I would like to add scripting functionality to an application that runs in a Java EE container. The javax.script API seems ideal as I can support multiple languages ββwith one API; there is a catch, scripts can come from untrusted sources, so I need to limit what they can do. Basically, here are my requirements:
- Several scripts running simultaneously.
- Scripts do not interact with each other.
- Scripts do not have access to the JVM or Java application code.
- Scripts do not have access to the underlying platform (file system, etc.).
- Scripts do not have network access.
If I can allow certain exceptions, thatβs great, but itβs not necessary.
Can this be done using Java Scripting APIs? Can this be done at a lower level by configuring script providers? Is there a better way to accomplish what I want?
source share