2

I just don't know what the right codes should i put, i already tried so many ways to have an access to read and write. My main goal is when i click the button in Java Application, the download will start.

Improve this question
5
  • 1
    "My main goal is when i click the button in Java Application, the download will start." Why not just offer the file to the user for download? That can be done in an HTML link, JS, or a sandboxed applet using showDocument(..).. Commented May 14, 2015 at 3:54
  • @AndrewThompson does the sandboxed applet have a rights to access local file system? Commented May 14, 2015 at 4:22
  • No, of course not. But 'accessing the local file system' is not necessary in order to use showDocument(..)! Commented May 14, 2015 at 4:27
  • @AndrewThompson in showDocument(..), if i use this, can this will cause a download for an specific file? Commented May 14, 2015 at 4:30
  • 2
    Try Reading The Fine Manual (and also, trying it)! You will not get very far in programming unless you get used to reading lots of documentation. SO is not the place to ask questions that are answered in that documentation. Commented May 14, 2015 at 4:39

1 Answer 1

Reset to default
1

You can't access the local filesystem from a Java sandbox applet. Reading the documentation What Applets Can and Cannot Do, you will see:

Sandbox applets cannot perform the following operations:

  • They cannot access client resources such as the local filesystem, executable files, system clipboard, and printers.

  • They cannot connect to or retrieve resources from any third party server (any server other than the server it originated from).

  • They cannot load native libraries.

  • They cannot change the SecurityManager.

  • They cannot create a ClassLoader.

  • They cannot read certain system properties. See System Properties for a list of forbidden system properties.

If you want to bypass these restrictions you have to use a priviliged applet:

Privileged applets do not have the security restrictions that are imposed on sandbox applets and can run outside the security sandbox.

For this, you will need to sign your jar and add the following code snippet in the JNLP file:

<security>
   <all-permissions/>
</security>

Then the user has to grant the permission. From the documentation:

The first time an RIA is launched, the user is prompted for permission to run. The dialog shown provides information about the signer's certificate and indicates if the RIA requests permission to run outside the sandbox. The user can then make an informed decision about running the application.

Read Security in Rich Internet Applications and Deploying With the Applet Tag for more information.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I already tried to signed my jar and yes it works local when i make an local HTML file, my question is if i put it online or an website, is it still working? What i mean is, is it still download a file if i click an specific button in my Java application embedded in HTML?
Yes, if the user grant the permission. See my updated answer.
Just be aware that most security experts advise that people uninstall the Java plugin from their browser because it has proved to be such a big security hole. And that any educated user will not give enhanced access permissions to an applet that is signed by a self-signed certificate (one which has not been issued by a respected certificate authority).
@Bobulous So do you have any suggestion what should i use? I still wanted to use java.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.