Date: Fri, 16 May 1997 08:50:59 -0700
Message-Id: <199705161550.IAA08147@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: Nick.Efthymiou@Corp
Subject: Re: Help: AppletSecurityException: checkpackageaccess
Hi Nick,
I think you should be able to deploy a multi-package applet if the
packages are in the same URL. They should then share a classloader
and so the security manager should let package A create a class from
the other package.
I think in general there are many multi-package applets, but other
than hunting in www.gamelan.com, I don't know how to point you at any!
You're not attempting to define packages inside java.* or sun.*, are
you? Downloaded applets are kept from doing that in the currently
deployed model. For more info on the current model see
http://java.sun.com/sfaq/
In the next major JDK release we will support fine-grain access
control,meaning that you'll be able to configure the system to say
"applet foo can access packages from Package B" (among other things.)
You might also try joining the JavaSoft Developer Connection - I
believe they are starting up an online support network for people to
trade questions and hints and experiences.
Marianne
p.s.hypermail archive of Q&A sent to java-security@java.sun.com is
at
http://jeeves.javasoft.com/hypermail/java-security-archive/index.html
It's not a subscription list, and, it's not a developer support list,
it's a one-way channel to send questions to the Java security team.
We try to answer but we don't get a chance to answer all the questions
that come in.
> Date: Thu, 15 May 1997 18:27:27 -0700 (PDT)
> From: Nick Efthymiou <Nick.Efthymiou@Corp>
> Reply-To: Nick Efthymiou <Nick.Efthymiou@Corp>
> Content-MD5: wW5vwr1pOMnAOuAjd+JECw==
>
> Hi,
>
> you've worked on the Security Reference Model for JDK
> and may be able to help with a deployment problem I'm
> facing.
>
> Given (in file packageA/Client.java):
>
> package packageA;
>
> import packageB.Service;
>
> public class Client extends java.applet.Applet {
> public void init() {
> System.out.println("Applet in init");
> Service s = new Service(); /* here */
> }
> }
>
> and, in file packageB/Service.java:
>
> package packageB;
>
> public class Service {
> public Service() {
> System.out.println("Service OK");
> }
> }
>
> there is a sun.applet.AppletSecurityException: checkpackageaccess
> on line (/* here */), when the Applet is deployed:
> hotjava -log garbage.log http://bugweiser.corp/JavaClient/client-root/Client.html
> and I unset the CLASSPATH env. variable.
>
> Has anyone managed to get a multi-package Applet deployed
> without getting the packages off the local machine? Am I
> missing a step? 20.17.28 and 20.17.29 in the language
> spec didn't help much either.
>
> Thanks for any advice you may have.
>
> - Nick -
>
>