P4
a possible misunderstanding is the use of DRS to circumvent the new requirement that all properties listed in a jnlp file shall only be honored if they are secure properties, or the jnlp file is signed.
The app uses several insecure properties in the jnlp file, and the security fix in 7u45 is blocking them from being set.
Should consider an enhancement to set insecure properties that come from a jnlp file for which there is a location based DRS run rule, however the certificate of the signed jars cannot help this if the jnlp file itself is unsigned.
The app uses several insecure properties in the jnlp file, and the security fix in 7u45 is blocking them from being set.
Should consider an enhancement to set insecure properties that come from a jnlp file for which there is a location based DRS run rule, however the certificate of the signed jars cannot help this if the jnlp file itself is unsigned.
- relates to
-
JDK-8026002 Certificate based DRS rule does not work when main jar is in nested resource block or extension
-
- Closed
-