Any given object in the Java Card platform's object space has a context and an owner associated with it. When a new object is created, it is associated with the currently active context, but the object is owned by the applet instance within the currently active context when the object is instantiated. An object can be owned by an applet instance, or by the Java Card RE.

Following are the combined rules of context and object ownership within the firewall:

• Every applet instance belongs to a context. All applet instances from the same package belong to the same context.

• Every object is owned by an applet instance (or the Java Card RE). An applet instance is identified by its AID. When executing in an instance method of an object (or a static class method called from within), the object's owner must be in the currently active context.

For example, assume that applets A and B are in the same package, and applet C is in another package. A and B therefore belong to the same context: 1. C belongs to a different context: 2. For an illustration of this situation, see FIGURE 6-2.

If context 1 is the currently active context, and a method m1 in an object owned by applet A is invoked, no context switch occurs. If method m1 invokes a method m2 in an object owned by applet B, again no context switch occurs (in spite of the object “owner” change), and no firewall restrictions apply.

However, if the method m2 now calls a method m0 in an object owned by applet C, firewall restrictions apply and, if access is allowed, a context switch shall occur. Upon return to method m2 from the method m0, the context of applet B is restored.

FIGURE 6-2 Context Switching and Object Access

Keep the following points in mind:

• When the m1 method in the object owned by applet A calls the method m2 in the object owned by applet B, the context does not change but the owner of the object does change. If the JCSystem.getAID method is called from method m2 within context 1, the AID of applet B is returned.

• When method m2 calls method m0 in an object owned by applet C, applet B is the owner of the object when the context switches from 1 to 2. Therefore, if the JCSystem.getAID method is called from method m0 within context 2, the AID of applet C shall be returned. If the JCSystem.getPreviousContextAID method is called, the AID of applet B shall be returned.

• When the JCSystem.getAID method is called from method m2 after the return from method m0 in context 2, the AID of applet B is returned. However, if the JCSystem.getPreviousContextAID method is called, the AID of the applet which called into context 1 (or null if Java Card RE) is returned and not the AID of applet C.