applets and applications developing applets and
play

Applets and Applications Developing Applets and Applications - PowerPoint PPT Presentation

Applets and Applications Developing Applets and Applications Application run by user, double-clickable/command-line Create a JPanel with the guts of the GUI/logic No restrictions on access, reads files, URLS, What will be in the


  1. Applets and Applications Developing Applets and Applications  Application run by user, double-clickable/command-line  Create a JPanel with the guts of the GUI/logic  No restrictions on access, reads files, URLS, …  What will be in the content pane of both deployments  GUI applications typically include a Jframe  Makes GUI very simple, see SameGame refactoring • Has title, menus, closeable, resizeable  Use JPanel in both Applet and Application  Applet is downloaded via the web  Test with application first, easier to read files/resources  Runs in browser, not trusted (but see policy later)  Migrate to Applet, test first with appletviewer  Can't read files on local machine (but see policy)  Migrate to web, may need to clear cache/reload  Can't be resized within browser  Uses jar file to get all classes at once  Ideally first cleanly into OOGA architecture • Alternative? Establish several connections to  Gui isn't the view, what about interfaces? server 7.1 7.2 Software Design Software Design Packages, JAR files, deployment Packages, javac, java, javadoc http://java.sun.com/docs/books/tutorial/jar/basics/index.html  In moderately big programs packages are essential  Can’t easily live in a directory with 50 .java files  Java packages correspond semantically to modules  Can’t easily co-exist in such a directory (related classes) and syntactically to a directory structure  Harder to use tools like Make and Ant  Class names correspond to file names  Package names correspond to directories  Each of javac, java, javadoc is slightly different with  Related classes belong together, easier to develop, packages, all must co-exist with CLASSPATH easier to deploy  File system vs. compiler vs. runtime  Leverage default/package access, use properties of  Source of confusion and problems protected which is subclass and package access  IDEs can manage Make/CLASSPATH issues 7.3 7.4 Software Design Software Design

  2. CLASSPATH and related concepts More package details  The default CLASSPATH is . current directory To compile   Can cd into directory and type javac *.java  Works fine with default/unnamed packages  Can also type javac ooga/*.java from one level up  Will not work with named packages  If CLASSPATH isn't set, the second won't work To run   Set CLASSPATH to directory in which packages live also  java ooga.TicTac will work, you must specify the "real" include current dir name of the class being used.  setenv CLASSPATH "~ola:."  Reading files requires full-paths or run from directory in  setenv CLASSPATH "`pwd`:." which file lives  On windows machines change registry variable, To document  separator is semi-colon rather than colon  http://java.sun.com/j2se/javadoc/faq.html  Don't need to use –sourcepath, but can  javadoc –d doc ooga ooga.timer ooga.game …  All problems are CLASSPATH problems 7.5 7.6 Software Design Software Design javadoc for packages From JITs to Deoptimization  See the javadoc faq  JITs compile bytecodes when first executed http://java.sun.com/j2se/javadoc/faq.html  If we can cache translated code we can avoid re-translating  For each package create a package.html file the same bytecode sequence • Not in /** */ javadoc format, strictly html  Spend time compiling things that aren’t frequently executed (optimistic optimization?) • First sentence after <body> is main description; a sentence ends with a period.  Errors indicate “compiled code” rather than line number • The package.html file should provide complete  Sun’s HotSpot VM uses a different strategy for performance instructions on how to use the package. All  Adaptive compilation: save time over JIT, compile programmer documentation should be accessible “hotspots” rather than everything, uses less memory, starts or part of this file, e.g., in the file or linked to the program faster, http://java.sun.com/products/hotspot/ file  No method inlining, but uses dynamic deoptimization  Use the {@link foo.bar bar} tag appropriately. • Program loads new subclass, compiled code invalid, so • See the FAQ, or the source for the elan package …? online  What does the class loader do?  You may want to keep .java and .class files separate, see 7.7 7.8 Software Design Software Design sourcepath and classpath as commandline args to java

  3. Loading .class files The ClassLoader  The bytecode verifier “proves theorems” about the bytecodes  The “boot strap” loader is built-in to the JVM being loaded into the JVM  Sometimes called the “default” loader, but it’s not  These bytecodes may come from a non-Java source, e.g., extensible or customizable the way other loaders are compile Ada into bytecodes (why?)  Loads classes from the platform on which the JVM runs (what are loader and JVM written in?)  This verification is a static analysis of properties such as:  .class file format (including magic number 0xCAFEBABE)  Applet class loader, RMI class loader, user loaders  Methods/instances used properly, parameters correct  Load .class files from URLs, from other areas of platform on which JVM runs  Stack doesn’t underflow/overflow  A class knows how it was loaded and new instances will use the same loader  Verification is done by the JVM, not changeable  Contrast ClassLoader, which is changeable, can modify  Why implement a custom loader? classes before they’re loaded into the JVM  Work at Duke with JOIE http://securingjava.com http://java.sun.com/sfaq/verifier.html 7.9 7.10 Software Design Software Design Applications and Applets Running an Applet  An applet has an init() method  An applet is a program delivered via the web  similar to constructor, called only once, when the  security issues, sandbox model applet is first loaded  where does code/images/etc come from? How is it  An applet has a start() method delivered?  called each time the applet becomes “active”, run the  what browsers support JDK1.2 out-of-the box? first time, or revisited e.g., via the back button in a  Use IE/Netscape with plugin, use Opera as is, use browser appletviewer for debugging, testing  An applet has a stop() method  called when applet is invisible, e.g., user scrolls or goes to another web page  Possible to wrap up lots of classes in a .jar file  other methods in an applet  java archive, similar to a tar file, possible to include  destroy, getAppletInfo, getParameterInfo .class files, .au, .gif, etc, so all code transferred at once  Applet subclasses Panel, so it is an Container/Component 7.11 7.12 Software Design Software Design

  4. Security Manager SecurityManager changes in JDK 1.1 Applets use a SecurityManager  Applets support signing  using digital signatures  Query for permissions  Signature stored with  Supported by browsers by code in JAR file that’s convention (would you use downloaded an “untrusted” browser)  Clients support The picture shows JDK 1.0  open/full access to model, “sandbox” restrictions “trusted” applets, supported by SecurityManager some signatures ok  Untrusted code restricted to  Still “all-or-nothing”, an the sandbox applet is untrusted or  All downloaded/applets are completely trusted untrusted  What might be  Severely limits what a preferable? downloaded program can do 7.13 7.14 Software Design Software Design SecurityManager changes in JDK 1.2 Networkable solutions  Using sockets we can pass objects back and forth between Policies are now supported  client and server, but we’re limited  Allow more fine-grained control of access,  Cannot call methods on objects between client/server, only send objects and respond to protocols permission  Based on location (URL)  Conceivably we’ll run into firewall problems and/or digital signatures  Uses public/private key,  RMI, Remote Method Invocation, can fix both these applets don’t need to be problems signed, can be from a  Clients call methods across machines, on objects trusted location running in other JVMs Set policies on a system   Built on top of HTTP, so can (in theory) be used wide basis using through firewalls policytool  Requires bookkeeping and security precautions, non-  What about user-level trivial to set up (not in theory, but in practice) permissions? 7.15 7.16 Software Design Software Design

Recommend


More recommend