We have a Swing application which downloaded through Java Web Start and runs on local machine. But after automatic launching of the downloaded JNLP file an error occurs:
Application Blocked by Security Settings Name: Somename Location: http://localhost:8080 The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel.
This URL already added in exception site list.
Java console doesn't works at that moment, but if launch this JNLP file by command in console:
javaws -verbose filename.jnlp
we got some exception in trace:
java.lang.SecurityException: JAR manifest requested to run in all-permissons only: http://localhost:8080/path/to/jar/jarname.jar
at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source)
at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source)
at com.sun.deploy.security.SandboxSecurity.isPermissionGranted(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Manifest of that Jar file:
Manifest-Version: 1.0
version-time: 1926
version-number: 01.030.02.02
Ant-Version: Apache Ant 1.9.4
Application-Name: Somename
Permissions: all-permissions
version-date: March 4 2015
Created-By: 1.7.0_75-b13 (Oracle Corporation)
debug: on
Codebase: *
Structure of JNLP file:
<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="http://localhost:8080/" href="/warname/jnlp/filename.jsp">
<information>
<title>Title</title>
<vendor>Company</vendor>
<homepage href="http://www.foo.com"/>
<description>Description</description>
<offline-allowed/>
</information>
<resources>
<j2se max-heap-size="512m" initial-heap-size="128m"
version="1.3+"/>
<jar href="/warname/jnlp/lib/jarname.jar"/>
<jar href="/warname/jnlp/lib/jarname-2.jar" />
<extension href="/warname/jnlp/help.jsp" name="Java Help"/>
</resources>
<application-desc
main-class="path.to.class.Starter">
<argument>-java.naming.provider.url=someurl</argument>
<argument>-java.naming.factory.initial=someinitial</argument>
<argument>-java.naming.security.principal=login</argument>
<argument>-java.naming.security.credentials=password</argument>
<argument>-locatorConfig=server</argument>
<argument>-verbose</argument>
</application-desc>
</jnlp>
Version of Java: 1.7.0_75.
What is the reason of that exception and why app does not start?
The "all-permissions" setting means the application needs to access some of your system resources.
In this case, Oracle says you have to define the same permission both in JNLP and manifest files. You should have a look at the "security" element of JNLP file :
<security>
<all-permissions/>
</security>
You can find more informations here.
You may have to change Java security settings. Under Windows you should have an icon on the control panel for Java. Concerning Linux, you can run the "ControlPanel" application inside bin directory of your JDK.
Under the "Security" tab you can add an exception about "localhost". This should help you fix your problem.