[PPT] - Applets and Applications Developing Applets and Applications PowerPoint Presentation

SLIDE 1

Software Design 7.1

Applets and Applications

 Application run by user, double-clickable/command-line

No restrictions on access, reads files, URLS, …
GUI applications typically include a Jframe
Has title, menus, closeable, resizeable

 Applet is downloaded via the web

Runs in browser, not trusted (but see policy later)
Can't read files on local machine (but see policy)
Can't be resized within browser
Uses jar file to get all classes at once
Alternative? Establish several connections to

server

Software Design 7.2

Developing Applets and Applications

 Create a JPanel with the guts of the GUI/logic

What will be in the content pane of both deployments
Makes GUI very simple, see SameGame refactoring
Use JPanel in both Applet and Application

 Test with application first, easier to read files/resources

Migrate to Applet, test first with appletviewer
Migrate to web, may need to clear cache/reload

 Ideally first cleanly into OOGA architecture

Gui isn't the view, what about interfaces?

Software Design 7.3

Packages, JAR files, deployment

http://java.sun.com/docs/books/tutorial/jar/basics/index.html

 Java packages correspond semantically to modules

(related classes) and syntactically to a directory structure

Class names correspond to file names
Package names correspond to directories
Related classes belong together, easier to develop,

easier to deploy

Leverage default/package access, use properties of

protected which is subclass and package access

Software Design 7.4

Packages, javac, java, javadoc

 In moderately big programs packages are essential

Can’t easily live in a directory with 50 .java files
Can’t easily co-exist in such a directory
Harder to use tools like Make and Ant

 Each of javac, java, javadoc is slightly different with

packages, all must co-exist with CLASSPATH

File system vs. compiler vs. runtime
Source of confusion and problems
IDEs can manage Make/CLASSPATH issues

SLIDE 2

Software Design 7.5

CLASSPATH and related concepts

 The default CLASSPATH is . current directory

Works fine with default/unnamed packages
Will not work with named packages

 Set CLASSPATH to directory in which packages live also

include current dir

setenv CLASSPATH "~ola:."
setenv CLASSPATH "`pwd`:."
On windows machines change registry variable,

separator is semi-colon rather than colon

 All problems are CLASSPATH problems

Software Design 7.6

More package details



To compile

Can cd into directory and type javac *.java
Can also type javac ooga/*.java from one level up
If CLASSPATH isn't set, the second won't work



To run

java ooga.TicTac will work, you must specify the "real"

name of the class being used.

Reading files requires full-paths or run from directory in

which file lives



To document

http://java.sun.com/j2se/javadoc/faq.html
Don't need to use –sourcepath, but can
javadoc –d doc ooga ooga.timer ooga.game …

Software Design 7.7

javadoc for packages

 See the javadoc faq

http://java.sun.com/j2se/javadoc/faq.html

For each package create a package.html file
Not in /** */ javadoc format, strictly html
First sentence after <body> is main description; a

sentence ends with a period.

The package.html file should provide complete

instructions on how to use the package. All programmer documentation should be accessible

r part of this file, e.g., in the file or linked to the

file

Use the {@link foo.bar bar} tag appropriately.
See the FAQ, or the source for the elan package
nline

 You may want to keep .java and .class files separate, see

sourcepath and classpath as commandline args to java

Software Design 7.8

From JITs to Deoptimization

 JITs compile bytecodes when first executed

If we can cache translated code we can avoid re-translating

the same bytecode sequence

Spend time compiling things that aren’t frequently

executed (optimistic optimization?)

Errors indicate “compiled code” rather than line number

 Sun’s HotSpot VM uses a different strategy for performance

Adaptive compilation: save time over JIT, compile

“hotspots” rather than everything, uses less memory, starts program faster, http://java.sun.com/products/hotspot/

No method inlining, but uses dynamic deoptimization
Program loads new subclass, compiled code invalid, so

…?

 What does the class loader do?

SLIDE 3

Software Design 7.9

Loading .class files

 The bytecode verifier “proves theorems” about the bytecodes

being loaded into the JVM

These bytecodes may come from a non-Java source, e.g.,

compile Ada into bytecodes (why?)

 This verification is a static analysis of properties such as:

.class file format (including magic number 0xCAFEBABE)
Methods/instances used properly, parameters correct
Stack doesn’t underflow/overflow

 Verification is done by the JVM, not changeable

Contrast ClassLoader, which is changeable, can modify

classes before they’re loaded into the JVM http://securingjava.com http://java.sun.com/sfaq/verifier.html

Software Design 7.10

The ClassLoader

 The “boot strap” loader is built-in to the JVM

Sometimes called the “default” loader, but it’s not

extensible or customizable the way other loaders are

Loads classes from the platform on which the JVM runs

(what are loader and JVM written in?)

 Applet class loader, RMI class loader, user loaders

Load .class files from URLs, from other areas of platform
n which JVM runs
A class knows how it was loaded and new instances will

use the same loader

 Why implement a custom loader?

Work at Duke with JOIE

Software Design 7.11

Applications and Applets

 An applet is a program delivered via the web

security issues, sandbox model
where does code/images/etc come from? How is it

delivered?

what browsers support JDK1.2 out-of-the box?
Use IE/Netscape with plugin, use Opera as is, use

appletviewer for debugging, testing

 Possible to wrap up lots of classes in a .jar file

java archive, similar to a tar file, possible to include

.class files, .au, .gif, etc, so all code transferred at once

Software Design 7.12

Running an Applet

 An applet has an init() method

similar to constructor, called only once, when the

applet is first loaded

 An applet has a start() method

called each time the applet becomes “active”, run the

first time, or revisited e.g., via the back button in a browser

 An applet has a stop() method

called when applet is invisible, e.g., user scrolls or

goes to another web page

 other methods in an applet

destroy, getAppletInfo, getParameterInfo

 Applet subclasses Panel, so it is an Container/Component

SLIDE 4

Software Design 7.13

Security Manager



Applets use a SecurityManager

Query for permissions
Supported by browsers by

convention (would you use an “untrusted” browser)



The picture shows JDK 1.0 model, “sandbox” restrictions supported by SecurityManager

Untrusted code restricted to

the sandbox

All downloaded/applets are

untrusted

Severely limits what a

downloaded program can do

Software Design 7.14

SecurityManager changes in JDK 1.1

 Applets support signing

using digital signatures

Signature stored with

code in JAR file that’s downloaded

Clients support
pen/full access to

“trusted” applets, some signatures ok

 Still “all-or-nothing”, an

applet is untrusted or completely trusted

What might be

preferable?

Software Design 7.15

SecurityManager changes in JDK 1.2



Policies are now supported

Allow more fine-grained

control of access, permission

Based on location (URL)

and/or digital signatures

Uses public/private key,

applets don’t need to be signed, can be from a trusted location



Set policies on a system wide basis using policytool

What about user-level

permissions?

Software Design 7.16

Networkable solutions

 Using sockets we can pass objects back and forth between

client and server, but we’re limited

Cannot call methods on objects between client/server,
nly send objects and respond to protocols
Conceivably we’ll run into firewall problems

 RMI, Remote Method Invocation, can fix both these

problems

Clients call methods across machines, on objects

running in other JVMs

Built on top of HTTP, so can (in theory) be used

through firewalls

 Requires bookkeeping and security precautions, non-

trivial to set up (not in theory, but in practice)

SLIDE 5

Software Design 7.17

RMI ideas



Think of clients and servers, though this distinction is blurred

In jdk 1.2, server-side objects can call client object methods,

so really distributed computing

Still, an initial server/rmiregistry begins the RMI process



JVMs on different machines execute, objects communicate with each other between JVMs

Sockets used underneath, either TCP/IP or HTTP or …

customizable e.g., SSL



Classes can either be located in all JVMs, or transferred/downloaded using HTTP codebase

Codebase is also used in applets, but restricted to original

web page as root

Software Design 7.18

Applet codebase

 JVM executing in browser has different capabilities

than “regular” JVM

Looks in codebase as its CLASSPATH, also uses

client/browser side CLASSPATH

Codebase is relative to location of web page
riginating the applet for security reasons
Implications for downloading foo.jar?

Software Design 7.19

XML: Another TLA or the Future?

http://java.sun.com/xml/tutorial_intro.html

 XML is eXtensible Markup Language

It's a w3c standard (what does this mean?)
http://www.w3.org/XML/
It's simple, flexible, portable, extensible,

hierarchical, complicated (see simple)

Basis for XMP-RPC, SOAP, UDDI, WSDL

 Why do we need to understand XML?

It really is simple, and it really is powerful
It really is in-demand and one of the

FOTDay

Software Design 7.20

XML in brief

 Need some method to create XML

Exported by applications, e.g., iTunes
Edited by hand, this is a bad idea
Done programatically, see bullet 1

 XML can be validated with a DTD

Document Type Definition
Often provided by applications
Really necessary for complex XML data

SLIDE 6

Software Design 7.21

What does it look like?

<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Major Version</key><integer>1</integer> <key>Minor Version</key><integer>1</integer> <key>Application Version</key><string>6.0.1</string> <key>Features</key><integer>1</integer> <key>MusicFolder</key> <string>file://localhost/Users/ola/Music/iTunes/iTunes%20Music/</string> <key>Library Persistent ID</key><string>2D2047AF6D8A9673</string> <key>Tracks</key> <dict> <key>40</key> <dict> <key>Track ID</key><integer>40</integer> <key>Name</key><string>Track 01</string> <key>Kind</key><string>AAC audio file</string> Software Design 7.22

Elements of XML

 There's an XML header, specifies global "stuff"  There's the content

Root element
Sub elements

 What is an element?

Tagged, case-sensitive, semantic
Can contain text, data, attributes

<project name="foo" type="java"> <file>Glob.java</file> <file>Blib.java</file> </project>

Software Design 7.23

Handling XML

 There are two ways to parse/read XML  SAX: Simple API for XML

Stream based, register callbacks that are

called when certain tags/data parsed

Can't move around, but can read and discard

 DOM: Document Object Model

Entire tree-like structure read into memory
Easy to move around

Software Design 7.24

Saving and restoring objects



Classes should implement Serializable, this is a tag interface, not necessary to implement a function (see Cloneable)

mark non-serializable fields as transient
platform specific objects like font sizes, these need to be reconstructed

rather than re-read

fields that aren’t needed when an object is deserialized
use ObjectOutputStream and ObjectInputStream, can

customize behavior using private?! functions below

private void writeObject(java.io.ObjectOutputStream out) throws IOException private void readObject(java.io.ObjectInputStream in) throws IOException, ClassNotFoundException;

also defaultReadObject() and defaultWriteObject()