Applet Developer's Guide > Java Plug-in and Applet Architecture
This document describes how the next-generation Java Plug-in, introduced in the Java SE 6 update 10 release, controls the execution of applets and interactions between applets and the browser.
With the Java plugin, applets are not run in the JVM inside the browser. Instead, they are executed in a separate process. The same JVM process can be shared between multiple applets, or applets may be placed into different processes depending on whether the existing JVMs match the applet requirements and have enough resources to execute the applet. An applet can request specific version of JRE to be used and can specify what options need to be passed to the JVM. An applet can also request to be executed in the separate JVM.
The browser and the applet can still communicate with one another, however. Existing APIs have been re-engineered to use process sockets, so things continue to work as they did before--only better. This architecture provides a number of benefits:
With that architecture, a new JRE can be launched whenever it is needed. But an applet will run in an existing JRE as long as:
On all platforms, the new Java Plug-in locates JREs to use from
the entries listed in the Java Control Panel ("Java" tab, "View"
button under "Java Applet Runtime Settings"). The available JREs in
this list are encoded in the
file whose location is platform-dependent. On the Windows platform,
it is generally located in
Unix platforms, it is generally located in
On Windows platforms, both the Java Control Panel and the new Java Plug-in will automatically detect the installed JREs and add them to the available set. On Unix platforms, auto-detection of installed JREs is not supported. The Java Runtime Environment Settings dialog, which is accessed by clicking View in the Java tab of the Java Control Panel, may be used to manually add JREs to the known list for the new Java Plug-in.
By default the new Java Plug-in will execute all applets in the latest JRE version named in this list. It will only execute an applet on an earlier JRE version if explicitly requested.
When considering a request to launch an applet on a specific JRE version (for example, a particular update release like "1.5.0_11"):
When considering a request to launch an applet on a particular family, the most recent JRE from that family will be selected and the above steps starting from (2) will be followed.
When considering a request to launch an applet on a particular family or any later family, the latest available JRE will be used to launch the applet.
Normally, if two applets have the same
archive parameters, they will be loaded by the same
class loader instance. This behavior is required for backward
compatibility, and is relied on by several real-world applications.
The result is that multiple applets on the same web page may access
each others' static variables at the Java language level,
effectively allowing the multiple applets to be written as though
they comprised a single application.
While this feature enables certain kinds of applications to be conveniently written, it has certain drawbacks. It interferes with termination of applets, in particular when multiple instances of the same applet are active. It makes the programming model for applets more complex, since it is under specified exactly when the static fields of an applet will be re-initialized, and when they will be maintained from run to run of the same applet. It causes imprecise behavior of certain user interface operations within the Java Plug-in due to the inability to identify exactly which applet initiated a particular request.
For this reason, the new Java Plug-in provides a way to opt out of the use of the classloader cache on an applet by applet basis.
Garbage collection occurs on an applet instance immediately
destroy method finishes. The garbage
collection applies to all memory acquired by the applet, except
for static variables. Statics are preserved in the classloader
cache, along with the classes themselves, for as long as the class
loader is present.
So when does the class loader go away? That behavior is not specified. It's up to the implementation of the Java virtual machine and its interactions with the operating system. You can expect it be retained for as long as possible, but to be discarded when the memory is needed for other purposes.
All applets should be signed with a certificate from a recognized certificate authority. The user must agree to run an applet and having a valid certificate provides the user with some assurance that the applet is safe to run. An applet runs in a secure sandbox that prevents it from interacting with the user's system, unless authorized. To obtain that authorization, the applet must request permissions when it is launched and the user must agree to run the applet. Permissions are needed to:
The basic applet security model is an all or nothing proposition. An applet with permissions has full access to the user's system. Without permissions, the applet has virtually no access at all.
Deployment of applets using JNLP allows them to avail a more fine-grained security model (similar to Java Web Start applications), that gives them controlled access to a user's system, under control of the user. (For example, the ability to save or open a file selected by the user and the ability to print.)
See Proxy Configuration in Java Deployment Guide for details.
See Security in Java Deployment Guide for details.