If you have ever created an Adobe AIR application, there is a good chance you have run into problems with the Sandbox Security Model. The Sandbox Security Model in AIR is in place to prevent developers from creating applications that can either mine information from or harm a user's machine. These precautions are justified and are what make AIR a safe alternative for creating desktop applications. When a user installs an AIR application, he is always met with the same standard install screens and knows that the software he is installing is safe. The only downside to the Sandbox Model is that it can be very limiting to the developer. Access to external drives, command line, and even lists of native applications are all blocked by the Sandbox Security. As a result, applications are often launched with only some of their possible features.
With the release of AIR 2.0 to beta, a number of the security issues have been addressed. Now applications can access external storage devices and can open up files in native applications, but there are still some limitations in place. This is where Merapi comes into play.
Merapi is a bridge between Flex-based AIR applications and Java. The Merapi bridge allows for communication between the two technologies through the use of messages. The messages can contain complex data, and the AMF data serialization protocols are used to transfer the data. Introducing Java into the equation allows developers to create cutting-edge software solutions, as Java is able to interact with far more aspects of the user's system. By using Java, one is able to access not only the underlying code and features of the user's operating system but also the many libraries that Java has to offer. As many external devices (such as barcode scanners, temperature sensors, and GPS units) often ship with Java based APIs, Merapi enables the developer to interact with those APIs and create applications tailor-made to fit specific scenarios that AIR on its own would not be able to accommodate.
People often have concerns about circumventing the Sandbox Security Model of AIR; after all, that security was put into place for a reason. They do not want to see the market flooded with insecure applications that could be used by hackers to access users' machines. However, this will not happen, chiefly because in order to use Merapi, both the AIR application and the Java application must be running at the same time. The Java application must also be installed separately from the AIR application, and the AIR application itself cannot install the Java files. If one does not install the Java files and run the Java application prior to starting the AIR application, then communication cannot take place. The need for the Java files to be placed on the user's machine separately is what stops Merapi from being used in mainstream applications. Merapi applications often need to be installed in very specific environments. This makes them ideal for internal applications within a company but not so ideal for the mass market.
The Code Stuff
Now that we have looked at some of the theory behind Merapi, let's look at how it is used. To give you a good understanding of how everything works, I am going to walk you through the process of making a Magic Eight Ball application with Merapi. The front end of the application will be a Flex based AIR application that takes a question from the user and sends it to a Java application via Merapi. The Java application will then generate a response to the question and send it back, also via Merapi, to the AIR application. Finally, the Air application will display the message. By the end of this example, you will see how communication works in a multidirectional manner and should have a good grasp of the power that Merapi has to offer.
The first thing you need to do is get the latest Merapi files. There are 3 SVN Repo’s that you should check out to make sure you have the latest files. Merapi has only been in public beta for a few months, so there are regular updates to the code.
- The Java core files are here: http://code.google.com/p/merapi/source/browse/#svn/branches/as3-js-cs-core-devel/java/merapi-core
- The Flex core files are here:
And also here:
In the upcoming months all these files will be merged into a single trunk for a simpler download.
Once you have the latest files, you can start to create the Java side of the application. When you create a Java application, the best practice is to create a main Java file that instantiates the necessary handler files. The handler files, which should be located in a handlers package, are the files that contain most of the logic for your application. The handlers are the classes that handle the incoming messages. The messages themselves are typed, so the handlers will only interact with their related messages. In your application you will also have message classes. There will be a different message class for each type of message your application sends or receives. Located in a messages package, these classes will be called from the handler classes.