A Note on Security Permissions

If your application is running a SecurityManager (plugin in browser, servlet engine etc), you will need to modify your policy file.

The policy file can be either:

• the ".java.policy" file (which you may need to create - you can use the ".java.policy" file in this distribution, but you may need to modify it) in the user's home directory (this directory is listed in the first few lines of the Java Console when you run an Applet or plugin using Sun's JRE and is also the value of the "user.home" the System property) - this has the advantage of allowing the same policy file to be used by all JVMs - or
• the java.policy file in the lib/security folder of the JRE installation, or
• can be specified through the command line (see below).

grant codeBase "file:C:/Program Files/CloudGarden/TalkingJava SDK/-" {
     permission java.security.AllPermission;
};

The above lines will allow the TalkingJava examples.applet.BrowserApplet to run using the Sun Plugin in a browser.

To test this out, you can use the ".java.policy" file in the TalkingJava installation directory. To see what happens when you run a SecurityManager, open a command prompt, change to the TalkingJava installation directory and type

java -cp . -Djava.security.manager examples.ListEngineTest

...you should get a result something like this...

$ java -cp . -Djava.security.manager examples/ListEngineTest
Exception in thread "main" java.security.AccessControlException: access denied (javax.speech.SpeechPermission javax.speech)
        at java.security.AccessControlContext.checkPermission(Unknown Source)
        at java.security.AccessController.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkPermission(Unknown Source)
        at javax.speech.Central.checkPermission(Central.java:83)
        at javax.speech.Central.availableSynthesizers(Central.java:37)
        at examples.ListEngineTest.main(ListEngineTest.java:20)

Now try using the policy file...

java -cp . -Djava.security.manager -Djava.security.policy=.java.policy examples.ListEngineTest

... the example should run as normal.

If you are serving an applet from your web server:

grant codeBase "http://<your web domain>/<your applet code base>/-" {
     permission java.security.AllPermission;
};

If you only want to grant specific permissions, then you can use lines like these (but these grant permissions for ALL applications, independent of code base):

grant {
    //you'll need to change the "160" depending on which version you are using
    permission java.lang.RuntimePermission "loadLibrary.cgjsapi160";
    //you may need to include this line to get round an apparent bug in the plugin
    permission java.io.FilePermission "<<ALL FILES>>", "read";

    //to allow synchronization with the AWT event queue
    permission java.awt.AWTPermission "accessEventQueue";

    //for JVMs >= 1.3 which can add a shutdown hook
    permission java.lang.RuntimePermission "shutdownHooks";

    //for JVMs < 1.3 which call runFinalizersOnExit instead
    permission java.lang.RuntimePermission "exitVM";

//The below lines may be able to be excluded depending on your JVM version
    permission java.util.PropertyPermission "java.home", "read";
    permission java.lang.RuntimePermission "modifyThreadGroup";
    permission java.lang.RuntimePermission "modifyThread";

//Use this only if you want to ignore security restrictions while testing
    //permission java.security.AllPermission;

};

The above lines in the policy file should cover most situations, but if any other SecurityExceptions occur, read the error message and modify the policy file to grant the required permission - you may need to consult Sun's security documentation to find out what the required policy lines should be.