JAVA
`FOUNDATION
`CLASSES
`IN A NUTSHELL
`
`A Desktop Quick Reference
`
`O ’REILLY®
`
`David Flanagan
`
`Juniper Ex. 1018-p. 1
`Juniper v Finjan
`
`

`

`Having created a JAR file like this, you can tell a web browser about it with the
`following HTML tags:
`
`<APPLET ARCHIVE="myapplet.jar" CODE="myapplet.class" WIDTH=400 HEIGHT=200>
`</APPLET>
`The ARCHIVE attribute does not replace the CODE attribute. ARCHIVE specifies where
`to look for files, but CODE is still required to tell the browser which of the files in
`the archive is the applet class file to be executed. The ARCHIVE attribute may actu
`ally specify a comma-separated list of JAR files. The web browser or applet viewer
`searches these archives for any files the applet requires. If a file is not found in an
`archive, however, the browser falls back upon its old behavior and attempts to
`load the file from the web server using a new HTTP request.
`Web browsers introduced support for the ARCHIVE attribute at about the same time
`that Java 1.1 was introduced. Some Java 1.0 browsers do not recognize ARCHIVE
`and therefore ignore it. If you want to maintain compatibility with these browsers,
`be sure to make your applet files available in an unarchived form, in addition to
`the more efficient archived form.
`
`Using Applets with the Java Plug-in
`When a Java-enabled web browser encounters an <APPLET> tag, it starts up its
`embedded Java VM, downloads the class files that implement the applet, and starts
`running them. This approach has run into difficulties because web browser
`releases are not synchronized with releases of new versions of Java. It was quite a
`while after the release of Java 1.1 before commonly used browsers supported this
`version of the language, and there are still quite a few browsers in use that sup­
`port only Java 1.0. It is not at all clear when, or even if, browsers will include sup­
`port for the Java 2 platform. Furthermore, because of the lawsuit between Sun and
`Microsoft, the future of integrated Java support in the popular Internet Explorer
`web browser is questionable.
`For these reasons, Sun has produced a product called the Java Plug-in. This prod­
`uct is a Java VM that acts as a Netscape Navigator plug-in and as an Internet
`Explorer ActiveX control. It adds Java 1.2 support to these browsers for the Win­
`dows and Solaris platforms. In many ways, Java support makes the most sense as
`a plug-in; using the Java Plug-in may be the preferred method for distributing Java
`applets in the future.
`There is a catch, however. To run an applet under the Java Plug-in, you cannot
`use the <APPLET> tag. <APPLET> invokes the built-in Java VM, not the Java Plug-in,
`Instead, you must invoke the Java Plug-in just as you would invoke any other Nav­
`igator plug-in or Internet Explorer ActiveX control. Unfortunately, Netscape and
`Microsoft have defined different HTML tags for these purposes. Netscape uses the
`<EMBED> tag, and Microsoft uses the <0BJECT> tag. The details of using these tags
`and combining them in a portable way are messy and confusing. To help applet
`developers, Sun distributes a special HTML converter program that you can run
`over your HTML files. It scans for <APPLET> tags and converts them to equivalent
`<EMBED> and <0BJECT> tags.
`
`Consider the simple HTML file we used for the first applet example in this chapter:
`
`<APPLET code="MessageApplet.class" width=350 height=125>
`<PARAM name="message" value=“Hello World">
`</APPLET>
`When run through the HTML converter, this tag becomes something like this:
`OBJECT classid="clsid:8AD9C840-044E-llDl-B3E9-00805F499D93"
`.
`codebase=
`"http://java.sun.com/products/plugin/1.2/jinstall-12-win32.cab#Version-l,2,0,0
`WIDTH=350 HEIGHT=125>
`n
`_
`<PARAM NAME=C0DE VALUE="MessageApplet.cl ass" >
`<PARAM NAME="type" VALUE-’application/x-java-applet;version=1.2">
`<PARAM NAME="message" VALUE-'Hello World">
`
`•
`
`<C0MMENT>
`<EMBED type-'appl1eation/x-java-applet;version=l.2"
`pluginspage=
`_
`"http://java.sun.com/products/plugin/1.2/pl ugin-install.html"
`java_CODE="MessageApplet.class"
`WIDTH=350 HEIGHT=125 message="Hello World">
`</EMBED>
`</C0MMENT>
`</0BJECT>
`When Navigator reads this HTML file, it ignores the <0BJECT> and <C0MMENT> tags
`that it does not support and reads only the <EMBED> tag. When Internet Explorer
`reads the file, however, it handles the <0BJECT> tag and ignores the <EMBED> tag
`that is hidden within the <C0MMENT> tag. Note that both the <0BJECT> and <EMBED>
`tags specify all the attributes and parameters specified in the original file. In addi­
`tion, however, they identify the plug-in or ActiveX control to be used and tell the
`browser from where it can download the Java Plug-in, if it has not already down­
`loaded it.
`You can learn more about the Java Plug-in and download the HTML converter util­
`ity from http://java.sun.com/products/plugin.
`
`Applet Security
`One of the most important features of Java is its security model. It allows untrusted
`code, such as applets downloaded from arbitrary web sites, to be run in a
`restricted environment that prevents that code from doing anything malicious, like
`deleting files or sending fake email. The Java security model has evolved consider­
`ably between Java 1.0 and Java 1.2 and is covered in detail in Java in a Nutshell.
`To write applets, you don’t need to understand the entire Java security model.
`What you do need to know is that when your applet is run as untrusted code, it is
`subject to quite a few security restrictions that limit the kinds of things it can do.
`This section describes those security restrictions and also describes how you can
`attach a digital signature to applets, so that users can treat them as trusted code
`and run them in a less restrictive environment.
`The following list details the security restrictions that are typically imposed on
`tint rusted applet code. Different web browsers and applet viewers may impose
`
`A t \ t \ h i t C o r w W h i
`
`7 3-?
`
`Juniper Ex. 1018-p. 2
`Juniper v Finjan
`
`

`

`This is to prevent untrusted code from spoofing the on-screen appearance of
`trusted code. Additionally, untrusted code cannot:
`-
`Initiate a print job
`Access the system clipboard
`- Access the system event queue
`Untrusted code has restricted access to system properties. It cannot call Sys­
`tem. getPropertiest), so it cannot modify or insert properties into the system
`properties list. It can call System, get Property!) to read individual properties
`but can read only system properties to which it has been explicitly granted
`access. By default, appletviewer grants access to only the following 10 proper­
`ties. Note that user.home and user.di r are excluded:
`
`- java.version
`
`java.class.version
`
`java.vendor
`
`java.vendor.url
`
`- os.name
`
`os.version
`
`os.arch
`
`11le.separator
`
`path.separator
`
`Applets
`
`11ne.separator
`I 'unlisted code cannot create or access threads or thread groups outside of
`die line.id group in which the untrusted code is running.
`I hiiMisled code has restrictions on the classes it can load and define. It can­
`not:
`
`l split itly load classes from the sun.* packages
`Define classes in any of the java.* or sun.* packages
`< le.iie a ClassLoader object or call any ClassLoader methods
`i M ini .le d code cannot use the java.lang.Class reflection methods to obtain
`Ini.......iiithi about nonpublic members of a class, unless the class was loaded
`hi m i d ie s a m e host as the untrusted code.
`
`slightly different security restrictions and may allow the end user to customize or
`selectively relax the restrictions. In general, however, you should assume that your
`untrusted applet are restricted in the following ways:
`
`• Untrusted code cannot read from or write to the local filesystem. This means
`that untrusted code cannot:
`- Read files
`- List directories
`- Check for the existence of files
`- Obtain the size or modification date of files
`- Obtain the read and write permissions of a file
`- Test whether a filename is a file or directory
`- Write files
`- Delete files
`- Create directories
`- Rename files
`- Read or write from Fi 1 eDescri ptor objects
`• Untrusted code cannot perform networking operations, except in certain
`restricted ways. Untrusted code cannot:
`.
`
`- Create a network connection to any computer other than the one from
`which the code was itself loaded
`- Listen for network connections on any of the privileged ports with mini
`bers less than or equal to 1,024
`- Accept network connections on ports less than or equal to 1,024 or from
`any host other than the one from which the code itself was loaded
`- Use multicast sockets
`- Create or register a Socketlmpl Factory, URLStreamHandl erFactory, or
`ContentHandlerFactory
`• Untrusted code cannot make use of certain system facilities. It cannot:
`- Exit the Java interpreter by calling System.exit!) or Runtime.exit!)
`-
`Spawn new processes by calling any of the Runtime.exec() methods
`- Dynamically load native code libraries with the load!) or loadLlbrsir y( i
`methods of Runtime or System
`• Untrusted code cannot make use of certain AWT facilities. One major result
`tion is that all windows created by untrusted code display a prominent visual
`indication that they have been created by untrusted code and are “insecure
`
`Juniper Ex. 1018-p. 3
`Juniper v Finjan
`
`

`

`• Untrusted code has restrictions on its use of the java.security package. It
`cannot:
`- Manipulate security identities in any way
`-
`Set or read security properties
`- List, look up, insert, or remove security providers
`-
`Finally, to prevent untrusted code from circumventing all of these restric­
`tions, it is not allowed to create or register a Securi tyManager object.
`
`Local Applets
`When an applet is loaded from the local filesystem, instead of through a network
`protocol, web browsers and applet viewers may relax some, or even many, of the
`preceding restrictions. The reason for this is that local applets are assumed to be
`more trustworthy than anonymous applets from the network.
`Intermediate applet security policies are also possible. For example, an applet
`viewer can be written so that it places fewer restrictions on applets loaded from an
`internal corporate network than on those loaded from the Internet.
`
`Signed Applets
`Java 1.1 added the ability to attach a digital signature to a JAR file that contains an
`applet. This signature securely identifies the author or origin of an applet. If you
`trust the author or originating organization, you can configure your web browser
`or applet viewer to run applets bearing that signature as trusted code, rather than
`as untrusted code. Such an applet runs without the onerous security restrictions
`placed on untrusted applets. Java 1.2 platform actually allows the security policy to
`be customized based on the origin of an applet. This means that an end user or
`system administrator may define multiple levels of trust, allowing fully trusted
`applets to run with all the privileges of a standalone application, while partially
`trusted applets run with a reduced list of security restrictions.
`The process of attaching a digital signature to an applet’s JAR file is platform
`dependent. In Java 1.1, you use the javakey program. In Java 1.2, this program has
`been superseded by jarsigner. Netscape and Microsoft also provide their own digl
`tal signature programs that are customized for use with their browsers.
`The process of telling your web browser or applet viewer which digital signatured
`to trust is also vendor dependent, of course. In Java 1.1, you use javakey to spec
`ify which signatures are trusted. In Java 1.2, you use a different tool, policytool, in
`specify trusted signatures and the security policies associated with them. See Java
`in a Nutshell for further details.
`
`-t •**
`
`..'ll . i -
`
`-*
`
`A . . I j -
`
`PART II
`
`API Quick Reference
`
`in II is the real heart of this book: quick-reference material for the APIs
`Ii.ii comprise the Java Foundation Classes. Please read the following sec-
`ion. I low To Use This Quick Reference, to learn how to get the most out of
`Ills material.
`I i.i | in i H, The java.applet Package
`I m | iii a 9, The java.awt Package
`I c 11 >ii i 10, The java .awt. color Package
`1111 in I II, The java. awt. datatransfer Package
`1111' i' i 12, The ja va . awt. dnd Package
`1111 p11 • i 13, 'the java.awt.dnd.peer Package
`1111 a i i I i, The java. awt.event Package
`111| 'll I IS, The java.awt.font Package
`I i.i pi i a 16, The java.awt.geom Package
`1111 »ii i I '. The java.awt.im Package
`1111 u - i IH, The java.awt.image Package
`1111 iii i 10, The java. awt. image, renderable Package
`I iii | it i a .10, The java.awt.peer Package
`1111 ■!< i ’ I The java.awt.print Package
`I i.i I 'I* i 22, The javax.accessibility Package
`I la pi ci 23, The javax.swing Package
`I iipii i
`'i, the javax.swing, border Package
`lliiplci 23, 'Thejavax.swing.colorchooserPackage
`I it I ii< i ’(i, the javax.swing.event Package
`hiiptci
`The javax. swing.filechooser Package
`111 pi • i 2M, The javax.sw ingplaf Package
`lliiplci 20, The javax.swing.table Package
`I in pi ■ i to. The javax.swing.text Package
`
`Juniper Ex. 1018-p. 4
`Juniper v Finjan
`
`