如何在没有安全警告的情况下发布Java Web Start jnlp应用程序? [英] How to publish a Java Web Start jnlp application without security warnings?
问题描述
我有一个从网站的jnlp文件启动的Java应用程序。我试图让它运行而不会在它运行之前闪现一堆安全警告。
I have a Java application that is launched from a jnlp file off of a website. I'm trying to get it to run without flashing up a bunch of security warnings before it runs.
该程序被分解为大约10个不同的jar文件,30或者所以jar库,以及jar文件中还包含一些本机库。
The program is broken up into about 10 different jar files, 30 or so jar libraries, and a couple native libraries also contained in jar files.
我已经使用官方代码签名证书(来自Verisign)签署了所有jar文件,包含jnlp文件包含在保存主类的jar文件中,并将权限和代码库属性添加到我正在编译的主要10个罐子中。
I've signed all of the jar files with an official code signing cert (from Verisign), included the jnlp file inside of the jar file that holds the main class, and added permissions and codebase attributes to the main 10 jars that I'm compiling.
当我启动时程序我得到消息说明:
When I launch the program I get the message stating:
此应用程序将在未来的Java安全更新
中被阻止,因为JAR文件清单不包含权限
属性。请联系发布商以获取更多信息。
This application will be blocked in a future Java security update because the JAR file manifest does not contain the Permissions attribute. Please contact the Publisher for more information.
我可以点击运行以通过此消息,但后来我得到:
I can click "Run" to get past this message, but then I get:
阻止可能不安全的组件运行?应用程序
包含有符号和无符号代码。
Block potentially unsafe components from being run? The application contains both signed and unsigned code.
我已将permissions属性添加到所有jar文件中我正在编译。我是否必须更新我正在使用的第三方库的jar清单?如果是这样,有没有一种简单的方法可以做到这一点?我正在使用Apache Ant来构建应用程序。
I've added the permissions attribute to all of the jar files that I'm compiling. Do I have to update the jar manifest for the third-party libraries that I'm using as well? If so, is there an easy way to do this? I'm using Apache Ant to build the application.
推荐答案
是的,你必须更新所有的罐子
您可以直接将这些属性添加到文件的清单(所有jar ) -
Yes , you have to update all jars
You can add these properties directly into manifest of the jar files (all jars) from a file -
在您的插件目录中:
jar ufm <jar_file> additionalAttribute.txt
此additionalAttribute.txt将包含您的其他清单属性,如 -
This additionalAttribute.txt will contain your additional manifest attribute like -
Permissions: all-permissions
Codebase: *
Application-Name: My App
Caller-Allowable-Codebase: *
Trusted-Library: true
Application-Library-Allowable-Codebase: *
这篇关于如何在没有安全警告的情况下发布Java Web Start jnlp应用程序?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
