Re: Java Web Start, Applet and Windows Users Groups
alex.sales@gmail.com wrote:
...
I am currently choosing the technology for an application which will
be largely deployed (> 2000 users)
My advice is to avoid applets completely, and use
web start. (Mix applets with security for nightmares.)
But I do not immediately know the answers to your
questions, so perhaps we can both find out at the
same time. This is assuming you have access to
one of these machines for testing purposes, and
can report your findings back (I am interested).
So, let's do some tests, OK?
I have many questions regarding Java Web Start, Java applet and
security :
1) I have few informations regarding the restrictions of the users on
their PCs. In the worth case, is a restricted user belonging to Guest
group will be able to install a Java Web Start application (assuming
that he already has the accurate JVM installed) ?
One of the simplest JWS apps.
<http://www.physci.org/jws/#jtest>
See if these PCs can launch either the application,
<http://www.physci.org/pc/jtest.jnlp>
or applet,
<http://www.physci.org/pc/jtest-applet.jnlp>
..If yes, once
installed, will he be able to save data from the JWS application ?
Try the persistence service..
<http://www.physci.org/jws/#ps>
specifically
<http://www.physci.org/jws/persistserv.jnlp>
...
3) How to secure the source code of an applet (I want the user not to
be able to decompile and view the source code) ?
Forget about this, for either a JWS app. or applet.
Is the code really that bad that you need to hide it?
(That, and making binaries smaller, is about all
that obfuscation is good for..)
Code can be 'hidden' from the end-user by running
it on your own server and providing only a web based
interface to it. In most situations, that is impractical.
But in any case where the bytecodes reach the
end-user's PC - "the code is 'mine', buddy".
--
Andrew Thompson
http://www.athompson.info/andrew/
Message posted via http://www.javakb.com