Win a copy of Testing JavaScript Applications this week in the HTML Pages with CSS and JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Disabling the "Do you want to run this application" prompt

 
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello, I am running into an issue hopefully someone here can help me with.
First, I am using Java 8 on a Windows 10 machine (64 bit) and using Internet Explorer 11 as my web browser.
I have a jnlp file that I have hosted on a local tomcat server. My problem is that when I try to launch the application it always gives me that prompt which says

"Do you want to run this application"
"Running this application may be a security risk"

There is no option to not show this message in the future.

I've searched google articles, looked at videos online, made changes to internet explorer options and through java control panel, added the URL to the site exception list, restarted my system and nothing seems to have any effect.
Anyone have any thoughts on how I can go about preventing this message from appearing.

Currently the changes I have in place

I added this to the site exception list...
http://<hostname>:<port>/<filename>.jnlp  <- not this exactly of course but the real values for hostname etc

I also followed method 1 in this guide to make changes on IE...
https://answers.microsoft.com/en-us/ie/forum/all/security-warning-do-you-want-to-run-this/5a15571a-c9f4-452f-8b7c-a3c0cb653136

I also followed this site to make changes to the java control panel, the section on "How to disable the Java “Security Warning” popup in Windows 10, 8"
https://windowsreport.com/disable-java-security-warning-pop-windows-8/









 
Saloon Keeper
Posts: 12154
258
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Did you sign your application?
 
Harry Wordsworth
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes....I believe so. I am not all that familiar with signing, generating keys etc but I followed the steps listed online to create a JNLP file. Part of that included "signing the jar file.
For that I ran the genkey command for example like so...

C:\Users\MyUser>keytool -genkey -alias myalias -keyalg RSA -keystore "C:\local.keystore"

and I also created a keystore like so...
jarsigner -keystore C:\local.keystore https://freetsa.org/tsr myfile.jar myalias

after that I created a jnlp file and then placed both the jar file and jnlp file on my webserver ROOT directory.
I should note that when I just double click on the file the java file comes up with no problem. I only see this issue when I try to launch the jnlp file by clicking on a link from the web browser (ie 11 in this case)

Also, I should mention that I know webstart in general is a tech that's being depreciated and that my version of java is older, my browser is older etc,  but for my specific purposes I need to use this tech.
 
Marshal
Posts: 25682
69
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Then it looks to me like you signed the jar file but not the JNLP file. Although I have to say, it's been a very long time since I had to sign JNLP files and I disliked the whole digital signature business when I had the task.
 
Harry Wordsworth
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks. So I am a total newbie to signing jars, jnlp, files etc. Certificates and keys has never been my strong suit. However, from the documentation I read, I was under the impression that you only had to sign the jar file and that takes care of the JNLP if it's included, but sounds like this is not so?
I will search more on my own as well but if anyone knows which direction to point me in please feel free.

btw not sure if this makes a difference but when I said...
"after that I created a jnlp file and then placed both the jar file and jnlp file on my webserver ROOT directory. "

by jnlp file I meant the jnlp configuration file.

I basically followed the following 6 steps...
1) Create a java application

2) Package the java application into a ".jar" file
jar -cf MyApplication.jar  

3) Sign the ".jar" file
keytool -genkey -keystore testkeys -alias myalias
jarsigner -keystore testkeys MyApplication.jar

4) Create a ".jnlp" file,  "MyJNLPFile.jnlp" for the java application

<?xml version="1.0" encoding="utf-8"?>....
<jnlp spec="1.0+" codebase="http://localhost:8080/";
<information>
<title>JNLP Example</title>
<Vendor>Java Code Geeks</vendor>
<homepage  href="http://localhost:8080/";  />
<description>JNLP Testing</description>
</information>
<security>
<all-permissions/>
</security>
<resources>
<j2se version="1.8+" />
<jar  href="MyApplication.jar" />
</resources>
<application-desc  main-class="main.javacodegeeks.JNLPExample"  />
</jnlp>


5) Place all files into a web server
Copied MyApplication.jar and the MyJNLPFile.jnlp file into the tomcat folder C:\Tomcat\webapps\ROOT


6) Access
http://localhost:8080/MyJNLPFile.jnlp

* This is where I see the security prompt come up

 
Paul Clapham
Marshal
Posts: 25682
69
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, like I said it's been a while since I did that sort of thing. So I spent a few seconds searching the web and I found Signed JNLP Files. Pretty soon it says

Oracle wrote:To create a signed JNLP file, you don't sign the JNLP file itself. Instead...



So I was wrong about that. But I'm sure you must have read this document already and I'm telling you things that you already know.
 
Consider Paul's rocket mass heater.
    Bookmark Topic Watch Topic
  • New Topic