Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #11580 > unrolled thread

Java Web Start Permissions

Back to article view | Back to comp.lang.java.programmer

Contents

  Java Web Start Permissions Novice <novice@example..com> - 2012-01-23 01:48 +0000
    Re: Java Web Start Permissions Knute Johnson <nospam@knutejohnson.com> - 2012-01-22 19:02 -0800
      Re: Java Web Start Permissions Novice <novice@example..com> - 2012-01-23 19:04 +0000
        Re: Java Web Start Permissions Knute Johnson <nospam@knutejohnson.com> - 2012-01-23 13:41 -0800
          Re: Java Web Start Permissions "John B. Matthews" <nospam@nospam.invalid> - 2012-01-23 21:32 -0500
            Re: Java Web Start Permissions Knute Johnson <nospam@knutejohnson.com> - 2012-01-23 21:22 -0800
              Re: Java Web Start Permissions "John B. Matthews" <nospam@nospam.invalid> - 2012-01-24 01:40 -0500
                Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 09:21 -0500
              Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 04:23 -0500
                Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 04:40 -0500
              Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 05:20 -0500
              Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 06:08 -0500
              Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 07:22 -0500
    Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 05:42 -0500
    Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 07:43 -0500
      Re: Java Web Start Permissions Gunter Herrmann <notformail0106@earthlink.net> - 2012-01-24 16:48 -0500
        Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-24 18:13 -0500
          Re: Java Web Start Permissions Gunter Herrmann <notformail0106@earthlink.net> - 2012-01-25 10:28 -0500
            Re: Java Web Start Permissions Jeff Higgins <jeff@invalid.invalid> - 2012-01-25 12:06 -0500
    Re: Java Web Start Permissions Roedy Green <see_website@mindprod.com.invalid> - 2012-01-24 09:48 -0800

#11580 — Java Web Start Permissions

Does anyone here know about permissions in Java Web Start?

I'm starting to learn how to use Java Web Start. After a bumpy start, I 
finally succeeded in getting some Hello World applets and applications to 
work perfectly via Java Web Start.

Now I'm working on a considerably more sophisticated application and 
bumping into issues involving permissions. For example, the first error I 
am getting is: 

access denied ("java.util.PropertyPermission" "user.name" "read")

I'm also expecting to need permission to write logs, although I haven't 
gotten that far into executing my code yet. It's possible that there will 
be other things that need permission too.

Can anyone explain how I give the application the permissions it needs? 
I've done some googling on this issue and know that policy files are part 
(or all?) of the solution. I see that I that there is a master permissions 
file as well as individual permission files for individual users, situated 
in their home directories. Is the user's home directory always My Documents 
in Windows? (I'm only worried about serving Windows users for the moment 
but I have no idea which version of Windows they'll have: XP, Vista, 7 or 
whatever.)

I'm assuming the JNLP file for the Java Web Start also needs to have 
something in it to point to the necessary permission. Unfortunately, the 
documentation I've found so far is NOT very clear and examples are scarce 
so I'm not sure what needs to happen in the JNLP file.

I'm also interested in knowing how the user of the application gives his 
consent to any permissions I need. For instance, if I create a policy file 
that gives me permission to do what I need to do, how does the user of the 
Java Web Start application keep me from doing bad things, like deleting 
every file on his hard drive? It seems to me that I should only be able to 
request what I need but that the user of the program needs to be able to 
look over that request, realize how dangerous or harmless that request is, 
and then give consent if he is satisfied that it is safe. But how/when does 
that happen? Do I send him the policy file and then let him eyeball it in a 
text editor to make sure it's not doing something inappropriate? Then wait 
for him to put the policy file in the appropriate place?



-- 
Novice

[toc] | [next] | [standalone]

#11581

On 1/22/2012 5:48 PM, Novice wrote:
> Does anyone here know about permissions in Java Web Start?
>
> I'm starting to learn how to use Java Web Start. After a bumpy start, I
> finally succeeded in getting some Hello World applets and applications to
> work perfectly via Java Web Start.
>
> Now I'm working on a considerably more sophisticated application and
> bumping into issues involving permissions. For example, the first error I
> am getting is:
>
> access denied ("java.util.PropertyPermission" "user.name" "read")
>
> I'm also expecting to need permission to write logs, although I haven't
> gotten that far into executing my code yet. It's possible that there will
> be other things that need permission too.
>
> Can anyone explain how I give the application the permissions it needs?
> I've done some googling on this issue and know that policy files are part
> (or all?) of the solution. I see that I that there is a master permissions
> file as well as individual permission files for individual users, situated
> in their home directories. Is the user's home directory always My Documents
> in Windows? (I'm only worried about serving Windows users for the moment
> but I have no idea which version of Windows they'll have: XP, Vista, 7 or
> whatever.)
>
> I'm assuming the JNLP file for the Java Web Start also needs to have
> something in it to point to the necessary permission. Unfortunately, the
> documentation I've found so far is NOT very clear and examples are scarce
> so I'm not sure what needs to happen in the JNLP file.
>
> I'm also interested in knowing how the user of the application gives his
> consent to any permissions I need. For instance, if I create a policy file
> that gives me permission to do what I need to do, how does the user of the
> Java Web Start application keep me from doing bad things, like deleting
> every file on his hard drive? It seems to me that I should only be able to
> request what I need but that the user of the program needs to be able to
> look over that request, realize how dangerous or harmless that request is,
> and then give consent if he is satisfied that it is safe. But how/when does
> that happen? Do I send him the policy file and then let him eyeball it in a
> text editor to make sure it's not doing something inappropriate? Then wait
> for him to put the policy file in the appropriate place?

The usual method is to sign the .jar file.  The problem with that is 
having to get a certificate that is recognizable by all the browsers. 
They are not cheap and you have to renew them.

I think it is possible for the user to change a policy file and permit 
things such as file access but I've never done it.

You can self sign your certificate but the browser will pop up a dialog 
to tell the user that the application's digital signature cannot be 
verified.  The user may still allow it to run but that really is a big 
security risk.

If you want to see an example of that, go to my aviation page and click 
on the VFR Flight Log link.

http://rabbitbrush.frazmtn.com/aviation

-- 

Knute Johnson

[toc] | [prev] | [next] | [standalone]

#11585

Knute Johnson <nospam@knutejohnson.com> wrote in
news:jfiikv$qcd$1@dont-email.me: 

> On 1/22/2012 5:48 PM, Novice wrote:
>> Does anyone here know about permissions in Java Web Start?
>>
>> I'm starting to learn how to use Java Web Start. After a bumpy start,
>> I finally succeeded in getting some Hello World applets and
>> applications to work perfectly via Java Web Start.
>>
>> Now I'm working on a considerably more sophisticated application and
>> bumping into issues involving permissions. For example, the first
>> error I am getting is:
>>
>> access denied ("java.util.PropertyPermission" "user.name" "read")
>>
>> I'm also expecting to need permission to write logs, although I
>> haven't gotten that far into executing my code yet. It's possible
>> that there will be other things that need permission too.
>>
>> Can anyone explain how I give the application the permissions it
>> needs? I've done some googling on this issue and know that policy
>> files are part (or all?) of the solution. I see that I that there is
>> a master permissions file as well as individual permission files for
>> individual users, situated in their home directories. Is the user's
>> home directory always My Documents in Windows? (I'm only worried
>> about serving Windows users for the moment but I have no idea which
>> version of Windows they'll have: XP, Vista, 7 or whatever.)
>>
>> I'm assuming the JNLP file for the Java Web Start also needs to have
>> something in it to point to the necessary permission. Unfortunately,
>> the documentation I've found so far is NOT very clear and examples
>> are scarce so I'm not sure what needs to happen in the JNLP file.
>>
>> I'm also interested in knowing how the user of the application gives
>> his consent to any permissions I need. For instance, if I create a
>> policy file that gives me permission to do what I need to do, how
>> does the user of the Java Web Start application keep me from doing
>> bad things, like deleting every file on his hard drive? It seems to
>> me that I should only be able to request what I need but that the
>> user of the program needs to be able to look over that request,
>> realize how dangerous or harmless that request is, and then give
>> consent if he is satisfied that it is safe. But how/when does that
>> happen? Do I send him the policy file and then let him eyeball it in
>> a text editor to make sure it's not doing something inappropriate?
>> Then wait for him to put the policy file in the appropriate place?
> 
> The usual method is to sign the .jar file.  The problem with that is 
> having to get a certificate that is recognizable by all the browsers. 
> They are not cheap and you have to renew them.
> 
That might be a viable solution under other circumstances but it isn't 
suitable for my purposes....

> I think it is possible for the user to change a policy file and permit
> things such as file access but I've never done it.
>
That's what I'd like to do, if I can figure out the details. The 
documentation I've found so far only gives intriguing bits and pieces but 
provides no obvious way to get clarification.

For instance, I understand that the "sandbox" architecture means that no 
user properties are accessible. But other documentation suggests that is 
only the default situation and additional permissions can be provided - 
how is not clear yet - which may or may not help me get past the 
restriction on user properties. (I need to access "user.home" so that I 
can store preferences for my program under an appropriate node of a 
preferences tree.) 

I've also seen information about various services in JNLP that will let 
you read and write files from the file system, which would help with 
those aspects of my program, but I'm reluctant to rewrite my applications 
to use JNLP services unless I can be sure they are definitely not going 
to be blocked by Java security. 

> You can self sign your certificate but the browser will pop up a
> dialog to tell the user that the application's digital signature
> cannot be verified.  The user may still allow it to run but that
> really is a big security risk.
> 
> If you want to see an example of that, go to my aviation page and
> click on the VFR Flight Log link.
> 
> http://rabbitbrush.frazmtn.com/aviation
>

I'm not wild about that solution either. _I_ know that my program is 
harmless but I don't want people using it to have to wonder what kind of 
nastiness my program might commit. 

I really prefer some kind of plain English policy file that a user can 
read and be satisfied that nothing bad is going to happen when he runs 
the program. 

Unfortunately, I'm having trouble getting that to work. I've created a 
simple policy file that gives the program permission to read the 
"user.name" property. I've determined the value of the "user.home" 
property on my system and supplied the VM arguments "-Djava.security.main  
-Djava.security.policy=Foo_Security_Policy.txt" in the JNLP file. When I 
run the program with Java Web Start, it either doesn't see or doesn't 
like the policy file because I still get the error about not being able 
to read "user.name". 

Maybe I need to ping Roedy Green; he's had a lot more to do with Java Web 
Start than I have but from his website, he mostly handles security by 
signing jars, not policy files....


-- 
Novice

[toc] | [prev] | [next] | [standalone]

#11586

On 1/23/2012 11:04 AM, Novice wrote:
> I'm not wild about that solution either. _I_ know that my program is
> harmless but I don't want people using it to have to wonder what kind of
> nastiness my program might commit.

And there is the rub.  No matter how you release the program from the 
constraints of the security manager, it can wreak havoc on the user's 
computer.

-- 

Knute Johnson

[toc] | [prev] | [next] | [standalone]

#11589

In article <jfkk6l$2ku$1@dont-email.me>,
 Knute Johnson <nospam@knutejohnson.com> wrote:

> On 1/23/2012 11:04 AM, Novice wrote:
> > I'm not wild about that solution either. _I_ know that my program 
> > is harmless but I don't want people using it to have to wonder what 
> > kind of nastiness my program might commit.
> 
> And there is the rub.  No matter how you release the program from the 
> constraints of the security manager, it can wreak havoc on the user's 
> computer.

One alternative is to use a javax.jnlp.PersistenceService [1] 
implementation, which "provides methods for storing data locally on the 
client system, even for applications that are running in the untrusted 
execution environment." Andrew Thompson has posted a convenient 
demonstration [2] that saves notes across launches without requiring any 
special permissions.

[1] 
<http://docs.oracle.com/javase/7/docs/jre/api/javaws/jnlp/javax/jnlp/Pers
istenceService.html>
[2] <http://pscode.org/jws/api.html#ps>

-- 
John B. Matthews
trashgod at gmail dot com
<http://sites.google.com/site/drjohnbmatthews>

[toc] | [prev] | [next] | [standalone]

#11590

On 1/23/2012 6:32 PM, John B. Matthews wrote:
> One alternative is to use a javax.jnlp.PersistenceService [1]
> implementation, which "provides methods for storing data locally on the
> client system, even for applications that are running in the untrusted
> execution environment." Andrew Thompson has posted a convenient
> demonstration [2] that saves notes across launches without requiring any
> special permissions.
>
> [1]
> <http://docs.oracle.com/javase/7/docs/jre/api/javaws/jnlp/javax/jnlp/Pers
> istenceService.html>
> [2]<http://pscode.org/jws/api.html#ps>

John:

Where does one find that class?  The Java 7 docs don't show the 
javax.jnlp package at all.

-- 

Knute Johnson

[toc] | [prev] | [next] | [standalone]

#11591

In article <jflf5q$5q0$1@dont-email.me>,
 Knute Johnson <nospam@knutejohnson.com> wrote:

> John:
> 
> Where does one find that class?  The Java 7 docs don't show the 
> javax.jnlp package at all.

According to this, jnlp.jar is "in the samples directory of the JDK."

<http://java.sun.com/javase/technologies/desktop/javawebstart/download-jnlp.html>

Alas, not so on my platform.

-- 
John B. Matthews
trashgod at gmail dot com
<http://sites.google.com/site/drjohnbmatthews>

[toc] | [prev] | [next] | [standalone]

#11600

On 01/24/2012 01:40 AM, John B. Matthews wrote:
> In article<jflf5q$5q0$1@dont-email.me>,
>   Knute Johnson<nospam@knutejohnson.com>  wrote:
>
>> John:
>>
>> Where does one find that class?  The Java 7 docs don't show the
>> javax.jnlp package at all.
>
> According to this, jnlp.jar is "in the samples directory of the JDK."
>
> <http://java.sun.com/javase/technologies/desktop/javawebstart/download-jnlp.html>
>
> Alas, not so on my platform.
>
It might behoove Oracle to sign-up with Google's new Stale Content 
Advisor subscription service.

[toc] | [prev] | [next] | [standalone]

#11592

On 01/24/2012 12:22 AM, Knute Johnson wrote:
> On 1/23/2012 6:32 PM, John B. Matthews wrote:
>> One alternative is to use a javax.jnlp.PersistenceService [1]
>> implementation, which "provides methods for storing data locally on the
>> client system, even for applications that are running in the untrusted
>> execution environment." Andrew Thompson has posted a convenient
>> demonstration [2] that saves notes across launches without requiring any
>> special permissions.
>>
>> [1]
>> <http://docs.oracle.com/javase/7/docs/jre/api/javaws/jnlp/javax/jnlp/Pers
>> istenceService.html>
>> [2]<http://pscode.org/jws/api.html#ps>
>
> John:
>
> Where does one find that class? The Java 7 docs don't show the
> javax.jnlp package at all.
>
<http://jnlp.sourceforge.net/netx/> :)

[toc] | [prev] | [next] | [standalone]

#11593

On 01/24/2012 04:23 AM, Jeff Higgins wrote:
> On 01/24/2012 12:22 AM, Knute Johnson wrote:
>> On 1/23/2012 6:32 PM, John B. Matthews wrote:
>>> One alternative is to use a javax.jnlp.PersistenceService [1]
>>> implementation, which "provides methods for storing data locally on the
>>> client system, even for applications that are running in the untrusted
>>> execution environment." Andrew Thompson has posted a convenient
>>> demonstration [2] that saves notes across launches without requiring any
>>> special permissions.
>>>
>>> [1]
>>> <http://docs.oracle.com/javase/7/docs/jre/api/javaws/jnlp/javax/jnlp/Pers
>>>
>>> istenceService.html>
>>> [2]<http://pscode.org/jws/api.html#ps>
>>
>> John:
>>
>> Where does one find that class? The Java 7 docs don't show the
>> javax.jnlp package at all.
>>
> <http://jnlp.sourceforge.net/netx/> :)
>
<http://docs.oracle.com/javase/1.5.0/docs/guide/javaws/developersguide/examples.html#PersistenceService>

[toc] | [prev] | [next] | [standalone]

#11595

On 01/24/2012 12:22 AM, Knute Johnson wrote:
> On 1/23/2012 6:32 PM, John B. Matthews wrote:
>> One alternative is to use a javax.jnlp.PersistenceService [1]
>> implementation, which "provides methods for storing data locally on the
>> client system, even for applications that are running in the untrusted
>> execution environment." Andrew Thompson has posted a convenient
>> demonstration [2] that saves notes across launches without requiring any
>> special permissions.
>>
>> [1]
>> <http://docs.oracle.com/javase/7/docs/jre/api/javaws/jnlp/javax/jnlp/Pers
>> istenceService.html>
>> [2]<http://pscode.org/jws/api.html#ps>
>
> John:
>
> Where does one find that class? The Java 7 docs don't show the
> javax.jnlp package at all.
>
I can imagine the JNLP client (whichever it may be) making available a 
path to the required classes.

[toc] | [prev] | [next] | [standalone]

#11597

On 01/24/2012 12:22 AM, Knute Johnson wrote:
> On 1/23/2012 6:32 PM, John B. Matthews wrote:
>> One alternative is to use a javax.jnlp.PersistenceService [1]
>> implementation, which "provides methods for storing data locally on the
>> client system, even for applications that are running in the untrusted
>> execution environment." Andrew Thompson has posted a convenient
>> demonstration [2] that saves notes across launches without requiring any
>> special permissions.
>>
>> [1]
>> <http://docs.oracle.com/javase/7/docs/jre/api/javaws/jnlp/javax/jnlp/Pers
>> istenceService.html>
>> [2]<http://pscode.org/jws/api.html#ps>
>
> John:
>
> Where does one find that class? The Java 7 docs don't show the
> javax.jnlp package at all.
>
I find them in /usr/lib/jvm/java-6-sun/jre/lib/javaws.jar

[toc] | [prev] | [next] | [standalone]

#11598

On 01/24/2012 12:22 AM, Knute Johnson wrote:
> On 1/23/2012 6:32 PM, John B. Matthews wrote:
>> One alternative is to use a javax.jnlp.PersistenceService [1]
>> implementation, which "provides methods for storing data locally on the
>> client system, even for applications that are running in the untrusted
>> execution environment." Andrew Thompson has posted a convenient
>> demonstration [2] that saves notes across launches without requiring any
>> special permissions.
>>
>> [1]
>> <http://docs.oracle.com/javase/7/docs/jre/api/javaws/jnlp/javax/jnlp/Pers
>> istenceService.html>
>> [2]<http://pscode.org/jws/api.html#ps>
>
> John:
>
> Where does one find that class? The Java 7 docs don't show the
> javax.jnlp package at all.
>

See the note at the bottom of the page.
<http://java.sun.com/docs/books/tutorial/deployment/doingMoreWithRIA/usingJNLPAPI.html>

[toc] | [prev] | [next] | [standalone]

#11596

On 01/22/2012 08:48 PM, Novice wrote:
> Does anyone here know about permissions in Java Web Start?
>
> I'm starting to learn how to use Java Web Start. After a bumpy start, I
> finally succeeded in getting some Hello World applets and applications to
> work perfectly via Java Web Start.
>
> Now I'm working on a considerably more sophisticated application and
> bumping into issues involving permissions. For example, the first error I
> am getting is:
>
> access denied ("java.util.PropertyPermission" "user.name" "read")
>
> I'm also expecting to need permission to write logs, although I haven't
> gotten that far into executing my code yet. It's possible that there will
> be other things that need permission too.
>
> Can anyone explain how I give the application the permissions it needs?
> I've done some googling on this issue and know that policy files are part
> (or all?) of the solution. I see that I that there is a master permissions
> file as well as individual permission files for individual users, situated
> in their home directories. Is the user's home directory always My Documents
> in Windows? (I'm only worried about serving Windows users for the moment
> but I have no idea which version of Windows they'll have: XP, Vista, 7 or
> whatever.)
>
> I'm assuming the JNLP file for the Java Web Start also needs to have
> something in it to point to the necessary permission. Unfortunately, the
> documentation I've found so far is NOT very clear and examples are scarce
> so I'm not sure what needs to happen in the JNLP file.

Java Web Start is a JNLP client implementation specified by the Java 
Network Launching Protocol & API Specification (JSR-56) currently in 
Version 7.0. That documentation seems clear to me and examples seem 
abundant.

>
> I'm also interested in knowing how the user of the application gives his
> consent to any permissions I need. For instance, if I create a policy file
> that gives me permission to do what I need to do, how does the user of the
> Java Web Start application keep me from doing bad things, like deleting
> every file on his hard drive? It seems to me that I should only be able to
> request what I need but that the user of the program needs to be able to
> look over that request, realize how dangerous or harmless that request is,
> and then give consent if he is satisfied that it is safe. But how/when does
> that happen? Do I send him the policy file and then let him eyeball it in a
> text editor to make sure it's not doing something inappropriate? Then wait
> for him to put the policy file in the appropriate place?
>
>
>

[toc] | [prev] | [next] | [standalone]

#11599

On 01/22/2012 08:48 PM, Novice wrote:
> Does anyone here know about permissions in Java Web Start?
>
> I'm starting to learn how to use Java Web Start. After a bumpy start, I
> finally succeeded in getting some Hello World applets and applications to
> work perfectly via Java Web Start.
>
> Now I'm working on a considerably more sophisticated application and
> bumping into issues involving permissions. For example, the first error I
> am getting is:
>
> access denied ("java.util.PropertyPermission" "user.name" "read")
>
> I'm also expecting to need permission to write logs, although I haven't
> gotten that far into executing my code yet. It's possible that there will
> be other things that need permission too.
>
> Can anyone explain how I give the application the permissions it needs?
> I've done some googling on this issue and know that policy files are part
> (or all?) of the solution. I see that I that there is a master permissions
> file as well as individual permission files for individual users, situated
> in their home directories. Is the user's home directory always My Documents
> in Windows? (I'm only worried about serving Windows users for the moment
> but I have no idea which version of Windows they'll have: XP, Vista, 7 or
> whatever.)
>
> I'm assuming the JNLP file for the Java Web Start also needs to have
> something in it to point to the necessary permission. Unfortunately, the
> documentation I've found so far is NOT very clear and examples are scarce
> so I'm not sure what needs to happen in the JNLP file.
>
> I'm also interested in knowing how the user of the application gives his
> consent to any permissions I need. For instance, if I create a policy file
> that gives me permission to do what I need to do, how does the user of the
> Java Web Start application keep me from doing bad things, like deleting
> every file on his hard drive? It seems to me that I should only be able to
> request what I need but that the user of the program needs to be able to
> look over that request, realize how dangerous or harmless that request is,
> and then give consent if he is satisfied that it is safe. But how/when does
> that happen? Do I send him the policy file and then let him eyeball it in a
> text editor to make sure it's not doing something inappropriate? Then wait
> for him to put the policy file in the appropriate place?
>
It seems to me that you are conflating the notion of a Java application 
and the JNLP view of a Web-centric Application Model and hoping to use a 
JNLP client as an installer for your Java application - which it 
specifically purports not to be: "It is not a general installation 
protocol for software components".

[toc] | [prev] | [next] | [standalone]

#11602

Hi!

Jeff Higgins wrote:
> hoping to use a
> JNLP client as an installer for your Java application - which it
> specifically purports not to be: "It is not a general installation
> protocol for software components".

Javaws is the perfect installer for Java desktop applications.
The only limitation is that it supports only a few file types.
I do use jnlp files and jar files (for program, properties, graphics).
Everything is signed, one file is already signed by a third party,
so you need multiple jnlp files (one for each signature).

<offline-allowed/> will enable local cashing, so at program start
the application checks for updates and downloads them when
a newer version is found, but it is able to run without connection
to the server.

I use this way for running a Java/Swing/jdbc desktop application on 100+ systems.

Regarding the above quote:
It really is not a general installation protocol,
but it works perfectly for everything you can put in a jar file.

Gunter

[toc] | [prev] | [next] | [standalone]

#11603

On 01/24/2012 04:48 PM, Gunter Herrmann wrote:
> Hi!
>
> Jeff Higgins wrote:
>> hoping to use a
>> JNLP client as an installer for your Java application - which it
>> specifically purports not to be: "It is not a general installation
>> protocol for software components".
>
> Javaws is the perfect installer for Java desktop applications.
> The only limitation is that it supports only a few file types.
> I do use jnlp files and jar files (for program, properties, graphics).
> Everything is signed, one file is already signed by a third party,
> so you need multiple jnlp files (one for each signature).
>
> <offline-allowed/> will enable local cashing, so at program start
> the application checks for updates and downloads them when
> a newer version is found, but it is able to run without connection
> to the server.
>
> I use this way for running a Java/Swing/jdbc desktop application on 100+
> systems.

Great to hear. Now I'm curious. How much state does your application 
maintain client side? Is your application able to run purposefully 
standalone or without connection for extended periods?

>
> Regarding the above quote:
> It really is not a general installation protocol,
> but it works perfectly for everything you can put in a jar file.
>
> Gunter

[toc] | [prev] | [next] | [standalone]

#11609

Hi!

Jeff Higgins wrote:
>   How much state does your application
> maintain client side?

It has a local embedded SQL database, these files are installed
before sending the device out. Javaws is used to automatically
load new program versions from an Apache server in the data center.

> Is your application able to run purposefully
> standalone or without connection for extended periods?

In case no connection to the deployment server can be established,
the application is run from the local version from the last auto update.

The application can run in stand alone mode, but quite
obviously it will have limited capabilities (e.g. no online credit card
transactions, no access to transactions created at other systems, etc.)

It will need connectivity to the remote Oracle database to get new
configuration data (e.g. prices) and to upload its own transactions.

Gunter

[toc] | [prev] | [next] | [standalone]

#11610

On 01/25/2012 10:28 AM, Gunter Herrmann wrote:
> Hi!
>
> Jeff Higgins wrote:
>> How much state does your application
>> maintain client side?
>
> It has a local embedded SQL database, these files are installed
> before sending the device out. Javaws is used to automatically
> load new program versions from an Apache server in the data center.
>
>> Is your application able to run purposefully
>> standalone or without connection for extended periods?
>
> In case no connection to the deployment server can be established,
> the application is run from the local version from the last auto update.
>
> The application can run in stand alone mode, but quite
> obviously it will have limited capabilities (e.g. no online credit card
> transactions, no access to transactions created at other systems, etc.)
>
> It will need connectivity to the remote Oracle database to get new
> configuration data (e.g. prices) and to upload its own transactions.
>

Thank you Gunter.
This thread has given me pause to consider the application of the JNLP.

In my limited view of the world I am aware of and somewhat familiar with 
two web-centric applications deployed using JNLP: a pharmacy workflow 
app, and a CMMS app. Both seem very much like your application, in that 
they store some fairly static data, are able to cache transaction data, 
user settings, similar in scale, etc., and present a Swing desktop to 
the user. I will call them web-centric because without a connection to a 
"data center" they are of limited use. This seems a perfectly natural 
candidate for JNLP deployment, and besides the three apps so far 
discussed, I assume there is a whole host of similar apps using JNLP 
deployment.

A desktop application, in my estimation, is an application capable of 
fully standalone operation. Of course it will produce or consume data 
that will need to be exported/imported. In addition, most fairly complex 
desktop apps will make considerable use of the host systems' resources: 
file systems, network connections, spawning processes, etc.

Like the web-centric app, desktop apps range in scale. From a small 
single purpose scientific calculator type app, through a Java IDE and an 
office suite, and beyond. I have perhaps a half dozen Java desktop 
applications that range in size and complexity around the Java IDE that 
I use on a routine or occasional basis. This is the scope of the desktop 
application that prompted my comment. Of course taking my limited view 
of the world into account, these are the applications that I do not see 
being deployed using JNLP.

It is not that I have some reason to believe that using JNLP for 
deployment of this type of application is unworkable, or "bad" in some 
sense. It is simply that I don't see it being done. Web-centric, desktop 
vs browser GUI, of the type described above: yes. Small scale mostly 
single purpose desktop apps: yes, most certainly, thousands of them.

If I haven't missed something, and this type of desktop app is not being 
deployed using JNLP I begin to wonder why? If I have missed some JNLP 
deployment of this type app I would love to become aware.

[toc] | [prev] | [next] | [standalone]

#11601

On Mon, 23 Jan 2012 01:48:10 +0000 (UTC), Novice <novice@example..com>
wrote, quoted or indirectly quoted someone who said :

>
>Can anyone explain how I give the application the permissions it needs? 
 

You have to sign the jar.  See
http://mindprod.com/jgloss/javawebstart.html

see also 
http://mindprod.com/jgloss/jarsignerexe.html
-- 
Roedy Green Canadian Mind Products
http://mindprod.com
One of the most useful comments you can put in a program is 
"If you change this, remember to change ?XXX? too".
 

[toc] | [prev] | [standalone]

Back to top | Article view | comp.lang.java.programmer

csiph-web