So I am trying to write a sort of 'fix' for the fact that JNLP is for lack of a better word, a shitheap;Of course we don't know what aspects you consider to be "a shitheap" but my bet is that you consider it as such because it does not have some obscure functionality you need rather than because of a bug. Maybe if you explained what functionality you need then someone might be able to suggest an approach.
what I did was wrote a simple little non-changing jnlp application that downloads the most recent binary and then reflectively loads it; and while this works fine in eclipse tests (as I assume it isn't using any sort of access control manager that is restrictive) it outright fails in my server tests because it seems to think that the code loaded from the external .jar isn't trusted, when in fact it is as I've signed both of them with a signature, I've even tried a securitymanager override that just allows everything in the short span of executing the external jar's function.Without any view of your code or your build procedure we are stuffed. I for one am not going to try to re-create your problem without significant further detail from you. I could suggest that you to create and post the two programs (master and slave) and the build system of an SSCCE that illustrates the problem but from the tone of your post ( entering the forum all guns blazing with your first post ) I suspect you are just wanting to gripe.