Re: Writing jnlp program for both sandbox and all-permissions
On Mar 28, 11:01 am, David Lamb <dal...@cs.queensu.ca> wrote:
Alan Malloy wrote:
David Lamb wrote:
You seem to be suggesting it is wise to plan for an intermediate level
of permissions between just sandbox and allpermissions. Is it commo=
n
to do that, or do most people just go for allpremissions if sandbox is
unacceptable?
I think many people do go for allpermissions, but it's not the best
strategy if you're hoping for people who don't implicitly trust you or
your company to download and run your program.
The only documentation I could find on the <security> element in .jnlp
files (for Java 1.6)only mentions allpermissions.http://java.sun.com/java=
se/6/docs/technotes/guides/javaws/developersg...
The developers guide is a good overview, but for the
low down details on JNLP, download the spec. I asked
a member of the Sun deployment team if they could make
the entire spec. web browsable on their site, but the
reply was WTE "No, because of 'licensing'".
<http://java.sun.com/javase/technologies/desktop/javawebstart/download-
spec.html>
Are there other elements that can go there, ..
The oddly named 'j2ee-application-client-permissions'.
That gets unprompted access to the JNLP API services
for the FileOpen/SaveService, the ExtendedService,
the PrintService.. (I think that is it). And the window
warning/banner is removed.
The JACP permissions are rarely used, but handy for
those cases where they are the only extended permissions
that might be of use to an app.
Note that I offer JaNeLA* to validate the launch
files and other resources of JWS based launches.
I mention this because you used the term 'allpermissions'
twice above (one time incorrectly spelt). There is
no such security level.
* <http://pscode.org/janela>
Alternately, if you can 'read' an XSD, you might
go directly to the XSD used by JaNeLA to find what
is allowable.
<http://pscode.org/JNLP-6.0.xsd>
--
Andrew T.
pscode.org