I build a Java Web Start application signed with a valid certificate.
When I star the application the security dialog appear correctly as show in this figure
My issue is about the "do not show again" checkbox.
If the attributes href are present in the jnlp tag of the jnlp file the checkbox appear.
If the attribute are not present, the checkbox doesn't appear and the run needs to be confirmed every time.
<jnlp spec="1.0+" codebase=
This is a problem because my jnlp file is under a password protected directory and if href is specifed, the Java Web Start application try to retrieve it as the other resources. ( result in access denied because only the browser session is authenticated and the run fails)
The documentation at Deploying a Java Web Start Application said:
href attributes are optional when deploying Java Web Start applications that will run on at least the Java SE 6 update 18 release or later. You must specify the
href attributes when deploying Java Web Start applications that will run with previous releases of the Java Runtime Environment software.
What is the right code? With href or without?
Is this a BUG or a feature?
How can I show the "don't show again" checkbox without having to specify the href attribute?
From the documentation at JAR File Manifest Attributes for Security
Application-Library-Allowable-Codebase attribute is present and matches the location from which the RIA is started, then a single host is listed in the Location field for the prompt and the option to hide future prompts is provided.
This issue is also discussed here: Java Web Start security dialogs with Java 7 update 51 - Stack Overflow