Java jnlp application blocked by Security settings

java security certificate java-web-start jnlp
71,143

Solution 1

I fixed this by going into the Java Control Panel (Start Menu > All Programs > Java > Configure Java) and adding two URLs to the Security Edit Site List.

http://code.google.com

http://androidscreencast.googlecode.com

For Mac System Preferences > Java

Where to add these sites

Java Control Panel > Security Tab > Edit Site List > Add > Apply > Ok enter image description here

Solution 2

I tried to add the item file:/ and worked.

enter image description here

Solution 3

I recommend you to enable tracing and logging, see here how:

enter image description here

And then run the application from command line.

javaws -verbose AppName.jnlp

Then you could check for clues in log and trace files stored in this path

\Documents and Settings\<USERNAME>\Application Data\Sun\Java\Deployment\log

img source:

http://www.cisco.com/c/en/us/support/docs/security/hostscan/117097-trouble-java7-00.html

Solution 4

I had a very similar problem (Correctly signed JNLP application prevented from running in Java 7)

I fixed it by ensuring

  • I compiled using 1.7

  • I updated my JNLP file to enforce 1.7

    <resources>
    <j2se version="1.7*" java-vm-args="-Xmx32m" max-heap-size="32m" href="http://java.sun.com/products/autodl/j2se"/>

Solution 5

We saw this problem with Java 1.8u60 caused by dead references to icons in the JNLP file. Previously the missing icons were ignored, but now we are seeing failures with the stack trace in the question. Removing the references to the icons fixed our problem.

Here are the two references we removed:

<icon href="ORCL.jpg" kind="splash"/>
<icon href="ORCS.jpg" kind="default"/>

Hope that helps.

Share:
71,143
ali kerim erkan
Author by

ali kerim erkan

C# fundamentalist rising on Java foundations

Updated on August 31, 2020

Comments

  • ali kerim erkan
    ali kerim erkan over 3 years

    I have an enterprise java application that has plenty of jars that are downloaded to the client's jvm cache by a jnlp file. When I start the application I get the following stack trace on Java Console:

            Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException
at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source)
at com.sun.deploy.ui.DialogTemplate.finalImageAvailable(Unknown Source)
at com.sun.deploy.ui.ImageLoader$2.run(Unknown Source)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
       Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException
at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source)
at com.sun.deploy.ui.DialogTemplate.finalImageAvailable(Unknown Source)
at com.sun.deploy.ui.ImageLoader$2.run(Unknown Source)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
    #### Java Web Start Error:
    #### The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel.

    My JNLP File is like the following with some censored descriptions:

    <?xml version="1.0" encoding="utf-8"?>
<jnlp spec="1.0+" codebase="http://10.100.10.9/ikarusdelhitest/" href="ikarus.jnlp">
<information>
    <title>ikarus</title>
    <vendor>my company</vendor>
    <homepage href="http://www.mycompanyaddress.com" />
    <description>My enterprise java ee swing application</description>
    <icon href="ikarus.jpg" />
    <offline-allowed />
</information>
<security>
    <all-permissions />
</security> 
<resources> 
    <jar href="jars/ikarus/ikarusClient.jar" />
    <jar href="jars/ikarus/ikarusDelegators.jar" />
    <jar href="jars/ikarus/clientRules.jar" />
    <jar href="jars/ikarus/ruleImps.jar" />
    <jar href="jars/ikarus/ikarusUtil.jar" />
    <jar href="jars/ikarus/ikarusResources.jar" />
    <jar href="jars/ikarus/domain.jar" />
    <jar href="jars/ikarus/domain_repository.jar" />
    <jar href="jars/ikarus/domain_service.jar" />
    <jar href="jars/ikarus/app_repository.jar" />
    <jar href="jars/ikarus/app_service.jar" />
    <jar href="jars/ikarus/infrastructure.jar" />
    <jar href="jars/ikarus/integration_domain.jar" />
    <jar href="jars/jboss_ejb_auth/ejb3-persistence.jar" />
    <jar href="jars/jboss_ejb_auth/jboss-ejb3x.jar" />
    <jar href="jars/jboss_ejb_auth/jbossall-client.jar" />
    <jar href="jars/jasper/commons-beanutils-1.8.0.jar" />
    <jar href="jars/jasper/commons-collections-3.2.1.jar" />
    <jar href="jars/jasper/commons-digester-1.7.jar" />
    <jar href="jars/jasper/commons-logging-1.1.jar" />
    <jar href="jars/jasper/iText-2.1.0.jar" />
    <jar href="jars/jasper/jasperreports-3.6.0.jar" />
    <jar href="jars/jasper/poi-3.2-FINAL-20081019.jar" />
    <property name="jnlp.localization" value="Delhi"/>
</resources>
<application-desc main-class="com.celebi.ikarus.main.Ikarus" />

    ALso note that I get some different exception details on the more information panel:

    com.sun.deploy.security.BlockedException: The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel.
at com.sun.deploy.security.SandboxSecurity.showBlockedDialog(Unknown Source)
at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
at com.sun.javaws.security.AppPolicy.addPermissions(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.getTrustedCodeSources(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$100(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.SecurityException: Invalid Permissions value: all-permissions  
at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source)
at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source)
... 39 more

    I dont have any security restrictions for security on java control panel. It is at the medium level as follows: here

    Thanks for any help

    New Edit: I got more explanatory stacktrace when I tried to run this jnlp from a jvm 1.6 machine as follows:

    java.lang.NoClassDefFoundError: javax/ejb/EJBAccessException
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Unknown Source)
at java.lang.Class.getMethod0(Unknown Source)
at java.lang.Class.getMethod(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.ClassNotFoundException: javax.ejb.EJBAccessException
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
    • ali kerim erkan
      ali kerim erkan over 10 years
      does the line java.lang.SecurityException: Invalid Permissions value: all-permissions map to the jnlp file or my manifest files inside jars?
    • Andrew Thompson
      Andrew Thompson over 10 years
      Huh.. again you have surprised me. I fully expected that adding all-permissions would solve the next problem the app. faced. I'll do some thinking on it..
    • ali kerim erkan
      ali kerim erkan over 10 years
      May the <security> <all-permissions /> </security> in jnlp file and Permissions: all-permissions line in manifest file conflicting? Is this possible? Which one overrides the other?
    • Andrew Thompson
      Andrew Thompson over 10 years
      No, they are in agreement as they should be.
  • ali kerim erkan
    ali kerim erkan over 10 years
    it think this doesn't ahve an affect on ejb's exception. I had such a tag in jnlp (<j2se) version="1.6+" ....etc...) but deleting/adding it doesn't change anything regarding the EJBAccessException
  • ThatAintWorking
    ThatAintWorking over 9 years
    Well, that's a fine thing if you own the source code. I just want to run something someone else developed.
  • S3lvatico
    S3lvatico almost 7 years
    for those interested, the equivalent directory on Windows 10 is C:\Users\<USERNAME>\AppData\LocalLow\Sun\Java\Deployment
  • ceklock
    ceklock almost 4 years
    Thanks, this solved the java.lang.NullPointerException at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source) for me.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to make a machine trust a self-signed Java application
Java Webstart attempt to sandboxed jar as "Trusted-Library"
java.security.cert.CertificateParsingException
Long startup delay for Java WebStart application since Java 1.7.0u40
Java Web Start Jar signing Issue?
Tracing Javaws launch
Is there a way to do JNLP without certificates?
Enabling JVM options with Java Web Start / JNLP
How to acess jvm default KeyStore?
How to recreate shortcut to webstart application?