Login/Register
Web Start security level j2ee-application-client-permissions still possible?
Asked Answered
javasecuritysandboxjava-web-startjnlp
W

0

6

According to the JNLP file syntax there are three security levels:

  • sandbox (default if no level is explicitly specified)
  • j2ee-application-client-permissions
  • all-permissions

In recent Java versions it is required that the JAR file contains a manifest entry with the Permissions attribute matching the security level of the corresponding JNLP file. According to the official documentation possible values are

  • sandbox
  • all-permissions

I'm confused because does it mean that it's actually not possible anymore to deploy web start application with the level j2ee-application-client-permissions?

I wasn't able to deploy a (signed) web start application with level j2ee-application-client-permissions using each possible attribute value in the manifest file.

Whitecollar answered 6/4, 2016 at 14:28 Comment(3)
"I'm confused because does it mean that it's actually not possible anymore to deploy web start application with the level j2ee-application-client-permissions?" I don't know the official answer. What I do know is that now that all JWS apps. need to be digitally signed, it makes little sense to use the JNLP API services that are allowed under that level of permissions. e.g. the FileContents object obtained from the file API is not a patch on a File as we understand it.Dixon
Did you have any answer ?Awhile
Could you be more specific than, "I wasn't able to deploy a (signed) web start application with level j2ee-application-client-permissions"? Do you have a stacktrace for your application? Does your application start when you set security to all-permissions?Bedder

© 2022 - 2024 — McMap. All rights reserved.