A Java applet is an applet

Applet

In computing, an applet is any small application that performs one specific task that runs within the scope of a larger program, often as a plug-in. An applet typically also refers to Java applets, i.e., programs written in the Java programming language that are included in a web page...

delivered to users in the form of Java bytecode

Java bytecode

Java bytecode is the form of instructions that the Java virtual machine executes. Each bytecode opcode is one byte in length, although some require parameters, resulting in some multi-byte instructions. Not all of the possible 256 opcodes are used. 51 are reserved for future use...

. Java applets can run in a Web browser

Web browser

A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...

using a Java Virtual Machine

Java Virtual Machine

A Java virtual machine is a virtual machine capable of executing Java bytecode. It is the code execution component of the Java software platform. Sun Microsystems stated that there are over 4.5 billion JVM-enabled devices.-Overview:...

(JVM), or in Sun

Sun Microsystems

Sun Microsystems, Inc. was a company that sold :computers, computer components, :computer software, and :information technology services. Sun was founded on February 24, 1982...

's AppletViewer

AppletViewer

AppletViewer is a standalone, command line program from Sun to run Java applets. Appletviewer is generally used by developers for testing their applets before being deployed to a website....

, a stand-alone tool for testing applets. Java applets were introduced in the first version of the Java language in 1995, and are written in programming language

Programming language

A programming language is an artificial language designed to communicate instructions to a machine, particularly a computer. Programming languages can be used to create programs that control the behavior of a machine and/or to express algorithms precisely....

s that compile to Java bytecode, usually in Java

Java (programming language)

Java is a programming language originally developed by James Gosling at Sun Microsystems and released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities...

, but also in other languages such as Jython

Jython

Jython, successor of JPython, is an implementation of the Python programming language written in Java.-Overview:Jython programs can seamlessly import and use any Java class. Except for some standard modules, Jython programs use Java classes instead of Python modules...

, JRuby

JRuby

JRuby is a Java implementation of the Ruby programming language, being developed by the JRuby team. It is free software released under a three-way CPL/GPL/LGPL license...

, or Eiffel

Eiffel (programming language)

Eiffel is an ISO-standardized, object-oriented programming language designed by Bertrand Meyer and Eiffel Software. The design of the language is closely connected with the Eiffel programming method...

(via SmartEiffel

SmartEiffel

SmartEiffel is a free Eiffel compiler. The compiler translates Eiffel code either to C or Java bytecode. Hence it can be used to write programs that run on virtually any platform for which an ANSI C compiler or a Java virtual machine exist....

).

Java applets run at speeds comparable to, but generally slower than, other compiled languages such as C++

C++

C++ is a statically typed, free-form, multi-paradigm, compiled, general-purpose programming language. It is regarded as an intermediate-level language, as it comprises a combination of both high-level and low-level language features. It was developed by Bjarne Stroustrup starting in 1979 at Bell...

, but until approximately 2011 many times faster than JavaScript

JavaScript

JavaScript is a prototype-based scripting language that is dynamic, weakly typed and has first-class functions. It is a multi-paradigm language, supporting object-oriented, imperative, and functional programming styles....

. In addition they can use 3D hardware acceleration

Hardware acceleration

In computing, Hardware acceleration is the use of computer hardware to perform some function faster than is possible in software running on the general-purpose CPU...

that is available from Java. This makes applets well suited for non trivial, computation intensive visualizations. When browsers have gained support for native hardware accelerated graphics in the form of Canvas and WebGL

WebGL

WebGL is a software library that extends the capability of the JavaScript programming language to allow it to generate interactive 3D graphics within any compatible web browser...

, as well as Just in Time compiled

Just-in-time compilation

In computing, just-in-time compilation , also known as dynamic translation, is a method to improve the runtime performance of computer programs. Historically, computer programs had two modes of runtime operation, either interpreted or static compilation...

JavaScript, the speed difference has become less noticeable.

Since Java's bytecode

Bytecode

Bytecode, also known as p-code , is a term which has been used to denote various forms of instruction sets designed for efficient execution by a software interpreter as well as being suitable for further compilation into machine code...

is cross-platform

Cross-platform

In computing, cross-platform, or multi-platform, is an attribute conferred to computer software or computing methods and concepts that are implemented and inter-operate on multiple computer platforms...

or platform independent, Java applets can be executed by browsers for many platforms, including Microsoft Windows

Microsoft Windows

Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...

, Unix

Unix

Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...

, Mac OS

Mac OS

Mac OS is a series of graphical user interface-based operating systems developed by Apple Inc. for their Macintosh line of computer systems. The Macintosh user experience is credited with popularizing the graphical user interface...

and Linux

Linux

Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...

. It is also trivial to run a Java applet as an application with very little extra code. This has the advantage of running a Java applet in offline mode without the need for any Internet browser software and also directly from the integrated development environment

Integrated development environment

An integrated development environment is a software application that provides comprehensive facilities to computer programmers for software development...

(IDE).

Overview

Applets are used to provide interactive features to web applications that cannot be provided by HTML

HTML

HyperText Markup Language is the predominant markup language for web pages. HTML elements are the basic building-blocks of webpages....

alone. They can capture mouse input

Mouse (computing)

In computing, a mouse is a pointing device that functions by detecting two-dimensional motion relative to its supporting surface. Physically, a mouse consists of an object held under one of the user's hands, with one or more buttons...

and also have controls like buttons

Button (computing)

In computing, a button is a user interface element that provides the user a simple way to trigger an event, like searching for a query at a search engine, or to interact with dialog boxes, like confirming an action.-Description:A typical button is a rectangle or rounded rectangle, wider than it is...

or check box

Check box

In computing, a checkbox is a graphical user interface element that permits the user to make multiple selections from a number of options or to have the user answer yes or no on a simple yes/no question.Normally, checkboxes are shown on...

es. In response to the user action an applet can change the provided graphic content. This makes applets well suitable for demonstration, visualization and teaching. There are online applet collections for studying various subjects, from physics to heart physiology. Applets are also used to create online game collections

Kurnik

Kurnik , also known as PlayOK, is a community-supported website of classic board and card games to play online against live opponents in real-time. It was created in 2001 by Marek Futrega, and was initially a Polish-only website. As of early 2005 it supported over 30 board and card games, and the...

that allow players to compete against live opponents in real-time.

An applet can also be a text area only, providing, for instance, a cross platform command-line interface

Command-line interface

A command-line interface is a mechanism for interacting with a computer operating system or software by typing commands to perform specific tasks...

to some remote system. If needed, an applet can leave the dedicated area and run as a separate window. However, applets have very little control over web page content outside the applet dedicated area, so they are less useful for improving the site appearance in general (while applets like news ticker

News ticker

A news ticker resides in the lower third of the television screen space on television news networks dedicated to presenting headlines or minor pieces of news. It may also refer to a long, thin scoreboard-style display seen around the front of some offices or public buildings...

s or WYSIWYG

WYSIWYG

WYSIWYG is an acronym for What You See Is What You Get. The term is used in computing to describe a system in which content displayed onscreen during editing appears in a form closely corresponding to its appearance when printed or displayed as a finished product...

editors are also known). Applets can also play media in formats that are not natively supported by the browser

HTML pages may embed parameters that are passed to the applet. Hence the same applet may appear differently depending on the parameters that were passed.

As applets have been available before CSS

Cascading Style Sheets

Cascading Style Sheets is a style sheet language used to describe the presentation semantics of a document written in a markup language...

, they were also widely used for trivial effects like navigation buttons. This use is criticized and declining.

Technical information

Java applets are executed in a sandbox by most web browsers, preventing them from accessing local data like clipboard

Clipboard (software)

The clipboard is a software facility that can be used for short-term data storage and/or data transfer between documents or applications, via copy and paste operations...

or file system

File system

A file system is a means to organize data expected to be retained after a program terminates by providing procedures to store, retrieve and update data, as well as manage the available space on the device which contain it. A file system organizes data in an efficient manner and is tuned to the...

. The code of the applet is downloaded from a web server

Web server

Web server can refer to either the hardware or the software that helps to deliver content that can be accessed through the Internet....

and the browser either embeds

Compound document

In computing, a compound document is a document type typically produced using word processing software, and is a regular text document intermingled with non-text elements such as spreadsheets, pictures, digital videos, digital audio, and other multimedia features...

the applet into a web page or opens a new window showing the applet's user interface

User interface

The user interface, in the industrial design field of human–machine interaction, is the space where interaction between humans and machines occurs. The goal of interaction between a human and a machine at the user interface is effective operation and control of the machine, and feedback from the...

.

A Java applet extends the class , or in the case of a Swing

Swing (Java)

Swing is the primary Java GUI widget toolkit. It is part of Oracle's Java Foundation Classes — an API for providing a graphical user interface for Java programs....

applet, . The class must override methods from the applet class to set up a user interface inside itself (Applet is a descendant of which is a descendant of . As applet inherits from container, it has largely the same user interface possibilities as an ordinary Java application, including regions with user specific visualization.

The first implementations involved downloading an applet class by class. While classes are small files, there are frequently a lot of them, so applets got a reputation as slow loading components. However, since jar

JAR (file format)

In software, JAR is an archive file format typically used to aggregate many Java class files and associated metadata and resources into one file to distribute application software or libraries on the Java platform.JAR files are built on the ZIP file format and have the .jar file extension...

s were introduced, an applet is usually delivered as a single file that has a size of the bigger image (hundreds of kilobytes to several megabytes).

The domain

Domain name system

The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...

from where the applet executable has been downloaded is the only domain to which the usual (unsigned) applet is allowed to communicate. This domain can be different from the domain where the surrounding HTML document is hosted.

Java system libraries

Static library

In computer science, a static library or statically-linked library is a set of routines, external functions and variables which are resolved in a caller at compile-time and copied into a target application by a compiler, linker, or binder, producing an object file and a stand-alone executable...

and runtimes

Runtime library

In computer programming, a runtime library is a special program library used by a compiler, to implement functions built into a programming language, during the execution of a computer program...

are backwards compatible, allowing to write code that runs both on current and on future versions of the Java virtual machine.

Similar technologies

Many Java developers, blogs and magazines are recommending that the Java Web Start

Java Web Start

In computing, Java Web Start is a framework developed by Sun Microsystems that allows users to start application software for the Java Platform directly from the Internet using a web browser....

technology be used in place of Applets.. Java Web Start also allows to launch unmodified applet code, only it then runs in a separate window (not inside the invoking browser).

A Java Servlet

Java Servlet

A servlet is a Java programming language class used to extend the capabilities of servers that host applications accessed via a request-response programming model. Although servlets can respond to any type of request, they are commonly used to extend the applications hosted by Web servers...

is sometimes informally compared to be "like" a server-side applet, but it is different in its language, functions, and in each of the characteristics described here about applets.

Embedding into web page

The applet can be displayed on the web page by making use of the deprecated applet HTML element, or the recommended object element.. Embed element can be used with Mozilla family browsers (embed is no longer deprecated in since HTML 5). This specifies the applet's source and location. Object and embed tags can also download and install Java virtual machine (if required) or at least lead to the plugin page. Applet and object tags also support loading of the serialized applets that start in some particular (rather than initial) state. Tags also specify the message that shows up in place of the applet if the browser cannot run it due any reason.

However, despite object being officially a recommended tag, as of 2010, the support of the object tag was not yet consistent among browsers and Sun kept recommending the older applet tag for deploying in multibrowser environments, as it remained the only tag consistently supported by the most popular browsers. To support multiple browsers, the object tag currently requires JavaScript (that recognizes the browser and adjusts the tag), usage of additional browser-specific tags or delivering adapted output from the server side. Deprecating applet tag has been criticised. Oracle now provides a maintained JavaScript code to launch applets with cross platform workarounds.

Example

The following example is made simple enough to illustrate the essential use of Java applets through its java.applet package. It also uses classes from the Java Abstract Window Toolkit

Abstract Window Toolkit

The Abstract Window Toolkit is Java's original platform-independent windowing, graphics, and user-interface widget toolkit. The AWT is now part of the Java Foundation Classes — the standard API for providing a graphical user interface for a Java program.AWT is also the GUI toolkit for a...

(AWT) for producing actual output (in this case, the "Hello, world!

Hello world program

A "Hello world" program is a computer program that outputs "Hello world" on a display device. Because it is typically one of the simplest programs possible in most programming languages, it is by tradition often used to illustrate to beginners the most basic syntax of a programming language, or to...

" message).

import java.applet.Applet;
import java.awt.*;

// Applet code for the "Hello, world!" example.
// This should be saved in a file named as "HelloWorld.java".
public class HelloWorld extends Applet {
// This method is mandatory, but can be empty (i.e., have no actual code).
public void init { }

// This method is mandatory, but can be empty.(i.e.,have no actual code).
public void stop { }

// Print a message on the screen (x=20, y=10).
public void paint(Graphics g) {
g.drawString("Hello, world!", 20,10);

// Draws a circle on the screen (x=40, y=30).
g.drawArc(40,30,20,20,0,360);
}
}

Additional simple applets are available at Wikiversity.

For compiling

Compiler

A compiler is a computer program that transforms source code written in a programming language into another computer language...

, this code is saved on a plain-ASCII

ASCII

The American Standard Code for Information Interchange is a character-encoding scheme based on the ordering of the English alphabet. ASCII codes represent text in computers, communications equipment, and other devices that use text...

file with the same name as the class and .java extension, i.e. HelloWorld.java. The resulting HelloWorld.class applet should be placed on the web server and is invoked within an HTML

HTML

HyperText Markup Language is the predominant markup language for web pages. HTML elements are the basic building-blocks of webpages....

page by using an <APPLET> or an <OBJECT> tag. For example:

"-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

HelloWorld_example.html

A Java applet example

Here it is:
This is where HelloWorld.class runs.

Displaying the HelloWorld_example.html page from a Web server, the result should look as this:

A Java applet example

Here it is: Hello, world!

To minimize download time, applets are usually delivered in a form of compressed zip

ZIP (file format)

Zip is a file format used for data compression and archiving. A zip file contains one or more files that have been compressed, to reduce file size, or stored as is...

archive (having jar

JAR (file format)

extension). If all needed classes (only one in our case) are placed in compressed archive example.jar, the embedding code would look different:

Here it is:
This is where HelloWorld.class runs.

Applet inclusion is described in detail in Sun's official page about the APPLET tag.

Advantages

A Java applet can have any or all of the following advantages:

It is simple to make it work on Linux, Microsoft Windows and Mac OS X i.e. to make it cross platform. Applets are supported by most web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...

s.

The same applet can work on "all" installed versions of Java at the same time, rather than just the latest plug-in version only. However, if an applet requires a later version of the Java Runtime Environment
Java Virtual Machine
A Java virtual machine is a virtual machine capable of executing Java bytecode. It is the code execution component of the Java software platform. Sun Microsystems stated that there are over 4.5 billion JVM-enabled devices.-Overview:...

(JRE) the client will be forced to wait during the large download.

Most web browsers cache
Cache
In computer engineering, a cache is a component that transparently stores data so that future requests for that data can be served faster. The data that is stored within a cache might be values that have been computed earlier or duplicates of original values that are stored elsewhere...

applets, so will be quick to load when returning to a web page. Applets also improve with use: after a first applet is run, the JVM is already running and starts quickly (the JVM will need to restart each time the browser starts afresh).

It can move the work from the server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...

to the client
Client (computing)
A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....

, making a web solution more scalable with the number of users/clients.

If a standalone program (like Google Earth
Google Earth
Google Earth is a virtual globe, map and geographical information program that was originally called EarthViewer 3D, and was created by Keyhole, Inc, a Central Intelligence Agency funded company acquired by Google in 2004 . It maps the Earth by the superimposition of images obtained from satellite...

) talks to a web server, that server normally needs to support all prior versions for users which have not kept their client software updated. In contrast, a properly configured browser loads (and caches) the latest applet version, so there is no need to support legacy versions.

The applet naturally supports the changing user state, such as figure positions on the chessboard.

Developers can develop and debug an applet direct simply by creating a main routine (either in the applet's class or in a separate class) and calling init and start on the applet, thus allowing for development in their favorite Java SE
Java Platform, Standard Edition
Java Platform, Standard Edition or Java SE is a widely used platform for programming in the Java language. It is the Java Platform used to deploy portable applications for general use...

development environment. All one has to do after that is re-test the applet in the AppletViewer program or a web browser to ensure it conforms to security restrictions.

An untrusted applet has no access to the local machine and can only access the server it came from. This makes such an applet much safer to run than a standalone executable that it could replace. However, a signed applet can have full access to the machine it is running on if the user agrees.

Java applets are fast - and can even have similar performance
Java performance
The performance of a compiled Java program will depend on how smartly its particular tasks are going to be managed by the host JVM, and how well the JVM takes advantage of the features of the hardware and OS in doing so. Thus, any Java performance test or comparison has to always report the...

to native installed software.

Disadvantages

A Java applet may have any of the following disadvantages:

It requires the Java plug-in.
Some browsers, notably mobile browsers running Apple iOS or Android do not run Java applets at all.
Some organizations only allow software installed by the administrators. As a result, some users can only view applets that are important enough to justify contacting the administrator to request installation of the Java plug-in.
As with any client-side scripting, security restrictions may make it difficult or even impossible for an untrusted applet to achieve the desired goals.
Some applets require a specific JRE. This is discouraged.
If an applet requires a newer JRE than available on the system, or a specific JRE, the user running it the first time will need to wait for the large JRE download to complete.
Java automatic installation or update may fail if a proxy server is used to access the web. This makes applets with specific requirements impossible to run unless Java is manually updated. The Java automatic updater that is part of a Java installation also may be complex to configure if it must work through a proxy.
Unlike the older applet tag, the object tag needs workarounds to write a cross-browser HTML document.

Compatibility related lawsuits

Sun

Sun Microsystems

Sun Microsystems, Inc. was a company that sold :computers, computer components, :computer software, and :information technology services. Sun was founded on February 24, 1982...

has made a considerable effort to ensure compatibility is maintained between Java versions as they evolve, enforcing Java portability by law if required. Oracle seems to be continuing the same strategy.

1997 Sun vs Microsoft

The 1997 lawsuit was filed after Microsoft modified its own Java Virtual Machine

Microsoft Java Virtual Machine

The Microsoft Java Virtual Machine was a proprietary Java Virtual Machine computer program from Microsoft. It was first made available for Internet Explorer version 3 so that users could run Java applets when browsing on the World Wide Web. It was the fastest Windows-based implementation of a Java...

which shipped with Internet Explorer. Microsoft added about 50 methods and 50 fields into the classes within the java.awt, java.lang, and java.io packages. Other modifications included removal of RMI

Java remote method invocation

The Java Remote Method Invocation Application Programming Interface , or Java RMI, is a Java application programming interface that performs the object-oriented equivalent of remote procedure calls ....

capability and replacement of Java native interface

Java Native Interface

The Java Native Interface is a programming framework that enables Java code running in a Java Virtual Machine to call and to be called by native applications and libraries written in other languages such as C, C++ and assembly.-Purpose and features:JNI enables one to write native methods to...

from JNI to RNI, a different standard. RMI was removed because it only easily supports Java to Java communications and competes with Microsoft DCOM

Distributed component object model

Distributed Component Object Model is a proprietary Microsoft technology for communication among software components distributed across networked computers. DCOM, which originally was called "Network OLE", extends Microsoft's COM, and provides the communication substrate under Microsoft's COM+...

technology. Applets that relied on these changes or just inadvertently used them worked only within Microsoft's Java system. Sun sued for breach of trademark

Trademark

A trademark, trade mark, or trade-mark is a distinctive sign or indicator used by an individual, business organization, or other legal entity to identify that the products or services to consumers with which the trademark appears originate from a unique source, and to distinguish its products or...

, as the point of Java was that there should be no proprietary extensions and that code should work everywhere. Microsoft agreed to pay Sun $20 million, and Sun agreed to grant Microsoft limited license to use Java without modifications only and for a limited time.

2002 Sun vs Microsoft

Microsoft continued to ship its own unmodified Java virtual machine. Over years it has become extremely outdated yet still default for Internet Explorer. A later study revealed that applets of this time often contain their own classes that mirror Swing

Swing (Java)

Swing is the primary Java GUI widget toolkit. It is part of Oracle's Java Foundation Classes — an API for providing a graphical user interface for Java programs....

and other newer features in a limited way. In 2002 Sun filed an antitrust

Antitrust

The United States antitrust law is a body of laws that prohibits anti-competitive behavior and unfair business practices. Antitrust laws are intended to encourage competition in the marketplace. These competition laws make illegal certain practices deemed to hurt businesses or consumers or both,...

lawsuit, claiming that Microsoft's attempts at illegal monopolization have harmed the Java platform. Sun demanded Microsoft distribute Sun's current, binary implementation of Java technology as part of Windows, distribute it as a recommended update for older Microsoft desktop operating systems and stop the distribution of Microsoft's Virtual Machine (as its licensing time, agreed in the prior lawsuit, had expired). Microsoft paid $700 million for pending antitrust issues, another $900 million for patent issues and a $350 million royalty fee to use Sun's software in the future.

2010 Oracle vs Google

Google has developed their own Android platform that uses Java features and concepts, yet is incompatible with standard libraries. This may be a violation of conditions under which Sun granted OpenJDK

OpenJDK

OpenJDK is a free and open source implementation of the Java programming language. It is the result of an effort Sun Microsystems began in 2006...

patents to use open source Java for all. In 2010, Oracle sued Google for using Java "in a wrong way", claiming that "Google's Android competes with Oracle America's Java" and that "Google has been aware of Sun’s patent portfolio ... since Google hired certain former Sun Java engineers". , the lawsuit is ongoing.

Security

There are two applet types with very different security models: signed applets and unsigned applets.

Unsigned

Limits on unsigned applets are understood as "draconian": they have no access to the local filesystem and web access limited to the applet download site; there are also many other important restrictions. For instance, they cannot access all system properties, use their own class loader, call native code, execute external commands on a local system or redefine classes belonging to core packages included as part of a Java release. While they can run in a standalone frame, such frame contains a header, indicating that this is an untrusted applet. Successful initial call of the forbidden method does not automatically create a security hole as an access controller checks the entire stack

Call stack

In computer science, a call stack is a stack data structure that stores information about the active subroutines of a computer program. This kind of stack is also known as an execution stack, control stack, run-time stack, or machine stack, and is often shortened to just "the stack"...

of the calling code to be sure the call is not coming from an improper location.

As with any complex system, multiple security problems have been discovered and fixed since Java was first released. Some of these (like the Calendar serialization security bug) persisted for many years with nobody being aware. However it seems that most (if not all) security holes are closed before they can be exploited on a larger scale.

Some studies mention applets crashing the browser or overusing CPU

Central processing unit

The central processing unit is the portion of a computer system that carries out the instructions of a computer program, to perform the basic arithmetical, logical, and input/output operations of the system. The CPU plays a role somewhat analogous to the brain in the computer. The term has been in...

resources but these are classified as nuisances and not as true security flaws. However, unsigned applets may be involved in combined attacks that exploit a combination of multiple severe configuration errors in other parts of the system. An unsigned applet can also be more dangerous to run directly on the server where it is hosted because while code base allows it to talk with the server, running inside it can bypass the firewall. An applet may also try DoS attacks

Denial-of-service attack

A denial-of-service attack or distributed denial-of-service attack is an attempt to make a computer resource unavailable to its intended users...

on the server where it is hosted but usually people who manage the web site also manage the applet, making this unreasonable. Communities may solve this problem via source code review

Code review

Code review is systematic examination of computer source code. It is intended to find and fix mistakes overlooked in the initial development phase, improving both the overall quality of software and the developers' skills...

or running applets on a dedicated domain.

The unsigned applet can also try to download malware hosted on originating server. However it could only store such file into temporary folder (as its transient data) and has no means to complete the attack by executing it. There were attempts to use applets for spreading Phoenix and Siberia exploits this way, while these exploits do not use Java internally and were also distributed in several other ways.

As of 1999, no real security breaches involving unsigned applets have ever been publicly reported. Using an up-to-date Web browser is usually enough to be safe against the known direct attacks from unsigned applets.

Signed

A signed applet contains a signature that the browser should verify through a remotely running, independent certificate authority server

Certificate server

Certificate servers validate, or certify, keys as part of a Public key infrastructure. Keys are strings of text generated from a series of encryption algorithms that allow you to secure communication for a group of users...

. Producing this signature involves specialized tools and interaction with the authority server maintainers. Once the signature is verified, and the user of the current machine also approves, a signed applet can get more rights, becoming equivalent to an ordinary standalone program. The rationale is that the author of the applet is now known and will be responsible for any deliberate damage. This approach allows applets to be used for many tasks that are otherwise not possible by client-side scripting. However, this approach requires more responsibility from the user, deciding whom he or she trusts. The related concerns include a non-responsive authority server, wrong evaluation of the signer identity when issuing certificates, and known applet publishers still doing something that the user would not approve of. Hence signed applets that appeared from Java 1.1 may actually have more security concerns.

Self-signed

Self-signed applets, which are applets signed by the developer themselves, may potentially pose a security risk; java plugins provide a warning when requesting authorization for a self-signed applet, as the function and safety of the applet is guaranteed only by the developer itself, and has not been independently confirmed. Such self-signed certificates are usually only used during development prior to release where third-party confirmation of security is unimportant, but most applet developers will seek third-party signing to ensure that users trust the applet's safety.

Java security problems are not fundamentally different from similar problems of any client-side scripting platform. In particular, all issues related to signed applets also apply to Microsoft ActiveX

ActiveX

ActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....

components.

Alternatives

Alternative technologies exist (for example, JavaScript

JavaScript

, Curl, Flash

Adobe Flash

Adobe Flash is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and flash animations for broadcast...

, and Microsoft Silverlight

Microsoft Silverlight

Microsoft Silverlight is an application framework for writing and running rich Internet applications, with features and purposes similar to those of Adobe Flash. The run-time environment for Silverlight is available as a plug-in for web browsers running under Microsoft Windows and Mac OS X...

) that satisfy some of the scope of what is possible with an applet. Of these, JavaScript is not always viewed as a competing replacement; JavaScript can coexist with applets in the same page, assist in launching applets (for instance, in a separate frame or providing platform workarounds) and later be called from the applet code. JavaFX

JavaFX

JavaFX is a software platform for creating and delivering rich Internet applications that can run across a wide variety of connected devices....

is an extension of the Java platform and may also be viewed as an alternative.

Web Usage Trends

As of 2011, Java usage on the World Wide Web remains static at around 3 to 4% of all web-servers (http://w3techs.com/technologies/details/pl-java/all/all) and as such is seen by many as an unnecessary browser add-on technology, especially when considering the regularity with which java exploits are discovered and deployed against the casual home or business web-surfer. It remains to be seen if Java will ever become a relevant software technology for consumer desktop and hand-held computing and communications devices.

External links

Latest version of Sun Microsystems Java Virtual Machine (includes browser plug-ins for running Java applets in most web browsers).
Information about writing applets from Sun Microsystems
Demonstration applets from Sun Microsystems (JDK 1.4 - include source code)
JavaRanch Applet FAQ
Pulpcore: Open-source 2D rendering and animation framework for the Java plug-in

The source of this article is wikipedia, the free encyclopedia. The text of this article is licensed under the GFDL.