What's with the new JNLP Missing items warnings in Java 7?

StackOverflow https://stackoverflow.com/questions/19451356

Question

My JNLP still works fine after our switch from Java 6 to Java 7, but it now throws a whole series of errors like this:

Missing Application-Name: manifest attribute for: http://blah.com/app.jar
Missing Permissions manifest attribute for: http://blah.com/app.jar
Missing Codebase manifest attribute for: http://blah.com/app.jar

It repeats several times for our main jar and a couple times for one of our library jars. However, it does not occur at all for the bulk of our library jars. JaNeLa lists some optimization opportunities (by changing some defaults), but none of those appear to be related, and no actual errors are found.

So far searching the web has left me empty handed on how to make the JNLP file format into something that Java 7 finds worthy. :-)

Was it helpful?

Solution

See Missing Codebase manifest attribute for:xxx.jar for an explanation for Permissions and Codebase. If you use ant, you can use the following to add the entries to the manifest:

<manifest file="${source}/META-INF/MANIFEST.MF" mode="update">
  <attribute name="Permissions" value="all-permissions"/>
  <attribute name="Codebase" value="${jnlp.codebase}"/>
  <attribute name="Application-Name" value="${app.name}"/>
</manifest>

Java 7 update 45 broke my Web Start SWT application might also have some interesting information

OTHER TIPS

This issue affects both JNLP and applets. The jar files are required to have a permission attribute in the manifest file. I believe the other errors are less critical. The latest JRE shows end users a warning message stating that starting January, 2014 the latest JRE will refuse to run any applet or JNLP jar files with a missing Permissions attribute.

See Java SE7 technotes on manifest.

The Java tutorial has a section on modifying the manifest file but doing this with ant as suggested by @mth sounds simpler.

I could make a self signed java web start application work with a workaround. Even though I can see warnings in the console, I get no more warnings. All I needed was:

  1. adding the "Permissions: all-permissions" attribute in the manifest.

  2. Adding the following tag in the jnlp file: 

    <security>
   <all-permissions/>
</security>

  3. signing my jars with my own keystore

  4. importing my own certificate in the Java Control Panel (on Windows).

If you are using maven this can be done by simply adding something like this in your plugin configuration:

       <updateManifestEntries>
         <Permissions>all-permissions</Permissions>
         <Codebase>*</Codebase>
       </updateManifestEntries>

Taken from the plugin site here

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top