How does the Robot actually control a program? You first start the program you want to control, then start the Robot. After you click the Go button, the Robot disappears, which gives the focus back to the program you want to control. From then on, the Robot can send it keystrokes or control it with the mouse. When the Robot is done with the tasks you've given it, it reappears. For example, take a look at Figure 7.2, where the Robot has entered the text "Hello from the robot." in Windows WordPad. Cool. Figure 7.2. Using the Robot to type text. NOTE Note the steps used to run the Robot. First, you start the program you want to control. Then you start the Robot. After entering the commands you want to execute, or the name of the file that holds the commands, you click the Go button. The Robot will disappear, and the focus will revert to the program you want to control. After the Robot is done running that program, it'll reappear. REAL-WORLD SCENARIO: A Question of Security The Java Robot class can control other programs and even take control of your computer. Is there a security risk here? Yes. Is it serious? Not really. As any developer knows, any time a program can jump its bounds and start working with the rest of the system unasked, there's some security risk. You can imagine how upset someone would be if the mouse started moving independently, various programs started, buttons were clicked, text was entered, and so on. However, the user would have to explicitly run the code that uses the Java Robot class in a nasty way. That makes Java Robot less of a threat, although it still might be used in email attachments that users run without thinking, or in Trojan horse programs, which contain malicious code inside a respectable-looking application. Note that there's little you can do to the operating system with Java Robot that you can't do with simple system calls in code. Robot is good for manipulating other programs that can't be accessed so easily in code; it's not a hacker's dream-come-true. The bad things viruses and worms do involve operating system calls, not running WordPad. The Java Robot class has been around since Java 1.3, and it hasn't become a security issue. Developers have been writing code using this class for a long time, and no spectacular security hole has appeared. The Java Robot class has become one of the trusted Java classes, and programmers make use of it without much concern for security these days. Some operating systems take no chances, however. If the operating system you're running the Java Robot class on requires special privileges for low-level input control, such as that generated by this project, an AWTException will be thrown when you try to construct Java Robot objects. In the X Window System, for example, you'll get this exception if the XTEST 2.2 standard extension is not supported by the X server. |
How does the Robot do what it does? It uses a Java class called, not surprisingly, the Java Robot class. This class first appeared in Java 1.3 and has been getting better ever since. Sun's purpose in creating this class was to "facilitate automated testing of Java platform implementations," but that's boring. It's much better to use this class to generate low-level user-interface events and control other programs by remote control, as the Robot project does. |