What's with the new JNLP Missing items warning

2019-04-08 13:54发布

问题:

My JNLP still works fine after our switch from Java 6 to Java 7, but it now throws a whole series of errors like this:

Missing Application-Name: manifest attribute for: http://blah.com/app.jar
Missing Permissions manifest attribute for: http://blah.com/app.jar
Missing Codebase manifest attribute for: http://blah.com/app.jar

It repeats several times for our main jar and a couple times for one of our library jars. However, it does not occur at all for the bulk of our library jars. JaNeLa lists some optimization opportunities (by changing some defaults), but none of those appear to be related, and no actual errors are found.

So far searching the web has left me empty handed on how to make the JNLP file format into something that Java 7 finds worthy. :-)

回答1:

See Missing Codebase manifest attribute for:xxx.jar for an explanation for Permissions and Codebase. If you use ant, you can use the following to add the entries to the manifest:

<manifest file="${source}/META-INF/MANIFEST.MF" mode="update">
  <attribute name="Permissions" value="all-permissions"/>
  <attribute name="Codebase" value="${jnlp.codebase}"/>
  <attribute name="Application-Name" value="${app.name}"/>
</manifest>

Java 7 update 45 broke my Web Start SWT application might also have some interesting information



回答2:

This issue affects both JNLP and applets. The jar files are required to have a permission attribute in the manifest file. I believe the other errors are less critical. The latest JRE shows end users a warning message stating that starting January, 2014 the latest JRE will refuse to run any applet or JNLP jar files with a missing Permissions attribute.

See Java SE7 technotes on manifest.

The Java tutorial has a section on modifying the manifest file but doing this with ant as suggested by @mth sounds simpler.



回答3:

I could make a self signed java web start application work with a workaround. Even though I can see warnings in the console, I get no more warnings. All I needed was:

  1. adding the "Permissions: all-permissions" attribute in the manifest.

  2. Adding the following tag in the jnlp file:

    <security>
       <all-permissions/>
    </security>
    
  3. signing my jars with my own keystore

  4. importing my own certificate in the Java Control Panel (on Windows).


回答4:

If you are using maven this can be done by simply adding something like this in your plugin configuration:

       <updateManifestEntries>
         <Permissions>all-permissions</Permissions>
         <Codebase>*</Codebase>
       </updateManifestEntries>

Taken from the plugin site here