We have a multi-platform Java-based system that spawns Robohelp for its online user guide information. It runs on a variety of Windows and Linux flavors. The default Robohelp code that is relevant to our Linux-based systems has a hard-coded link to "netscape" in the command line that it builds to spawn a web browser to view the help files. This is, obviously, less than helpful on a system that does not have netscape installed.
What I would really prefer to do is to detect the Preferred Applications preferences from Java when running on Linux. On the Fedora 9 machine where I'm currently sitting, this is found under System -> Preferences -> Personal -> Preferred Applications. The very first setting is "Web Browser."
How would I detect that setting from Java code?
Have a look at java.awt.Desktop. That supports opening/editing/printing a file in the user's preferred program, opening a URL in the user's preferred browser, sending a eMail, ...
Related
I am working on a project for my users to generate HTML pages, JS files, CSS files etc... through dragging and dropping visual elements and by going through a series of wizzards. The goal I am trying to achieve is to create an application in which users selects a runtime, for example tomcat or nodeJS and then be able to create content for that specific runtime in the manner described above. Part of this application would be the preparing of your runtime, and by that I mean installing tomcat or nodeJS for you. so the big question here would be, how do I run installers through program code ? (java 7/8 mainly)
what I have tried:
Using a strategy design pattern to determine the host platform and run a series of command in the terminal to execute an installer, problem here is that some installers start a wizzard and require further user input. and in some cases the host platform would require elevated permission. Is there perhaps a solution where one adds arguments to the terminal commands to skip an installation wizzard ?
Any help on this subject would be greatly appreciated.
Answer of Fildor was most usefull.
On Mac OS X 10.9 signed Java Web Start applications are blocked by default with the message:
"application.jnlp" can't be opened because it is from an unidentified developer.
I know it's possible to weaken the security checks to allow any application to run, but that requires a manual intervention of the end user.
Is it possible to "sign" a Java Web Start application such that it is recognized as originating from an identified developer?
Thank you
In the latest OSX releases, Apple has changed it's security model to only support applications from the Mac App Store and identified developers. In most cases, this prohibits jnlp/java-web-start applications from launching.
If this is a trusted application, you may override these settings by updating your system settings as follows:
System Preferences -> Security & Privacy -> (Unlock Window) -> Allow apps downloaded from: (Select Anywhere)
In some cases you may need to update your Java Security preferences too
System Preferences -> Java -> Security -> (Select Medium)
Be careful when adjusting these. These settings will open you up to popular attack vectors where an attacker can exploit vulnerabilities within the java runtime (Java 0 days).
Here is a related post. It doesn't appear to be possible to bypass the security, Allow All, workaround.
OS X 10.8 Gatekeeper and Java applets
From Apple Tech Support in the post above.
Unidentified developer" means a source other than the Mac App Store
or a Developer ID-identified developer. Note that Java applets cannot
participate in the Developer ID program.
I am considering building a native app and use a custom web protocol instead similar to skype where you see skype:// in the URI. It doesn't seem like Apple will change their stance on java applets in the near future. It will most likely become more restricted and eventually just disabled like flash on iOS.
Apple does appear to support signing of webstart -- but not directly. You have to bundle it in an archive. See the note at the bottom of this page:
You can use the codesign utility to sign the JNLP file, which will attach the code signature to the JNLP file as extended attributes. To preserve these attributes, package the JNLP file in a ZIP, XIP, or DMG file. Be careful using the ZIP format, as some third-party tools might not capture the required extended attributes correctly.
Also note that XIP isn't supported for non-Apple developers anymore:
Important: Starting with macOS Sierra, only XIP archives signed by Apple will be expanded. Developers who have been using XIP archives will need to move to using signed installer packages or disk images.
The answers to How to sign (dynamic) JNLP files for OSX and Gatekeeper address this question, just ignore the 'dynamic' aspect.
You can codesign -f -s "Developer ID Application: " application.jnlp but the HFS resource won't transfer with the file over the web.
Until Oracle works out a solution, if they ever do, addressing JNLP/Web Start it looks like we have to figure out a work-around that starts us down the path to creating a Mac app bundle.
This seems to have changed in OS X 10.10. Now after going to System Preferences -> Security & Privacy -> (Unlock Window) -> Allow apps downloaded from: (Select Anywhere) (after trying to run the .jnlp file) you'll see an option to "Run anyway".
Sadly Apple has removed the Anywhere option under System Preferences -> Security & Privacy in macOS Big Sur versions.
Below is a very simple way on How to override MacOS security settings for unsigned jnlp files when you get the following message:
"file-name.jnlp" cannot be opened because it is from an unidentified developer. macOS cannot verify that this app is free from malware.
Follow the steps below to override the system security settings:
ensure the jnlp file has been downloaded (normally in Downloads folder)
find the file in Finder and use Control + click and then Open
you should get slightly different dialog with the Open button allowing you to override the system security settings and execute the file.
Reference
Also you may need to download OpenWebStart for macOS
We have a web app that uses Java applet to manipulate files on local disk. We develop it for quite a while and we already know all types with issues an applet may have with modern OS'es and browsers and latest Java versions and new security restrictions.
Yesterday Apple rolled out its new Mac OS 10.9 Mavericks with new Safari browser (7.0). I tested our web app under Safari 7 / Mac OS X 10.9 just to find that Safari 7 (probably?) blocks access to local files from Java applet.
Although the applet (signed with valid Thawte certificate, and with all security requirements specific to Java 7u45 fulfilled) runs in unrestricted mode with full access to local file system (Java security prompt says that), on attempt to access the local file it catches fileNotFoundException:
java.io.FileNotFoundException: /Users/yury/Pictures/Paris 2012/L1050258.jpg (Operation not permitted)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:146)
at com.trackntag.a.v.a(Unknown Source)
Also when opening Java file open dialog from the applet, it displays no files and the folders in the folder selector do not have any icons (normally they should have them). When you traverse back to the root folder, you can see top level folders (bin, cores, dev, home, and so on), but you cannot browse into them.
The applet does have an access to local files with latest Firefox 24 for Mac, on the same machine (Java 7u45, Mac OS X 10.9). Same with Safari 6 and Mac OS X 10.8.5, not to mention Linux and Windows machines in various configurations: no issues with accessing local files.
Having all of above, I must conclude that we have ran into the problem specific to Safari 7.
Do you have any ideas on this issue? Any thoughts are greatly appreciated.
Cheers,
Yury
EDIT (Answer): In Safari 7 there is a new security setting: Safe/Unsafe mode (I think it's for Java plug-in only). You can allow Java plugin to work in Unsafe mode either for individual websites or for all sites. In Unsafe mode the applets will have unrestricted access to local file system.
It appears that this security setting works on top of Java's own security settings (restricted/unrestricted access).
This setting is available through Safari preferences / Security tab / Internet plugins: manage website settings (then select Java plugin).
So once I already answered my own original question, I would rather rephrase it: is that possible to set Unsafe mode or override Safe mode for specific web-site / URL without asking user to set this security preference? Maybe something like Apple developer certificate would help?
Thanks again!
I had a similar problem with another Java app today. I think you may need to add your app to the "Allow the apps below ..." list in this dialog (System Prefs -> Security & Privacy -> Accessibility):
For Safari 11:
go to Safari Preferences->Websites->Plug-ins, and select Java
at the right side you can see list of 'Allow websites to use this plug-in with
settings below'
now select the website
press and hold Option button and then click the three option (Ask, Off, On), you will see additional option 'Run in safe mode' - un-check this option.
I have a Java desktop application, and a website where users can download the .jar file.
I would like to have a button on the website that the user can click to check if the application will run on his computer (i.e. does he have the correct version of Java installed on his system).
Please note that I am not trying to check if Java is enabled in the browser (as deployJava.js will do), but instead to check if it is installed on his system.
My users are not very tech-savvy, and I hope to make this as easy as possible.
Thanks for your help.
There is no way to do this via JavaScript. A better solution would be to use a system specific jar launcher that checks if Java is installed and then either installs/launches the java prorgam or outputs an error message.
I am looking to start a java web applet, as I need something that doesn't need downloaded (saved to computer) and for the most part will work for Windows and OSX.
I have never done anything with java, so my question is can you do everything you can do with a normal java jar file on the web?
More specifically, can you write a web applet that detect window titles (Like the title of an active window), running processes, look in the windows registry, or find hard drive serial numbers?
The applet needs special permissions for these type of actions. It needs to be signed and trusted by the user.
Have you considered using Java Web start? If the communication with the browser from which the applet is run is crucial, then applets are probably the way to go. Otherwise Java Web start is preferred as you'll face less compatibility problems with browsers' Java plugins and different JVM versions.
Yes, but your applets must be trusted by user (user change some browser security settings)