The security model behind rich Internet applications (RIAs) ensures that the user is protected from malicious internet applications. This topic discusses security aspects that are common to applets and Java Web Start applications. See the following topics for more information:
Unsigned RIAs run in a restricted environment known as a security sandbox. Apply the following guidelines to enable RIAs to run outside the security sandbox.
all-permissions
element in the JNLP file for the RIA.
For more information, see the Signing and Verifying JAR Files topic.
The following code snippet shows the all-permissions
element in
the RIA's JNLP file.
<security> <all-permissions/> </security>
If the certificate used to sign the RIA has not been previously approved, the Java Runtime Environment (JRE) software opens a dialog box displaying the RIA's origin based on the signer's certificate. The user can then make an informed decision about running the application.
component-desc
element to
include the other JNLP files as component extensions. See
Structure of the JNLP File for information.
AccessController.doPrivileged
block. This allows the unsigned code to run with elevated permissions when
executing the code in the doPrivileged
code block.