Thursday Oct 03, 2013

Signing a JNLP File

There are several advantages to signing a JNLP file. It will:

  • Ensure that others cannot change the content in your JNLP file. For example, by adding a random library, or changing application information.
  • Allow the use of arbitrary Java Virtual Machine (JVM) options and Java system properties in your application.
  • Prevent others from referencing your JAR file directly in their HTML browser applets.

To create a signed JNLP file you don't sign the JNLP file itself, but you include the JNLP file inside the directory structure before the JAR file is created and then signed. The JNLP file must be named APPLICATION.JNLP and is included in the JNLP-INF subdirectory. The JAR file is then created and signed in the usual manner. When a web start application is started, the JNLP file used must be identical to the JNLP file in the signed JAR in order for the application to run.

Note that you cannot use the APPLET tag to run an applet if JAR file contains a signed JNLP file.

The Signing and Verifying JAR Files lesson in the Java Tutorial explains how to sign a JAR file.

About

Blog about Java technology documentation and news about Java releases.

Search

Categories
Archives
« October 2013 »
SunMonTueWedThuFriSat
  
1
2
4
5
6
7
8
9
10
11
12
13
14
16
17
18
19
20
21
22
23
24
25
26
27
28
30
31
  
       
Today