I support a RIA application based on JAVAWS and deployed in Tomcat server.
With the security enhancements of Java 7 Update 51, I need to improve the security when launching the application,
So I have updated the Manifest attributes in all client jars (see JAR File Manifest Attributes for Security)* and add JNLP-INF/APPLICATION_TEMPLATE.JNLP in the main jar (see Signed JNLP Files)
++ The certificate used to sign the jars is from a trusted authority.
++ The security Verification of Mixing Privileged Code and Sandbox Code (sandbox/secure) option is activated from the Java configuration panel.
The problem is that when launching the client, a confirmation popup is displayed with the information below:
- Title: application blocked by security settings
- Name: ADOC
- Emplacement: http://localhost:8050
- Message: Your security settings have blocked an untrusted application from running
Then if i click on Ok, the client is successfully displayed.
I need some indications on this issue
Thanks in advance !