What behavior differences should I expect in an Application versus an Applet with 'All Permissions'?

[Kevin Rushforth]

I don't think that this behavioral difference is intentional. Without 
looking, I suspect that it might be the result of some code using a 
check for the existence of a security manager -- 
System.getSecurityManager() != null -- as an indication that the 
application is running without privileges. Most of our code checks 
whether AllPermission is available, but it is possible that this wasn't 
done in some cases. Martin Sladecek can probably answer this.

-- Kevin


ngalarneau at abinitio.com wrote:
> Hello,
>
> I have a JavaFX Application that runs fine.
> When I package it as an Applet (three cheers for javafxpackager!), and 
> give that Applet "All Permissions", the Applet throws exceptions and fails 
> to start.
>
> One difference is in fields initialized by FXMLLoader. When those fields 
> have default accessibility they are initialized in the Application but not 
> in the Applet. When those fields are changed to public accessibility, then 
> they are initialized in both the Application and the Applet as well.
>
> Given the extra build & debug complexity with Applets, I did an 
> experiment. I tried running the Application with a SecurityManager that 
> approves (doesn't throw an exception for) all checkPermission() calls.
>
> Bingo! Similar failures.
>
> Now I have a number of questions:
>
> 1) How does JavaFX code behave differently when run as an Application with 
> no Security Manager and as an Applet given 'All Permissions'?
>
> 2) How does JavaFX code behave differently when run as an Application with 
> no Security Manager and as an Application with a Security Manager whose 
> checkPermission() methods never throw an exception?
>
> 3)  How does JavaFX code behave differently when run as an Application 
> with a Security Manager whose checkPermission() methods never throw an 
> exception and as an Applet given 'All Permissions'?
>
> 4) Why does an Application behave differently when run as an Application 
> with no Security Manager and as an Application with a Security Manager 
> whose checkPermission() methods never throw an exception? I find that 
> difference surprising (but not shocking).
>
> 5) Is any of this documented anywhere? I would rather not have to map the 
> minefield myself.
>
> 6) Are differences like this documented for the non-JavaFX parts of Java?
>
>
> Thank you for taking the time to read this long email,
>
> Neil
>
>
>  
> NOTICE from Ab Initio: This email (including any attachments) may contain 
> information that is subject to confidentiality obligations or is legally 
> privileged, and sender does not waive confidentiality or privilege. If 
> received in error, please notify the sender, delete this email, and make 
> no further use, disclosure, or distribution. 
>