Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SecurityException during executing jnlp file (Missing required Permissions manifest attribute in main jar)

OS: Windows 7 64 bit

Java: jdk1.7.0_51

I have a jnlp file. When I double click on this, exception is occurred as below:

Application Error: Unable to launch the application Exception: java.lang.SecurityException: Missing required Permissions manifest attribute in main jar 
like image 370
Ripon Al Wasim Avatar asked Jan 28 '14 11:01

Ripon Al Wasim


People also ask

How do I change the manifest of a JAR file?

To modify the manifest, you must first prepare a text file containing the information you wish to add to the manifest. You then use the Jar tool's m option to add the information in your file to the manifest. Warning: The text file from which you are creating the manifest must end with a new line or carriage return.


2 Answers

JAR File Manifest Attributes for Security

The JAR file manifest contains information about the contents of the JAR file, including security and configuration information.

Add the attributes to the manifest before the JAR file is signed.
See Modifying a Manifest File in the Java Tutorial for information on adding attributes to the JAR manifest file.

Permissions Attribute

The Permissions attribute is used to verify that the permissions level requested by the RIA when it runs matches the permissions level that was set when the JAR file was created.

Use this attribute to help prevent someone from re-deploying an application that is signed with your certificate and running it at a different privilege level. Set this attribute to one of the following values:

  • sandbox - runs in the security sandbox and does not require additional permissions.

  • all-permissions - requires access to the user's system resources.

Changes to Security Slider:

The following changes to Security Slider were included in this release(7u51):

  • Block Self-Signed and Unsigned applets on High Security Setting
  • Require Permissions Attribute for High Security Setting
  • Warn users of missing Permissions Attributes for Medium Security Setting

For more information, see Java Control Panel documentation.

enter image description here

sample MANIFEST.MF

Manifest-Version: 1.0
Ant-Version: Apache Ant 1.8.3
Created-By: 1.7.0_51-b13 (Oracle Corporation)
Trusted-Only: true
Class-Path: lib/plugin.jar
Permissions: sandbox
Codebase: http://myweb.de http://www.myweb.de
Application-Name: summary-applet

like image 140
moskito-x Avatar answered Sep 29 '22 10:09

moskito-x


If you'd like to set this globally for all users of a machine, you can create the following directory and file structures:

mkdir %windir%\Sun\Java\Deployment 

Create a file deployment.config with the content:

deployment.system.config=file:///c:/windows/Sun/Java/Deployment/deployment.properties deployment.system.config.mandatory=TRUE 

Create a file deployment.properties

deployment.user.security.exception.sites=C\:/WINDOWS/Sun/Java/Deployment/exception.sites 

Create a file exception.sites

http://example1.com http://example2.com/path/to/specific/directory/ 

Reference https://blogs.oracle.com/java-platform-group/entry/upcoming_exception_site_list_in

like image 34
bcjenkins Avatar answered Sep 29 '22 09:09

bcjenkins