Skip to Main Content
Forums

Java SE (Java Platform, Standard Edition)

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Java Web Start applications and Gatekeeper

jlanawaltMar 23 2015

As more of our customers upgrade to Mac OS X 10.8 or later or purchase new machines we've had to deal with helping more of them work around Gatekeeper for our Java Web Start deployed applications. Many discussions found on the web show the confusion that surrounds this technology and how it interacts with Web Start apps. Most "solutions" suggest various security changes like allowing apps downloaded from anywhere. The one we most often employ is to control-click the JNLP file and choose Open. Then the dialog has an option to "install" the application anyway.

My take-away from the discussions has been that Gatekeeper is looking for what it considers to be executable code, including JNLP files and Java applets, to be signed via codesign which is stored as an extended HFS attribute and as a result is not transferred over HTTP unless the file is wrapped into some bundle like xip or in a disk image (dmg). Neither of these are a click-and-run experience and move me from the realm of Web Start deployment to just wrapping it up as an Apple app bundle.

Before OS X 10.8 (Mountain Lion) was released, Scott K published on the Talking Java Deployment blog an article titled Java applications and Gatekeeper where he suggested the best possible user experience comes from creating an app that is bundled with Java and signed with an Apple Devloper ID using the codesign tool. (Note this is not the same as the code signing from jarsigner in the JAR/META-INF. The article ends, edited, with a statement that Gatekeeper does not apply to command-line tools like java, javac, javah and so on. It has been my experience that it does seem to apply to javaws or whatever is used on the Mac to launch a Web Start app from a JNLP file. It is as if Apple has said they don't trust the Java security model for downloaded dynamic code and are adding an extra restriction that seems to severely limit the "click-and-run" functionality of Web Start or applets.

Is there anything I can do to get a JNLP file to "just work" for Mac end users like it use to before 10.8 / Gatekeeper?

Is there anything in the works from Oracle to fix this issue?

--

Jacob

Comments

486600
Does anyone have any ideas on how to test an Apex application?

Thanks

Kevin
Ashish Dave-Oracle
it can be tested as normal web application.
what kind of test you used to varify failure? text matching test?
486600
I'm new to Oracle Testing Suite so im unsure of exactly how to get the desired results. If an ORA error message is displayed on the screen i want to make the page fail. So is there a way of making the test fail if certain text is present on the screen?

Secondly i want to create a script that recognises a change has happened to the application (such as a link takes the user to a different page than expected when the script was created) and fail.

Do you have any idea on how to achieve this

Thanks

Kevin
Ashish Dave-Oracle
text matching test will achieve first objective
text matching test or custom object test will be good for second one
1 person found this helpful
486600
Thankyou

The text matching test has worked for the first problem. However i am unable to find a custom object test in the Tests Menu. How do i go about creating one of these?

Regards

Kevin
Ashish Dave-Oracle
Answer
"insert custom object test"
which version do you use?
Marked as Answer by 486600 · Sep 27 2020
486600
Thanks for your help. I have the desired results

Kevin
695716
Hi

I installed the oats850 version 2.11.15.0 and when tried to open the oracle load testing for web application it alerts the following error message in the Firefox browser.

'http://localhost:8088/olt/'

Thanks in advance, kindly suggest.

Regards
sathish

Edited by: user10993677 on Apr 15, 2009 4:59 AM
1 - 8
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Apr 20 2015
Added on Mar 23 2015
#java-web-start-jnlp
0 comments
1,333 views