JDL Based Applets and File Access

John W. Campbell

Introduction

Java Applets are, in general, forbidden access to the user's local file system. To run the Java based PXimage applet to display a user's own image file, requires that this restriction is overcome. For a program such as PXSim, it also highly desirable that the user should be able to read and write the DDM parameter files.

The literature on how these restrictions may be overcome is contradictory especially when dealing with so called 'unsigned' applets. For the mechanism described here, it is certainly necessary to be using the Java 2 run time environment.

The mechanism involves setting up appropriate 'policy files'.

Because the applet restrictions mean that the normal 'File Selector' mechanism for the system cannot be used to scan directories/folders and select file names, an option has been devised for JDL based programs to enable directories/folders to be represented by user selected logical names e.g. the directory/folder containing images might be represented by the logical name 'IMG'.

The examples given are for a user named 'fred' and are for guidance only.

List of sections:

Policy Files
Logical File Path Names

Policy Files

The required file read/write permissions are enabled by setting up policy files. These are text based files. There is a 'policytool' program supplied with Java to help set these up but it may be easier just to create them using a normal text file editing program. For a detailed description, see the Sun Java Website.

Below are two examples of policy files set up for use with the PXImage and PXSim applets on the CCP4 web server. They may be used, for example, in the image display example applets which allow the user to display their own locally stored images.

  1. Example file for Windows XP

    The file must be named .java.policy and is placed in the user's home directory as pointed to by user.home. This example enables read access to files in the folder C:\Documents...\images for the image display applets and read/write access to files in the folder C:\Documents...\ddm for the PXSim applet. (The parts marked '...' must be filled out as appropriate)

    grant codeBase "http://www.ccp4.ac.uk/jwc/PXImage/*" {
      permission java.io.FilePermission 
     "C:\\Documents...\\images\\*", "read";
    };
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXSim/*" {
      permission java.io.FilePermission 
     "C:\\Documents...\\ddm\\*", "read, write";
    };
    

  2. Example file for Linux

    The file must be named .java.policy and is placed in the user's home directory. This example enables access of files in all subdirectories of /home/fred as indicated by the '-' for both the image display applets and the PXSim applet.

    grant codeBase "http://www.ccp4.ac.uk/jwc/PXImage/*" {
      permission java.io.FilePermission "/home/fred/-", "read";
      permission java.io.FilePermission "/home/fred/-", "write, delete";
    };
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXSim/*" {
      permission java.io.FilePermission "/home/fred/-", "read";
      permission java.io.FilePermission "/home/fred/-", "write, delete";
    };
    

Logical File Path Names

The mechanism set up for JDL based programs to set up logical file path names for directories/folders involves setting up a text file named .java.lfp.txt in the directory pointed to by the Java system resource user.home. The entries in the file are the required logical name followed by the directory/folder path name to which it refers.

The following are examples indicating the type of entries required; in these cases, two logical names 'IMG' and 'DDM' are set up to point to directories/folders containing image files and DDM data files respectively.
  1. Example of a Logical File Paths file for Windows

    IMG C:\Documents and Settings\FRED\My Documents\images\
    DDM C:\Documents and Settings\FRED\My Documents\ddm\
    

    In this case the file name for an image file "C:\Documents and Settings\FRED\My Documents\images\lys.image" would be input to the program as IMG\lys.image.

  2. Example of a Logical File Paths file for Linux

    IMG /home/fred/images/
    DDM /home/fred/ddm/
    

    In this case the file name for an image file "/home/fred/images/lys.image" would be input to the program as IMG/lys.image.
In order that the file .java.lfp.txt can be accessed by the JDL based code, additional entries need to be added to the policy file to allow the program determine the home directory (user.home resource) and access the .java.lfp.txt file. Naturally, permissions must also be set up to grant access, as required, to the files in the directories/folders pointed to by the logical file path names.
  1. Example of policy file entries required for Windows XP

    grant codeBase "http://www.ccp4.ac.uk/jwc/PXimage/*" {
      permission java.util.PropertyPermission "user.home", "read";
    };
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXImage/*" {
      permission java.io.FilePermission "C:\\Documents and Settings\\fred\\.java.lfp.txt", "read";
    };
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXSim/*" {
      permission java.util.PropertyPermission "user.home", "read";
    };
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXSim/*" {
      permission java.io.FilePermission "C:\\Documents and Settings\\fred\\.java.lfp.txt", "read";
    };
    

  2. Example of policy file entries required for Linux

     
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXImage/*" {
      permission java.util.PropertyPermission "user.home", "read";
    };
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXImage/*" {
      permission java.io.FilePermission "/home/fred/.java.lfp.txt", "read";
    };
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXSim/*" {
      permission java.util.PropertyPermission "user.home", "read";
    };
    grant codeBase "http://www.ccp4.ac.uk/jwc/PXSim/*" {
      permission java.io.FilePermission "/home/fred/.java.lfp.txt", "read";
    };