Thank you Richard. I had numerous errors but the main being a reflection error stating that .setRedKey(true) could not be found in my .bsh script (however it was there). I think i have fixed the problem by removing 'player.getInventory()' and just using the method 'redKey.setCollected(true)', this puts the redKey object into an arrayList which i can then use as the players inventory to be shown on the screen when the player presses the 'i' key.
There are frequent news stories about security holes in Java. Do these apply mostly to browser plug-ins, or are there similar numbers of security issues in other components, such as JVMs, JavaFaces & Oracle ADF, Spring and other frameworks? In particular, I am concerned with security in Java code and components running on a web server.
If you think 'goto' is evil, try writing an Assembly program without JMP.