Sun/Oracle has recently released update 19 for Java 6. Stricter security permissions for Java Webstart in this update have an effect on Servoy Smart Client deployments.
The changes made to Java 6 update 19 dictate that:
- If all libraries included in Java WebStart deployments (read Servoy Smart Client) are signed (and all permissions indicated in the jnlp) using a certificate issues by a trusted 3rd party, the WebStart application will launch normally
- If the Webstart deployment contains libraries that are signed with a self signed certificate, the user will be prompted when the WebStart application starts to trust the application. This dialog has an "Always trust" checkbox, which in theory means that this is a one-time warning
- If the WebStart deployment contains unsigned libraries, the user will be prompted on each consecutive start of the application wether or not to trust the application
Unfortunately though, Java 6 update 19 contains a few bugs:
- Depending on the Java settings on the client machine, the warning dialog in scenario 2 might reappear on each consecutive start, regardless if the "Always trust" checkbox gets checked or not
- The dialog in scenario 3 cannot be dismissed, thus stopping the user from continuing
Servoy has released new minor releases of all supported versions (3.5.x, 4.1.x and 5.1.x) to work around the shortcomings of Java 6 update 19. It is advised to upgrade to the newest release.
See the following Servoy Forum posts for more information on the new releases:
If an upgrade to the latest version of Servoy is not possible, manual adjustments need to be made to the Servoy installation. See Operating Servoy versions BEFORE 5.1.2, 4.1.6 and 3.5.11 on Java 6 update 19 for more information.