Security in Rich Internet Applications
The security model behind rich Internet applications (RIAs) works to protect the user from malicious Internet applications. This topic discusses security aspects that are common to applets and Java Web Start applications. See the following topics for more information:
RIAs can be restricted to the Java security sandbox or request permission to access resources outside the sandbox. The first time an RIA is launched, the user is prompted for permission to run. The dialog shown provides information about the signer's certificate and indicates if the RIA requests permission to run outside the sandbox. The user can then make an informed decision about running the application.
Apply the following guidelines to help secure your RIAs.
- Sign the JAR file of the RIA with a certificate from a recognized certificate authority. For more information, see the Signing and Verifying JAR Files topic.
- If the RIA requires access outside of the security sandbox, specify the
all-permissionselement in the JNLP file for the RIA. Otherwise, let the RIA default to running in the security sandbox. The following code snippet shows the
all-permissionselement in the RIA's JNLP file.
<security> <all-permissions/> </security>
- A JNLP file can only include JAR files signed by the same certificate. If you have JAR files that are signed using different certificates, specify them in separate JNLP files. In the RIA's main JNLP file, specify the
component-descelement to include the other JNLP files as component extensions. See Structure of the JNLP File for information.
- Avoid mixing privileged and sandbox components in a RIA, if possible, as they can raise security warnings about mixed code. See Mixing Privileged Code and Sandbox Code for more information.
- Include the
Codebaseattributes in the JAR file manifest to ensure that your RIA requests only the permissions you specify, and that the RIA is accessed from the correct location. See JAR File Manifest Attributes for Security for information.
- JAR file manifest attributes enable you to restrict access to your RIA and help to ensure that your code is not tampered with. See Enhancing Security with Manifest Attributes for information on all of the JAR file manifest attributes that are available.