From my last post, I wrote about finding a specific file on a random mountpoint/drive.
The next step in this process was granting permission to the applet to access said file system, and do other things like make a network connection. It made sense in principal, but was hard to find definitive answers – so here’s how I solved it (avoiding inner classes).
The privileged class
This is the class that’s actually going to the donkey work, but needs the fact that you’re using a signed applet and the user has given it permission to do what you’d like to do:
import java.security.PrivilegedAction;
public class SomeClass implements PrivilegedAction<Object> {
private String privilegedValue;
public Object run() {
// Do the things that require permission
return null;
}
public String getPrivilegedValue() {
return privilegedValue;
}
}
The most important part of the above is the fact that you need the run method – which shouldn’t return anything (though it could if you’d like it too – though you will then need to change the nature of the class return as a PrivilegedAction<SomeOtherType>).
The applet
Then you have the applet (which needs to be signed – but more on that later).
import java.applet.Applet;
import java.security.AccessController;
public class SomeApplet extends Applet {
public static final long serialVersionUID = 1;
public void init() {
SomeClass someClass = new SomeClass();
AccessController.doPrivileged(someclass);
String privilegedValue = someClass.getPrivilegedValue();
}
}
The most important thing (and it took me a while to find out about it) was the public static member variable serialVersionUID. Unless this it’s in there, the whole privileged action won’t work.
I think next time it’ll be about signing, and creating your jar file.
If you enjoyed this article, please consider sharing it!
