When there is no jre matches the rule specified by Admin, there is a blocked dialog for javaws apps. But no such dialog for plugin applet and javafx apps.

Steps to reproduce:
test scenario: Admin provide a secure version(version="secure") with "force=true" while no secure jre installed on system
1) Install 8u20 nighty build#2550
2) Download http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/LSPJPI/lib/DeploymentRuleSet.jar and then copy it to deployment.system.home/
In this DeploymentRuleSet.jar, we have:
<ruleset version="1.1">
  <rule> <!-- allow run everything -->
     <id location="http://sqeweb.us.oracle.com/"/>
     <action permission="run" version="SECURE" force="true"/>
  </rule>
  <!-- block everything else -->
  <rule>
     <id/>
     <action permission="block" message="we don't want to run anything else"/>
  </rule>
</ruleset>
3) Make sure you can access to internet or disable OCSP and CRL check from JCP
4) Add information "1.8.0_99" to baseline.versions file under {DEPLOY_USER_HOME}/security/ dir to make test jre as old
5) Load applet: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/LSPJPI/html/UnsignedSandboxJNLP.html
6) If this app get blocked directly without any blocked dialog, then this bug is reproduced. In log, there is NPE:
java.lang.NullPointerException
at sun.plugin2.applet.Plugin2Manager.setParameter(Unknown Source)
at sun.plugin2.main.client.PluginMain.performSSVValidation(Unknown Source)
at sun.plugin2.main.client.PluginMain$StartAppletListener.appletSSVValidation(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.fireAppletSSVValidation(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Expected behavior:
There should be a blocked dialog shows up.

Note:
For javaws apps, there is a blocked dialog. See attachment javaws-blocked-dialog.png
Steps to reproduce:
1) Install 8u20 nighty build#2550
2) Download http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/LSPJPI/lib/DeploymentRuleSet.jar and then copy it to deployment.system.home/
In this DeploymentRuleSet.jar, we have:
<ruleset version="1.1">
  <rule> <!-- allow run everything -->
     <id location="http://sqeweb.us.oracle.com/"/>
     <action permission="run" version="SECURE" force="true"/>
  </rule>
  <!-- block everything else -->
  <rule>
     <id/>
     <action permission="block" message="we don't want to run anything else"/>
  </rule>
</ruleset>
3) Make sure you can access to internet or disable OCSP and CRL check from JCP
4) Add information "1.8.0_99" to baseline.versions file under {DEPLOY_USER_HOME}/security/ dir to make test jre as old
5) Load javaws app: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/JawsLocalSecurityPolicy/jnlp/testSelfsignedAllpermissionJNLP.jnlp
6) There will be a "Java Application Blocked dialog" shows up.