Applets with Security Clearance

There are some situations where you want an applet to perform tasks outside of the normal security limitations.
Fortunately, there is a way to declare an applet as being safe so that it can use certain "secure" features. Even so, users are still given a chance to verify secure applets before they are allowed to run. Applets attain a secure status by having a digital signature attached to them, which acts somewhat like a handwritten signature. A digital signature verifies the source of an applet and gives the user confidence that it has not been tampered with.
The logic is that if you trust the applet source and deem it reliable, then you can trust the applet. Applets with digital signatures are referred to as signed applets, and have little or no security constraints.

Java applets are often subject to security restrictions that prevent them from performing tasks outside of their normal operating environment. However, there are ways to grant applets permission to access resources and perform tasks that would otherwise be prohibited. One way to do this is through the use of digital signatures. When an applet is signed with a digital signature, it is granted permission to access certain resources and perform specific tasks. This signature verifies the identity of the applet's creator and ensures that the applet has not been tampered with since it was signed.
Another way to grant applets permission is through the use of policy files. Policy files are configuration files that specify which permissions are granted to which applets. These files can be used to grant applets permission to access specific resources or perform certain tasks, such as accessing the user's file system or interacting with the network. In addition, some web browsers provide a sandbox environment for running applets. This sandbox environment restricts the applet's access to resources and prevents it from performing certain tasks that could be harmful. However, some browsers allow users to adjust the security settings and grant additional permissions to applets if desired.
It is important to note that granting applets permission to perform tasks outside of the normal security limitations can be risky, as it could potentially allow malicious applets to perform harmful actions on the user's system. Therefore, it is important to only grant permissions to trusted applets from reputable sources.

This section discusses first the Toolkit getImage methods and then the Applet getImage methods. The Toolkit class declares two getImage methods:

1. Image getImage(URL url)
2. Image getImage(String filename)

Here are examples of using the Toolkit getImage methods. Although every Java application and applet can use these methods, applets are subject to the usual security restrictions. In particular, untrusted applets can't successfully specify a filename to getImage because untrusted applets can't load data from the local file system. You can find information about restrictions on untrusted applets in Security Restrictions .

Toolkit toolkit = Toolkit.getDefaultToolkit();
Image image1 = toolkit.getImage("imageFile.gif");
Image image2 = toolkit.getImage(
new URL("http://java.sun.com/graphics/people.gif"));

The Applet class supplies two getImage methods:

1. Image getImage(URL url)
2. Image getImage(URL url, String name)

Only applets can use the Applet getImage methods. Moreover, the Applet getImage methods do not work until the applet has a full context (AppletContext). For this reason, these methods do not work if called in a constructor or in a statement that declares an instance variable. You should instead call getImage from a method such as init.