Yes, you need to add the Permission
, Codebase
, and Application-Name
manifest attributes to every .jar used by your app. This is the main app .jar plus all the 3rd party library .jars as well.
See this answer https://stackoverflow.com/a/19659135/963076 to another SO question.
It is good that you feel uneasy. As I understand it, adding things to the manifests of 3rd party libraries is a violation of the GNU license agreements attached to almost all libraries. I have been scratching my head as Oracle has been releasing these updates as to what they were thinking. Why should a 3rd party library need to designate a JNLP Codebase? Do they know they're forcing us to violate the license agreements of these 3rd party libraries?
But, alas, if you want those warnings to go away and, even more, want your app to work in future Java updates, you must. The truth is, if you use an IDE like Netbeans then it is already repackaging and resigning your 3rd party library .jars anyways. So you won't be breaking any rules your IDE isn't breaking already.