2

I am running my application through javaws and I am getting the following message although I have the following line in my jar MANIFEST.MF.

Permissions: all-permissions

This application will be blocked in a future Java security update because the JAR file manifest does not contain the Permissions attribute. Please contact the Publisher for more information.

More Information

What could I be doing wrong?

Here is my Manifest file content:

Manifest-Version: 1.0 
Application-Library-Allowable-Codebase: * 
Application-Name: XYZ 
Permissions: all-permissions 
Created-By: 1.6.0_24 (Sun Microsystems Inc.) 
Caller-Allowable-Codebase: * 
Main-Class: com.xyz.Main Codebase: * 

Name: com/xyz/print/Table.class 
SHA1-Digest: VTfZjW9GqKB39EmlNA= 

Name: common Implementation-Vendor: XYZ 
Implementation-Title: client 
Implementation-Version: 1391524251884 
Specification-Vendor: XYZ 
Built-By: kuka 
Specification-Title: 
Client Specification-Version: 

Name: com/xyz/print/Element$1.class 
SHA1-Digest: ucbptZrxyzfaalv6FYw=
user1053792
  • 143
  • 1
  • 5
  • Have you opened the Jar to check the manifest that you made is actually the one in the Jar? Does your manifest end in an entirely blank line? What is the total content of the manifest (is the `Permissions` line last)? .. – Andrew Thompson Feb 01 '14 at 03:11
  • Do you have all-permissions also set in your JNLP file? – mikemil Feb 01 '14 at 04:05
  • Thanks for your reply, I have all-permissions in the JNLP file, I have opened the jar and found that the manifest file there contains the Permissions attribute in the first "paragraph", and the file has 2 empty lines at the end. What else could it be? – user1053792 Feb 01 '14 at 06:28
  • 1
    Make sure all your library .jars are signed as well. http://stackoverflow.com/questions/19659134/how-do-i-fix-missing-codebase-permissions-and-application-name-manifest-attri – ryvantage Feb 01 '14 at 14:25
  • Tip: Add @ryvantage (or whoever - the `@` is important) to *notify* them of a new comment. 2) Post the content of the JNLP. – Andrew Thompson Feb 02 '14 at 03:52
  • I may be wrong, but in 1.7.0_45 there was a case where webstart would report this message when it was actually hitting a problem with something unrelated: the message was just generic and confusing, and probably misfired as part of the changes in that version. Which version are you running on btw? – haylem Feb 03 '14 at 14:46
  • @haylem I am running java 1.7.0_51. – user1053792 Feb 05 '14 at 07:00
  • @ryvantage Here is the content of the manifest file:@ryvantage Here is the content of the – user1053792 Feb 05 '14 at 07:02
  • @ryvantage Sorry, again: Manifest-Version: 1.0 Application-Library-Allowable-Codebase: * Application-Name: XYZ Permissions: all-permissions Created-By: 1.6.0_24 (Sun Microsystems Inc.) Caller-Allowable-Codebase: * Main-Class: com.xyz.Main Codebase: * Name: com/xyz/gui/Command$9.class SHA1-Digest: RssmI/y7xuQlM94/E= Name: common Implementation-Vendor: XYZ Implementation-Title: client Implementation-Version: 1391524251884 Specification-Vendor: XYZ Built-By: kuka Specification-Title: Client Specification-Version: Name: com/xyz/print/Element$1.class SHA1-Digest: ucbptZv+v2Plv6FYw= – user1053792 Feb 05 '14 at 07:17
  • @ryvantage `Manifest-Version: 1.0 Application-Library-Allowable-Codebase: * Application-Name: XYZ Permissions: all-permissions Created-By: 1.6.0_24 (Sun Microsystems Inc.) Caller-Allowable-Codebase: * Main-Class: com.xyz.Main Codebase: * Name: com/xyz/print/Table.class SHA1-Digest: VTfZjW9GqKB39EmlNA= Name: common Implementation-Vendor: XYZ Implementation-Title: client Implementation-Version: 1391524251884 Specification-Vendor: XYZ Built-By: kuka Specification-Title: Client Specification-Version: Name: com/xyz/print/Element$1.class SHA1-Digest: ucbptZrxyzfaalv6FYw=` – user1053792 Feb 05 '14 at 07:21
  • 1) Instead of posting all of that in a comment, make an edit to your OP and paste it as code so we can read it. 2) Having said that, my suggestion to you was to verify that all of your library .jars are repackaged as well as your main .jar. Did you do that? – ryvantage Feb 05 '14 at 12:39
  • @ryvantage Sorry about that lousy comment. Yes all the library jars manifest files have the all permissions and code base lines added – user1053792 Feb 06 '14 at 11:36
  • My experiences today suggest that if a jar file is blocked for a user because it doesn't satisfy the security policy, it may remain blocked for that user even after it has been updated to correct the problem. Try testing with a different user account, or wipe the user profile for your test account. – Harry Johnston Feb 07 '14 at 02:20
  • @HarryJohnston thanks for the comment, but what do you mean by user here? – user1053792 Feb 08 '14 at 07:09
  • The operating system account that the web browser is running in. – Harry Johnston Feb 09 '14 at 20:07
  • How many jar files are there in your application? When starting an applet, I found that java checks the **first** jar on the class path for the Permissions attribute, not the one that your applet class resides in. – flup Jun 25 '14 at 10:18

0 Answers0