Trail: Security Features in Java SE
Lesson: Quick Tour of Controlling Applets
Observe Applet Restrictions
« PreviousTOCNext »
Quick Tour of Controlling Applets
Observe Applet Restrictions
Set up a Policy File to Grant the Required Permission
Start Policy Tool
Grant the Required Permission
Save the Policy File
See the Policy File Effects
One way the Java platform uses a Security Manager to keep viruses from accessing your comuter through a java application. Currently JDK system code invokes security manager methods to perform resource access control checks.

Most browsers install a security manager, so applets usually run under the scrutiny of a security manager. No applet is allowed to access a resource unless the Security Manager finds that permission has been explicitly granted to access that system resource. That permission is granted by an entry in a policy file.

Here's the source code for an applet named WriteFile that tries to create and to write to a file named writetest in the current directory. This applet will not be able to create the file unless it has explicit permission in a policy file.

Type this command in your command window: 

appletviewer http://java.sun.com/docs/books/tutorial/
security1.2/tour1/examples/WriteFile.html
Type this command on a single line, without spaces in the URL.

You should see a message about a security exception, as shown in the following figure. This is the expected behavior; the system caught the applet trying to access a resource it does not have permission to access.

WriteFile doesn't have permission to write to writetest

Previous page: Quick Tour of Controlling Applets
Next page: Set up a Policy File to Grant the Required Permission