32

OS: Windows 7 64 bit

Java: jdk1.7.0_51

I have a jnlp file. When I double click on this, exception is occurred as below:

Application Error: Unable to launch the application
Exception: java.lang.SecurityException: Missing required Permissions manifest attribute in main jar
bluish
  • 26,356
  • 27
  • 122
  • 180
Ripon Al Wasim
  • 36,924
  • 42
  • 155
  • 176
  • http://stackoverflow.com/questions/4947458/java-how-to-get-permission-in-java-web-start – varun Jan 28 '14 at 11:51
  • Is this your own app., or is it supplied by others? – Andrew Thompson Jan 29 '14 at 01:57
  • @varun : Your link is outdated 1.7.0_51-b13: [Changes to Security Slider](http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/jcp.html) – moskito-x Jan 29 '14 at 10:52
  • This might also be helpful: http://stackoverflow.com/questions/19449738/long-startup-delay-for-java-webstart-application-since-java-1-7-0u40 –  Nov 02 '15 at 16:20
  • This might also be helpful: http://stackoverflow.com/questions/19449738/long-startup-delay-for-java-webstart-application-since-java-1-7-0u40 –  Nov 02 '15 at 16:21

2 Answers2

49

JAR File Manifest Attributes for Security

The JAR file manifest contains information about the contents of the JAR file, including security and configuration information.

Add the attributes to the manifest before the JAR file is signed.
See Modifying a Manifest File in the Java Tutorial for information on adding attributes to the JAR manifest file.

Permissions Attribute

The Permissions attribute is used to verify that the permissions level requested by the RIA when it runs matches the permissions level that was set when the JAR file was created.

Use this attribute to help prevent someone from re-deploying an application that is signed with your certificate and running it at a different privilege level. Set this attribute to one of the following values:

  • sandbox - runs in the security sandbox and does not require additional permissions.

  • all-permissions - requires access to the user's system resources.

Changes to Security Slider:

The following changes to Security Slider were included in this release(7u51):

  • Block Self-Signed and Unsigned applets on High Security Setting
  • Require Permissions Attribute for High Security Setting
  • Warn users of missing Permissions Attributes for Medium Security Setting

For more information, see Java Control Panel documentation.

enter image description here

sample MANIFEST.MF

Manifest-Version: 1.0
Ant-Version: Apache Ant 1.8.3
Created-By: 1.7.0_51-b13 (Oracle Corporation)
Trusted-Only: true
Class-Path: lib/plugin.jar
Permissions: sandbox
Codebase: http://myweb.de http://www.myweb.de
Application-Name: summary-applet

moskito-x
  • 11,832
  • 5
  • 47
  • 60
  • 2
    My problem has been solved by "Edit Site List". Thanks moskito-x – Ripon Al Wasim Jan 29 '14 at 11:49
  • @RiponAlWasim : It's hard to stay on the current. Oracle changes the security settings again and again. – moskito-x Jan 29 '14 at 11:52
  • First. Go to the Java Control Panel (On Windows Click Start and then Configure Java) – Per G Feb 10 '14 at 09:45
  • Under Java 8 I wasn't able to run my Java Web Start application. I had to set the same permission level in jnlp file and in manifest (example - Permissions: sandbox). Now it works fine. – null Mar 27 '14 at 08:41
  • I have this problem would you like to help me: http://stackoverflow.com/questions/38356087/java-web-star-java-lang-nullpointerexception-jnlpxargs-execprogram – Fernando Pie Jul 13 '16 at 16:10
4

If you'd like to set this globally for all users of a machine, you can create the following directory and file structures:

mkdir %windir%\Sun\Java\Deployment

Create a file deployment.config with the content:

deployment.system.config=file:///c:/windows/Sun/Java/Deployment/deployment.properties
deployment.system.config.mandatory=TRUE

Create a file deployment.properties

deployment.user.security.exception.sites=C\:/WINDOWS/Sun/Java/Deployment/exception.sites

Create a file exception.sites

http://example1.com
http://example2.com/path/to/specific/directory/

Reference https://blogs.oracle.com/java-platform-group/entry/upcoming_exception_site_list_in

bcjenkins
  • 121
  • 1
  • 2