Hi, Our applications can do just anything once they are running but that is after the JNLP launch phase. For us perhaps the greatest advantage from using JWS comes from the automatic application updates. It is easy for the user and small updates are fast because only the changed jars are reloaded. On the other hand, it makes it impossible to run old versions if the system is configured to require online usage. Then JWS must be able to check through the web if new versions of the jnlp file itself and the jars to download are awailable, otherwise it will not start the application. Because our applications are talking to administational databases and new versions are usually tied to other changes in the background systems using exactly right version is essential. The advantage with an unzip-and-go standalone application like OpenJUMP is not so obvious. And I would not recommend to offer JWS as an official install alternative. JWS tends to lead to odd installation problems which can be hard to find and cure and we do not have staff for running help desk. As an experimental system without guaranty, perhaps.
-Jukka Rahkonen- > -----Alkuperäinen viesti----- > Lähettäjä: edgar.sol...@web.de [mailto:edgar.sol...@web.de] > Lähetetty: 16. toukokuuta 2012 12:18 > Vastaanottaja: OpenJump develop and use > Aihe: Re: [JPP-Devel] Aboutdialog > > i am pretty sure your java application can at least load a > text file from an url and present it, regardless if it is in > a signed jar or not. > > instantiating a class from an unsigned byte stream might pose > problematic due to java's into depth security concept, but i > expect that it might be possible using a modified classloader. > > the easiest workaround is probably turning the whole OJ.zip > distribution into one big jar file and sign that. > > i actually perceived webstart (similar to other java > webbrowser plugins) as a dead horse for a while now. > how good is the jnlp execution files support (from > filesystem/browser) exactly on our platforms? > what is the rationale to have a desktop application like OJ > having wrapped up as a webstart application? > > ..ede > > On 15.05.2012 16:18, Rahkonen Jukka wrote: > > Hi, > > > > About Java Web Start, it has strict limits what it can do > (from > http://docs.oracle.com/javase/6/docs/technotes/guides/javaws/d > evelopersguide/development.html#intro): > > > > - An application must be delivered as a set of JAR files. > > - All application resources, such as files and images must > be stored in JAR files; and they must be referenced using the > getResource mechanism in the Java(TM) Platform Standard > Edition (see below). > > - An application that needs unrestricted access to the > system will need to be delivered in a set of signed JAR > files. All entries in each JAR file must be signed. > > > > That means that readme.txt must be packaged into some jar > or then OpenJUMP must have some self programmed system for getting it. > > > > Compulsory signing makes it tricky to deliver plugins. All > that one jnlp file is downloading must be signed with the > same certificate. Therefore that who delivers the core OJ > should take the plugin jars too and sign them with the same > computer. But fortunately there seems to be a way to make > this a little bit easier: JNLP file can contain references to > other JNLP files. Thus the main JNLP may instruct to download > the core through core.jnlp from one site and plugin through > plugin.jnlp from another site and that way it is possible > that the plugin is signed with another certificate. > > > > Hmm, I remember that the certificate must be found from > Java keystore. With self-signed jars it is possible to make > the living very painful for your users, especially with many > plugins and many self-signed jars... Downloadin and > installing server sertificates and perhaps also CA > certificates into the keystore is not very simple. User must > be sure to update the keystore of the same jre that is used > by the application, and those added certificates disappear > with Java update... I have spent some time in telephone > giving advise on this. > > > > I did not like at all the play with updating resource > files, packing them to jars, signing and putting in the right > place for JWS launch. However, when it went OK it was just > me who suffered and users did not even notice that there were > an update. But if there was by accident one jar unsigned or > signed with a wrong certificate then the application did not > work for anybody after the update. > > > > -Jukka Rahkonen- > > > > > >> -----Alkuperäinen viesti----- > >> Lähettäjä: Edgar Soldin [mailto:ed...@soldin.de] > >> Lähetetty: 15. toukokuuta 2012 13:14 > >> Vastaanottaja: OpenJump develop and use > >> Aihe: Re: [JPP-Devel] Aboutdialog > >> > >> On 15.05.2012 00:47, Stefan Steiniger wrote: > >>> Hi Ede, Michael, Matthias > >>> > >>> following also Michaels comment in the other email: > >>> My suggestion would be a proper (english) error message (= > >> what you call > >>> a note). No stack-trace or so. Just a simple one-liner > >> (plus weblink?) > >>> (using try/catch/...?) > >> > >> could be done. it should be translated then as well of course. > >> > >>> Is that possible? Though - I see you did already an RC3. So > >> at least we > >>> could change it for 1.5.3. > >> > >> absolutely. i don't see a need to hurry with this, as it does > >> not affect desktop users currently and webstart users see it > >> for a good reason. > >> > >>> Btw: didn't thought about the licence note. And it seems to > >> me even more > >>> important if it is webstart. Or is licence anywhere else > >> noted in webstart? > >> > >> probably not. but again it's not only the one OJ license but > >> also about the other ones not to mention all the contributors > >> which definitely earned their place in the readme file. > >> > >> in conclusion: as stated Matthias should find a way to ship > >> at least the readme.txt, better yet all license files as > >> well, maybe we can even only provide a note in readme that > >> these license files are available in the distribution zip file. > >> > >> ..ede > >> > >> -------------------------------------------------------------- > >> ---------------- > >> Live Security Virtual Conference > >> Exclusive live event will cover all the ways today's security and > >> threat landscape has changed and how IT managers can respond. > >> Discussions > >> will include endpoint security, mobile security and the > >> latest in malware > >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > >> _______________________________________________ > >> Jump-pilot-devel mailing list > >> Jump-pilot-devel@lists.sourceforge.net > >> https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel > >> > > > -------------------------------------------------------------- > ---------------- > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can > respond. Discussions > > will include endpoint security, mobile security and the > latest in malware > > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > _______________________________________________ > > Jump-pilot-devel mailing list > > Jump-pilot-devel@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel > > -------------------------------------------------------------- > ---------------- > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. > Discussions > will include endpoint security, mobile security and the > latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Jump-pilot-devel mailing list > Jump-pilot-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel > ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Jump-pilot-devel mailing list Jump-pilot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel
