Java jnlp application blocked by Security settings
Solution 1
I fixed this by going into the Java Control Panel (Start Menu > All Programs > Java > Configure Java) and adding two URLs to the Security Edit Site List.
http://androidscreencast.googlecode.com
For Mac System Preferences > Java
Where to add these sites
Java Control Panel > Security Tab > Edit Site List > Add > Apply > Ok
Solution 2
I tried to add the item file:/ and worked.
Solution 3
I recommend you to enable tracing and logging, see here how:
And then run the application from command line.
javaws -verbose AppName.jnlp
Then you could check for clues in log and trace files stored in this path
\Documents and Settings\<USERNAME>\Application Data\Sun\Java\Deployment\log
img source:
http://www.cisco.com/c/en/us/support/docs/security/hostscan/117097-trouble-java7-00.html
Solution 4
I had a very similar problem (Correctly signed JNLP application prevented from running in Java 7)
I fixed it by ensuring
- I compiled using 1.7
-
I updated my JNLP file to enforce 1.7
<resources>
<j2se version="1.7*" java-vm-args="-Xmx32m" max-heap-size="32m" href="http://java.sun.com/products/autodl/j2se"/>
Solution 5
We saw this problem with Java 1.8u60 caused by dead references to icons in the JNLP file. Previously the missing icons were ignored, but now we are seeing failures with the stack trace in the question. Removing the references to the icons fixed our problem.
Here are the two references we removed:
<icon href="ORCL.jpg" kind="splash"/>
<icon href="ORCS.jpg" kind="default"/>
Hope that helps.
Comments
-
ali kerim erkan over 3 years
I have an enterprise java application that has plenty of jars that are downloaded to the client's jvm cache by a jnlp file. When I start the application I get the following stack trace on Java Console:
Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source) at com.sun.deploy.ui.DialogTemplate.finalImageAvailable(Unknown Source) at com.sun.deploy.ui.ImageLoader$2.run(Unknown Source) at java.awt.event.InvocationEvent.dispatch(Unknown Source) at java.awt.EventQueue.dispatchEventImpl(Unknown Source) at java.awt.EventQueue.access$200(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.run(Unknown Source) Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source) at com.sun.deploy.ui.DialogTemplate.finalImageAvailable(Unknown Source) at com.sun.deploy.ui.ImageLoader$2.run(Unknown Source) at java.awt.event.InvocationEvent.dispatch(Unknown Source) at java.awt.EventQueue.dispatchEventImpl(Unknown Source) at java.awt.EventQueue.access$200(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.run(Unknown Source) #### Java Web Start Error: #### The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel.
My JNLP File is like the following with some censored descriptions:
<?xml version="1.0" encoding="utf-8"?> <jnlp spec="1.0+" codebase="http://10.100.10.9/ikarusdelhitest/" href="ikarus.jnlp"> <information> <title>ikarus</title> <vendor>my company</vendor> <homepage href="http://www.mycompanyaddress.com" /> <description>My enterprise java ee swing application</description> <icon href="ikarus.jpg" /> <offline-allowed /> </information> <security> <all-permissions /> </security> <resources> <jar href="jars/ikarus/ikarusClient.jar" /> <jar href="jars/ikarus/ikarusDelegators.jar" /> <jar href="jars/ikarus/clientRules.jar" /> <jar href="jars/ikarus/ruleImps.jar" /> <jar href="jars/ikarus/ikarusUtil.jar" /> <jar href="jars/ikarus/ikarusResources.jar" /> <jar href="jars/ikarus/domain.jar" /> <jar href="jars/ikarus/domain_repository.jar" /> <jar href="jars/ikarus/domain_service.jar" /> <jar href="jars/ikarus/app_repository.jar" /> <jar href="jars/ikarus/app_service.jar" /> <jar href="jars/ikarus/infrastructure.jar" /> <jar href="jars/ikarus/integration_domain.jar" /> <jar href="jars/jboss_ejb_auth/ejb3-persistence.jar" /> <jar href="jars/jboss_ejb_auth/jboss-ejb3x.jar" /> <jar href="jars/jboss_ejb_auth/jbossall-client.jar" /> <jar href="jars/jasper/commons-beanutils-1.8.0.jar" /> <jar href="jars/jasper/commons-collections-3.2.1.jar" /> <jar href="jars/jasper/commons-digester-1.7.jar" /> <jar href="jars/jasper/commons-logging-1.1.jar" /> <jar href="jars/jasper/iText-2.1.0.jar" /> <jar href="jars/jasper/jasperreports-3.6.0.jar" /> <jar href="jars/jasper/poi-3.2-FINAL-20081019.jar" /> <property name="jnlp.localization" value="Delhi"/> </resources> <application-desc main-class="com.celebi.ikarus.main.Ikarus" />
ALso note that I get some different exception details on the more information panel:
com.sun.deploy.security.BlockedException: The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel. at com.sun.deploy.security.SandboxSecurity.showBlockedDialog(Unknown Source) at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source) at com.sun.javaws.security.AppPolicy.addPermissions(Unknown Source) at com.sun.jnlp.JNLPClassLoader.getTrustedCodeSources(Unknown Source) at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source) at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source) at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source) at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(Unknown Source) at java.security.SecureClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.access$100(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at com.sun.javaws.Launcher.doLaunchApp(Unknown Source) at com.sun.javaws.Launcher.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.lang.SecurityException: Invalid Permissions value: all-permissions at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source) at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source) ... 39 more
I dont have any security restrictions for security on java control panel. It is at the medium level as follows:
Thanks for any help
New Edit: I got more explanatory stacktrace when I tried to run this jnlp from a jvm 1.6 machine as follows:
java.lang.NoClassDefFoundError: javax/ejb/EJBAccessException at java.lang.Class.getDeclaredMethods0(Native Method) at java.lang.Class.privateGetDeclaredMethods(Unknown Source) at java.lang.Class.getMethod0(Unknown Source) at java.lang.Class.getMethod(Unknown Source) at com.sun.javaws.Launcher.executeApplication(Unknown Source) at com.sun.javaws.Launcher.executeMainClass(Unknown Source) at com.sun.javaws.Launcher.doLaunchApp(Unknown Source) at com.sun.javaws.Launcher.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.lang.ClassNotFoundException: javax.ejb.EJBAccessException at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source)
-
ali kerim erkan over 10 yearsdoes the line java.lang.SecurityException: Invalid Permissions value: all-permissions map to the jnlp file or my manifest files inside jars?
-
Andrew Thompson over 10 yearsHuh.. again you have surprised me. I fully expected that adding
all-permissions
would solve the next problem the app. faced. I'll do some thinking on it.. -
ali kerim erkan over 10 yearsMay the <security> <all-permissions /> </security> in jnlp file and Permissions: all-permissions line in manifest file conflicting? Is this possible? Which one overrides the other?
-
Andrew Thompson over 10 yearsNo, they are in agreement as they should be.
-
-
ali kerim erkan over 10 yearsit think this doesn't ahve an affect on ejb's exception. I had such a tag in jnlp (<j2se) version="1.6+" ....etc...) but deleting/adding it doesn't change anything regarding the EJBAccessException
-
ThatAintWorking over 9 yearsWell, that's a fine thing if you own the source code. I just want to run something someone else developed.
-
S3lvatico almost 7 yearsfor those interested, the equivalent directory on Windows 10 is C:\Users\<USERNAME>\AppData\LocalLow\Sun\Java\Deployment
-
ceklock almost 4 yearsThanks, this solved the java.lang.NullPointerException at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source) for me.