) gathers multiples hosts (a.foo.com, b.foo.com,
etc.).
> host, and why not give it the acid test of putting
> up a second JNLP that tries a sandboxed launch?
Alas the DB server and HTTP server I use are from distinct domains, and
currently I cannot change that. Therefore I cannot test this.
> Note their might also be a third possibility that when
> data is requested off a different domain/host, the
> Plug-In pops a message asking the user if that is
> OK.
I have tried to launch the JNLP after removing the "all-permissions". Alas I
get this exception from the Oracle JDBC driver:
java.security.AccessControlException: access denied
(java.util.PropertyPermission oracle.jdbc.FastConnectionFailover read)
> I was surprised to see this 'allow on prompt' behaviour
> on a socket based example I worked on recently, and
It is a nice feature. Do you know in which version of JWS this mechanism has
been introduced?
> hazilly recall seeing it in a JEditorPane example that
> was browsing 'any old URL'.
Guillaume Cabanac
| |
| Andrew Thompson 2007-08-28, 7:17 pm |
| Guillaume Cabanac wrote:
...
>
>It is a nice feature. Do you know in which version of JWS this mechanism has
>been introduced?
AFAIU, it comes down to the parameters in the policy
files distributed with the runtime. At least that is
what I am guessing, have not had the time to look
into it closely.
--
Andrew Thompson
http://www.athompson.info/andrew/
Message posted via http://www.javakb.com
|
|
|
|
|