Signed Java Applets have the same security clearance as a normal Java application running on the client. For a particular project, I need these permissions, and I need to perform privileged operations as a result of a JavaScript call.
Now, the problem is that, at least for Firefox 3 in Ubuntu (target browser and platform), when an applet method is invoked through unsigned JavaScript it loses its special permissions. As signing the JavaScript is not an option, I need a way to work around this restriction.
One way to achieve this is to create a thread when the applet starts, and call methods on that thread whenever the main thread receives the JavaScript calls. I have implemented a working prototype of that idea, but I have found it a bit clumsy, because it uses too much reflection and isn't as easily reusable as I would have wanted.
Is there a mon, standard way of doing what I'm trying to do? And, if my idea is the right way to go, how would you go about implementing it in a reusable way? What I'm trying to achieve is a framework that allows this "running-methods-in-a-privileg-thread" thing to be used for a variety of objects. The ideal, utopic solution would be something like:
// when the applet starts-up
PrivilegedExecuter priv = new PrivilegedExecuter(myObject); //or MyClass.class
// ...
// inside a JavaScript-called method (myObject has myMethod)
priv.myMethod(); // myMethod is run synchronously in a privileged thread
Signed Java Applets have the same security clearance as a normal Java application running on the client. For a particular project, I need these permissions, and I need to perform privileged operations as a result of a JavaScript call.
Now, the problem is that, at least for Firefox 3 in Ubuntu (target browser and platform), when an applet method is invoked through unsigned JavaScript it loses its special permissions. As signing the JavaScript is not an option, I need a way to work around this restriction.
One way to achieve this is to create a thread when the applet starts, and call methods on that thread whenever the main thread receives the JavaScript calls. I have implemented a working prototype of that idea, but I have found it a bit clumsy, because it uses too much reflection and isn't as easily reusable as I would have wanted.
Is there a mon, standard way of doing what I'm trying to do? And, if my idea is the right way to go, how would you go about implementing it in a reusable way? What I'm trying to achieve is a framework that allows this "running-methods-in-a-privileg-thread" thing to be used for a variety of objects. The ideal, utopic solution would be something like:
// when the applet starts-up
PrivilegedExecuter priv = new PrivilegedExecuter(myObject); //or MyClass.class
// ...
// inside a JavaScript-called method (myObject has myMethod)
priv.myMethod(); // myMethod is run synchronously in a privileged thread
2 Answers
Reset to default 8Use the java.security.AccessController class.
There is a doPrivilegedAction and doPrivilegedExceptionAction that do exactly what you need.
For example:
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
.. do something that only works with signed applets ..
}
});
It's worth adding: make your privaction'd run() method as small and self-contained as possible. Obviously you could just have your signed applet's init() method call a privileged run() which in turn does the actual applet, but that's just begging to be abused, misused accidentally, or outright exploited.
Also, the fact that signed applets lose their special permissions when called by JavaScript is not specific to a particular browser or platform. That's just how it is, everywhere, all the time.