提供一个备用的Applet安全例外 [英] Offering a fallback on Applet Security Exception

问题描述

我有一个需要与一些特权运行，这意味着在加载时会显示警告信息的小程序。如果用户拒绝警告消息，我想重定向到一个错误页面，并解释发生了什么。有没有办法做到这一点？

我看着于具有定时器运行，在一定时间后重定向但是这并不准确，这将是很好赶上从弹出的反应吧。

如果用户拒绝警告下抛出异常：

  java.lang.SecurityException异常：尝试打开沙盒罐[JAR文件]
    作为一个可信库
 

唯一的例外是达到初始化函数之前抛出。

解决方案

  

我看着在具有计时器的运行，并重定向一个一定的时间段之后..

..扩展，要添加JS函数，取消计时器，然后调用从applet的JS，大约是你可以得到最好的保护。

在保安有关事项的一个try / catch可以为一些的JRE来加载小程序沙箱如果安全提示被拒绝，但其他的运行时间（尤其是的冰茶的JRE）将不会加载在所有如果安全提示被拒绝的小程序。

  

我有一个需要用一些特权运行applet ..基本上，我们存储文件存在，该文件可以是任何文件，因此大小可为任意值。用户将选择这个文件，他们自己和他们可以选择从1KB文本文件到一个多GB的电影什么。 ..

如果用户可以保证有一个'下一代' - 插件2 JRE（在小程序信息页面提及。 ），有可能使用在一个嵌入式小程序将JNLP API。该JNLP服务提供访问本地磁盘的沙箱应用程序。见JNLP文件服务这演示。

但有一个轻微的顺利。没有选择坚持到用户选择的文件中的路径。在这种较小的安全环境下，JRE不提供文件而是一个JNLP API FileContents 对象。它不会提供一个路径，而不是序列化。但是，如果用户愿意选择文件每次运行，它可能是可行的。

---

..并让我想起。也许对于推出可信的应用程序更好的选择。是提供一个自由浮动（applet或）使用 Java Web Start的。如果用户拒绝，它从来没有出现在屏幕上，但他们可以再次点击启动按钮任何他们喜欢的时间（再次提示）。

I have an Applet that is required to run with some privileges, meaning a warning message will be displayed when it loads. If the user denies the warning message I would like to redirect to an error page and explain what happened. Is there any way to do this?

I looked in to having a timer running and redirect after a certain time period but that's not that exact and it would be nice to catch the response from the pop-up instead.

The following exception is thrown if the user denies the warning:

java.lang.SecurityException: attempted to open sandboxed jar [jar-file] 
    as a Trusted-Library

The exception is thrown before reaching the init function.

解决方案

I looked in to having a timer running and redirect after a certain time period ..

..extend that to add a JS function that cancels the timer, then call that JS from the applet, is about the best protection you can get.

A try/catch on security related matters can work for some JREs that load applet sand-boxed if the security prompt is refused, but other run-times (notably the Iced Tea JRE) will not load the applet at all if the security prompt is refused.

I have an Applet that is required to run with some privileges.. Basically we store a file there, the file can be any file and the size can therefore be any value. The user will choose this file themselves and they can choose anything from a 1kb textfile to a many-gigabyte movie. ..

If the user can be guaranteed to have a 'Next Generation' - Plug-In 2 JRE (mentioned in the applet info. page), it is possible to the use the JNLP API in an embedded applet. The JNLP services provide access to the local disks for a sand-boxed app. See this demo of the JNLP file services.

But there is a slight hitch. There is no option to persist the path to the file chosen by the user. In this lesser security environment, the JRE does not provide a File but instead a JNLP API FileContents object. It will not provide a path and is not serializable. But if the user is willing to choose the file each run, it could be workable.

---

..and that reminds me. Perhaps a better alternative for launching trusted apps. is to offer a free-floating (applet or) frame using Java Web Start. If the user refuses, it never appears on-screen, but they can click the launch button again any time they like (to be prompted again).

这篇关于提供一个备用的Applet安全例外的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！