Hi, We have a signed Java applet that provides platform extensibility through Rhino. We need very strict control over what our users can do in scripts because scripts are shared and executed between multiple users (e.g. we need to restrict access to java.io).
I've looked into SecurityController but this doesn't seem to be quite what I'm looking for. I am currently using Context.setApplicationClassLoader() to control how classes are loaded for scripts. This allows me to define a list of classes/packages that we want to provide to script authors, but I'm unsure of whether or not this is the best way to implement this and the documentation for this method is a bit sparse. If anyone has a better suggestion for controlling access to Java packages I would very much appreciate your input. Thank you, Dale Beermann _______________________________________________ dev-tech-js-engine-rhino mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-js-engine-rhino
