I got my application running with JRE build 9-ea+163 by passing the --permit-illegal-access flag to the VM. Now I want to start the app with Java Webstart. A first try with

javaws -J--permit-illegal-access <JNLP-Url>

does not work. I get the same InaccessibleObjectException with module java.base does not "opens java.util" to unnamed module as without the flag.

Adding <j2se java-vm-args="--permit-illegal-access" version="9*"/> to the JNLP does not help.

Does Webstart support the --permit-illegal-access flag?

Can I furthermore specify the flag in the JNLP file?

Btw, with Java 9

javaws https://docs.oracle.com/javase/tutorialJWS/samples/deployment/NotepadJWSProject/Notepad.jnlp

throws an IllegalAccessException and -J--permit-illegal-access doesn't help either.

P.S.: Setting the env variable JAVA_TOOL_OPTIONS to --permit-illegal-access works, but is not a solution since the clients are not accessible.

Java Web Start does not support the --permit-illegal-access option. JNLP apps that need to break encapsulation should use the precise options, there is support for both --add-exports and --add-opens.