If you upgraded to Java SE 6 Update 19 and/or 20 and are having issues with JavaFX applets, then you might be having trouble with a mix of signed and unsigned code. Not only is this bothersome but it also could potentially be unsafe unless the mixed code was intended by the application vendor. A Java SE document explains the issue and how to ensure application and applet security.
As of the Java SE 6 Update 19 release, when a program contains both signed and unsigned components, a warning dialog is raised to point out that the mix of components is potentially unsafe. If the user decides to block the components from running, the program may terminate. There are other ways to to manage the situation.
One method is to access the Java Control Panel. Under the Advanced tab, the Java SE document notes the first three option, which will enable the software protections:
- Enable: show warning if needed. This is the default setting. When a potential security risk is encountered, a warning dialog is raised. Clicking Yes blocks potentially unsafe components from running and may terminate the program. When the user clicks No, the application or applet continues execution with some added protections (packages or resources that are later encountered with the same names but have different trust levels, i.e., sign vs unsigned, will not be loaded).
- Enable: hide warning and run with protections. This option suppresses the warning dialog. The code executes as if the user had clicked No from the warning dialog.
- Enable: hide warning and don't run untrusted code. This option suppresses the warning dialog and behaves as if the user had clicked Yes from the warning dialog.
There is also an option to Disable verification. This one is not recommended since it completely disables the software from checking for mixing trusted and untrusted code, leaving the user to run potentially unsafe code with no warning and without the additional protections.
Another method is to set the mixed code protection options via the deployment.security.mixcode deployment property. Similar options as noted above can be instituted (ENABLE, HIDE_RUN, HIDE_CANCEL, DISABLE). Specific coding is detailed in the document.
Additionally, two new JAR manifest attributes are available, as of Java SE 6 Update 19, for deploying signed applications and applets. A warning dialog is not displayed when one of these manifest attributes is included.
- Trusted-Only Attribute: For applications and applets that do not require unsigned components, the Trusted-Only attribute should be used. No warning dialog will be displayed and an application or applet that loads a jar file containing this attribute will not load any untrusted classes or resources.
-Trusted-Library Attribute: For applications and applets that are designed to allow unsigned components, the Trusted-Library attribute should be used. No warning dialog will be displayed and an application or applet may load jar files containing untrusted classes or resources.
Both of these attributes prevent a signed application or applet from being re-purposed with unsigned components.
The document provides more information, including answers to frequently asked questions on mixed code such as:
- Is there a test I can run to determine whether I am affected?
- What about Java applets and Java Web Start applications from the Internet, do I need to be concerned about those?
- What should Java ISVs, OEMs, and application vendors do with their code?
Mixing Signed and Unsigned Code - Java SE documentation
Java SE 6 Update 20 Released
Java SE 6 Update 19 Released
Read More ...