The Java Tutorials have been written for JDK 8.Java教程是为JDK 8编写的。Examples and practices described in this page don't take advantage of improvements introduced in later releases and might use technology no longer available.本页中描述的示例和实践没有利用后续版本中引入的改进,并且可能使用不再可用的技术。See Java Language Changes for a summary of updated language features in Java SE 9 and subsequent releases.有关Java SE 9及其后续版本中更新的语言特性的摘要,请参阅Java语言更改。
See JDK Release Notes for information about new features, enhancements, and removed or deprecated options for all JDK releases.有关所有JDK版本的新功能、增强功能以及已删除或不推荐的选项的信息,请参阅JDK发行说明。
This section describes the basics of security for applications deployed through Java Web Start and includes:本节介绍通过Java Web Start部署的应用程序的安全基础,包括:
Applications launched with Java Web Start are, by default, run in a restricted environment, known as a sandbox. 默认情况下,使用JavaWebStart启动的应用程序在一个被称为“沙箱”的受限环境中运行。In this sandbox, Java Web Start:在这个沙箱中,Java Web Start:
Sandbox applications that are launched by Java Web Start remain in this sandbox, meaning they cannot access local files or the network. Java Web Start启动的沙箱应用程序仍保留在此沙箱中,这意味着它们无法访问本地文件或网络。See Security in Rich Internet Applications for information.有关信息,请参阅富互联网应用程序中的安全性。
Java Web Start dynamically imports certificates as browsers typically do. To do this, Java Web Start sets its own https handler, using the java.protocol.handler.pkgs system properties, to initialize defaults for the SSLSocketFactory and HostnameVerifier. It sets the defaults with the methods HttpsURLConnection.setDefaultSSLSocketFactory and HttpsURLConnection.setDefaultHostnameVerifier.
If your application uses these two methods, ensure that they are invoked after the Java Web Start initializes the 如果应用程序使用这两种方法,请确保在Java Web Start初始化https handler, otherwise your custom handler will be replaced by the Java Web Start default handler.https处理程序后调用它们,否则自定义处理程序将被Java Web Start默认处理程序替换。
You can ensure that your own customized 通过执行以下操作之一,可以确保使用自己定制的SSLSocketFactory and HostnameVerifiter are used by doing one of the following:SSLSocketFactory和HostnameVerifiter:
https handler, to replace the Java Web Start https handler.HttpsURLConnection.setDefaultSSLSocketFactory or HttpsURLConnection.setDefaultHostnameVerifier only after the first https URL object is created, which executes the Java Web Start https handler initialization code first.