Sun/Oracle has recently released update 19 for Java 6. Stricter security permissions for Java Webstart in this update have an effect on Servoy Smart Client deployments.
The changes made to Java 6 update 19 dictate that:
- If all libraries included in Java WebStart deployments (read Servoy Smart Client) are signed (and all permissions indicated in the jnlp) using a certificate issues by a trusted 3rd party, the WebStart application will launch normally
- If the Webstart deployment contains libraries that are signed with a self signed certificate, the user will be prompted when the WebStart application starts to trust the application. This dialog has an "Always trust" checkbox, which in theory means that this is a one-time warning
- If the WebStart deployment contains unsigned libraries, the user will be prompted on each consecutive start of the application wether or not to trust the application
Unfortunately though, Java 6 update 19 contains a few bugs:
- Depending on the Java settings on the client machine, the warning dialog in scenario 2 might reappear on each consecutive start, regardless if the "Always trust" checkbox gets checked or not
- The dialog in scenario 3 cannot be dismissed, thus stopping the user from continuing
|Issues addressed to Sun/Oracle|
We are working with Sun/Oracle to get the issues in Java 6 update 19 fixed for the next update
Servoy has released new minor releases of all supported versions (3.5.x, 4.1.x and 5.1.x) to work around the shortcomings of Java 6 update 19. It is advised to upgrade to the newest release.
See the following Servoy Forum posts for more information on the new releases:
|Using UNSIGNED 3rd party plugins and/or beans with the new Servoy versions, regardless the Java version used|
In most deployment scenario's just upgrading to the latest version of Servoy will not be sufficient. If the Servoy Application Server contains unsigned 3rd party plugins and/or beans, additional steps are required, see JAR signing for more information. With the new versions of Servoy, these steps are required regardless the Java version used.
The initial 3.5.x release with workarounds for the issues in Java 6 update 19 was 3.5.11. Unfortunately, upon release a few additional issues surfaced (see Release notes), for which 3.5.12 was released
|Automatic self signing in future Servoy versions|
Future versions of Servoy will most likely support the automatic signing of unsigned libraries, eliminating the manual JAR signing. (No ETA currently available).
If an upgrade to the latest version of Servoy is not possible, manual adjustments need to be made to the Servoy installation. See Operating Servoy versions BEFORE 5.1.2, 4.1.6 and 3.5.11 on Java 6 update 19 for more information.
|Using UNSIGNED 3rd party plugins and/or beans with older Servoy versions and Java 6 update 19 (or higher)|
Most deployment scenario's following the steps to correct the Servoy installation will not be sufficient. If the Servoy Application Server contains unsigned 3rd party plugins and/or beans, additional steps are required, see JAR signing for more information. When running older versions of Servoy these steps are only required when a Java 6 update 19 or higher is used by any of the Clients.