I need to implement a security policy for working with documents. I encountered the following problem: The program runs in full screen; after user authorization, the program displays a list of files that are available to the user. When opening a file using external programs (for example, a file with a .docx extension is opened using Microsoft Word), my program is minimized and the user gains access to the OS. I need my program to continue running in the background on the full screen, without allowing the user to use the operating system, and the opened file to work “on top” of my program. Used java 8
Here is file opening code:
File file = new File(directoryPath + File.separator + fileName);
Desktop.getDesktop().open(file);
Despite the stage setting:
Scene scene = new Scene(content);
primaryStage.setScene(scene);
primaryStage.initStyle(StageStyle.UNDECORATED);
primaryStage.setFullScreen(true);
primaryStage.setAlwaysOnTop(true);
primaryStage.show();
When opening a file with an external program, my program is minimized and the user has access to everything. Maybe someone has encountered a similar problem, give me options on how this can be solved
If you want to block system actions on Windows, that is not a feature of the JavaFX system.
The JavaFX full-screen mode is not a security mode. It is just a signal to run the JavaFX application in full screen, not something that blocks other system operations from occurring.
Consider putting Windows into kiosk mode, which will restrict user access to many operating system features.
Kiosk mode generally works for a single application. You have multiple applications you want to restrict. For example, your JavaFX app and your managed apps, such as Word.
Appropriately setting up a kiosk mode supporting multiple applications may be difficult and requires the appropriate setup and configuration of user accounts on the machine being managed. It is outside the scope of both my area of expertise and what I would be prepared to answer and assist with here.
Quoting from a Microsoft Tutorial on kiosk mode:
Organization may want to set up special purpose devices, such as a device in the lobby that customers can use to view product catalogs, or a device displaying visual content as a digital sign. Windows client offers two different locked-down experiences for public or specialized use:
Single-app kiosk: runs a single Universal Windows Platform (UWP) application in full screen above the lock screen. People using the kiosk can see only that app. When the kiosk account (a local standard user account) signs in, the kiosk app launches automatically. If the kiosk app is closed, it will automatically restart
Multi-app kiosk: runs one or more applications from the desktop. People using the kiosk see a customized Start menu that shows only the apps that are allowed to execute. With this approach, you can configure a locked-down experience for different account types