felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nicolas Roduit (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-4281) Security Warning: Felix with Java Web Start
Date Fri, 06 Jun 2014 16:52:02 GMT

    [ https://issues.apache.org/jira/browse/FELIX-4281?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14020033#comment-14020033

Nicolas Roduit commented on FELIX-4281:

I agree that it would be necessary to have the property jnlp.felix.extensions.disable to be
compliant with the new Java Web Start restrictions. It could be both: felix.extensions.disable
 and jnlp.felix.extensions.disable

> Security Warning: Felix with Java Web Start
> -------------------------------------------
>                 Key: FELIX-4281
>                 URL: https://issues.apache.org/jira/browse/FELIX-4281
>             Project: Felix
>          Issue Type: Bug
>         Environment: Windows 7 with Java 7 update 40, 64 bits
>            Reporter: Cesar Souza
>            Assignee: Karl Pauls
>            Priority: Minor
>         Attachments: message.zip, sec_action.patch, viewer.jnlp, webstart.patch
> Since the release of Java 7 update 40 the following warning occurs when you try to execute
a signed (with valid certificate) Java Web Start application: 
> -----------------------------
> Security Warning
> Do you want to run this application?
> An unsigned application from the location below is requesting permission to run.
> http://......
> Running unsigned applications like this will be blocked in a future
> release because it is potentially unsafe and a security risk
> -----------------------------
> Although the Java recognizes the certificate in the first dialog, it shows the warning
message when the Felix's init method is invoked.
> I have tested a same application over Java 7 update 21 and everything is ok.

This message was sent by Atlassian JIRA

View raw message