Issues in Launching the signed applet with java 7u45

Question

We have an applet that also uses javascript to applet communication as well.

After java has been upgraded to 7u45, as per this link, we have made the changes in building the jars using manifest like:

• Added Permissions: all-permissions to Manifest of all JARs
• Added Application-Library-Allowable-Codebase: * to Manifest of all JARs
• Added Caller-Allowable-Codebase: * to Manifest of all JARs
• Added Codebase: * to Manifest of all JARs

Also we disabled the -Djnlp.packEnabled parameter.

With these changes our application is running properly only if the java version available is updated to JRE7u45.

1. But trying to launch the same application with Java 7 update25 or update40, we are getting the error "LiveConnect (JavaScript) blocked due to security settings". But instead of including the above mentioned parameters in the manifest if we just include Trusted-Library and setting it to true. We are able to launch the application but with warnings. The same approach cannot be used for JRE7u45 where we get the security warnings again.

In one of the posts, I have seen an approach to build two jars(one with approach 1 and the other with approach 2) and based on the java version to deploy the respective jar.

But this solution may not be that effective because our application includes more than 5 jar files and maintaining two copies of each is tedious.

Your suggestions would be helpful to us to know an approach where our application would be launched with all the java versions.

Answer 1

Since Java 7 Update 51 you should be able to use both (Trusted-Library) and the new parameters. Then only Java 7 Update 45 should have a warning, all other versions should work.