SecurityManager problem with SWT embedded Mozilla browser running over Java WebStart (jnlp)

Question

I am developing non-standard application. Basically it's SWT application using embedded Mozilla browser (mozilla-interfaces-1.9.2.12.jar, mozilla-glue-1.9.2.12.jar) that should display html pages containing applets (developed by myself as well). These applets are signed and certificates are imported into the keystore. When running applets in standard standalone Mozilla browser everything works well.

Even if running my SWT application normally (I mean as a standalone java desktop application withou SecurityManager) everything works just fine - embedded browser appears and displays html pages with applets.

However, I run into troubles as soon as I try to run this application over Java Web Start (jnlp). I suppose my jnlp is well defined, it contains all tags I was able to find over Internet discussions. So there is for example

<security>
     <all-permissions/>
</security> 

etc. My SWT application, resp. all its jar files are signed (the same certificate as was used for applets). It starts fine, it does operations that wouldn't be allowed without all permissions and signing, it even shows SWT windows (thus SWT itself works fine), but when it should show embedded browser I am getting UnsatisfiedLinkException. Funny thing is that when I create .java.policy file with some specific set of permissions, it stars working properly, applets work as well. Playing role of Sherlock Holmes I figured out that this set of permissions contains

  java.io.FilePermission 
  java.lang.RuntimePermission 
+ permissions that are neccessary for applets.

Does it make sense to anyone of you? It looks like swt mozilla browser runs in some sort of specific SecurityManager that ignores the fact that the application itself is signed and also tag exists in my jnlp file.

When I load pages without applets, still mentioned two permissions are neccessary to display browser window at all. I'd like to run this application without any .java.policy files and without extra settings on users' side. I appreciate every single advice.

Thank you in advance.

Vojta

Answer 1

Not sure if the same problem, because I never used applets, but I've also had issues when trying to run SWT-Browser based applications with bundled xulrunner through webstart.

One workaround for this was setting a policy inside the java code (just before creating the Browser instance...)

Policy.setPolicy(new Policy() {
  public PermissionCollection getPermissions(CodeSource codesource) {
    Permissions perms = new Permissions();
    perms.add(new AllPermission());
    return(perms);
  }
  public void refresh() { }
}

I remember Windows XP was still unable to run JNLP with this. But Windows 7, several versions of Linux and Mac OS X could.