Professional Documents
Culture Documents
This topic describes system and user properties that can be set to configure applications deployed with Java Web Start or Java Plug-in.
The deployment.properties file is used for storing and retrieving deployment configuration properties shown in the Java Control Panel. The properties are also used for customizing runtime
behavior for both Java Plug-in and Java Web Start.
The following table shows the location of the user-level deployment.properties file.
OS X ~/Library/Application Support/Oracle/Java/Deployment/deployment.properties
On Windows, <User Application Data Folder> is typically C:\Users\username. On Solaris and Linux, ${user.home} is typically /home/username. On OS X, the tilde (~) represents
the home directory, which is typically /Users/username.
For user jsmith running on Windows 7, the deployment.properties file would be located in the following directory:
C:\Users\jsmith\AppData\LocalLow\Sun\Java\Deployment\deployment.properties
For user bjones running on Solaris or Linux, the deployment.properties file would be located in the following directory:
/home/bjones/.java/deployment/deployment.properties
For user jdoe running on OS X, the deployment.properties file would be located in the following directory:
/Users/jdoe/Library/Application Support/Oracle/Java/Deployment/deployment.properties
The deployment.config file is used for specifying the system-level deployment.properties in the infrastructure. By default no deployment.config file exists, so no system-wide
deployment.properties file exists. If the deployment.config file exists, it is located in one of the directories shown in the following table.
Windows
<Windows Directory>\Sun\Java\Deployment\deployment.config
Operating System Location
${deployment.java.home}\lib\deployment.config
Solaris, Linux
/etc/.java/deployment/deployment.config
${deployment.java.home}/lib/deployment.config
OS X
/Library/Application Support/Oracle/Java/Deployment/deployment.config
${deployment.java.home}/lib/deploy/deployment.config
${deployment.java.home} is the location of the JRE from which the deployment products are run. Deployment products include Java Web Start, Java Plug-in, Java Control Panel, and
others.
The deployment.system.config property is the URL to the system (enterprise-wide) deployment.properties file. This property can be used by system administrators to centrally
administer or "lock-down" user-specific configuration settings. For local files, use the file protocol in the URL, for example,
file:///C:/Windows/Sun/Java/Deployment/deployment.properties.
Note:
If the format for the file protocol that is shown in the example does not work for you, try one of the following alternative formats:
file\:\\C\:\\deployment.system.properties
file:\\C:\\deployment.system.properties
file://\\C:\\deployment.system.properties
file:/C:/deployment.system.properties
The deployment.system.config.mandatory property is a boolean. If set to true, the deployment.properties file that is pointed to by the deployment.system.config property
must be found and successfully loaded, otherwise, nothing is allowed to run. If the property is set to false, an attempt is made to find and load the deployment. properties file that is pointed to
by the deployment.system.config property. If successful, the file is used, otherwise, the file is ignored. The default for the deployment.system.config.mandatory property is false.
Note:
Any system deployment property, for example SomeKey=SomeValue, can be locked by including another key, SomeKey.locked. The key
SomeKey.locked does not require a value, when the key is present, the property SomeKey=SomeValue is locked so that the user cannot change it. If a
system deployment property is not locked, then a user is allowed to change it.
21.2.1 Infrastructure
Table 21-4 Configuration Properties Related to Certificate Stores and Policy Files
deployment.user.security.exception.sites String $USER_HOME + File.separator + Location of the exception site list. See
security + File.separator + Chapter 29, "Exception Site List" for
exception.sites information.
deployment.security.level String HIGH Security level setting. The following values are valid:
deployment.webjava.enabled Boolean true Set to true to run applets or Java Web Start (JWS)
applications. Set to false to block applets and JWS
applications from running.
Property Key Type Default Value Description
deployment.insecure.jres String PROMPT Setting for insecure JRE prompt. The following values are
valid:
JRE.
deployment.expiration.check.enabled Boolean true Set to true to prompt users to update the JRE when an out-
of-date JRE is found on their system. Set to false to
suppress the prompt.
deployment.security.askgrantdialog.show Boolean true Set to true to allow users to grant permissions to applets
and JWS applications. Set to false to block users from
granting permissions.
deployment.security.jsse.hostmismatch.warning Boolean true Set to true to enable JSSE HTTPS certificate verification to
show host-mismatch warnings. Set to false to suppress
the warnings.
deployment.security.trusted.policy String "" Policy file that contains the ceiling policy of permissions
granted to trusted applications and applets. The default is all
permissions. Use this property to configure a lesser set of
permissions.
deployment.security.mixcode String ENABLE Setting for mixed mode. The following values are valid:
deployment.security.sandbox.jnlp.enhanced Boolean true Set to true to prompt the user to accept the JNLP API
security dialogs.
deployment.security.sandbox.selfsigned String PROMPT Setting for the prompt to run self-signed code in the
sandbox. The following values are valid:
deployment.security.sandbox.casigned String PROMPT Setting to enable users to turn off future prompts for a
signed app running in the sandbox. The following values are
valid:
deployment.security.blacklist.check Boolean true Support for blacklisting signed JAR files that contain serious
security vulnerabilities. This property is used to toggle this
behavior. For more information see Blacklist Feature.
deployment.security.revocation.check String ALL_CERTIFICATES Setting for revocation checks. The following values are valid:
deployment.security.validation.ocsp.signer String null Points to a OCSP response signer certificate subject name.
deployment.security.validation.crl.url String null Specifies a URL in the Certificate Revocation List to perform
a certificate validation.
deployment.security.validation.clockskew int 900 Acceptable time difference, in seconds, between the system
clock and the clock on the server used for revocation
checks. If the property is not set, or the value is negative,
the default of 900 seconds (15 minutes) is used.
deployment.security.authenticator Boolean true Normally Plug-in and Web Start install an Authenticator to
handle communication with Authenticating web pages or
Authenticating proxies. This is the default behavior (true).
Property Key Type Default Value Description
This option can be used to turn the normal behavior off if, for
example, an application communicates directly with an
authenticating web page and needs to install its own
Authenticator.
21.2.4 Networking
deployment.proxy.type int 3 for PROX_TYPE_BROWSER Type of proxy that should be used. The following values are valid:
PROX_TYPE_UNKNOWN = -1;
PROX_TYPE_NONE = 0;
PROX_TYPE_MANUAL = 1;
PROX_TYPE_AUTO = 2;
PROX_TYPE_BROWSER = 3;
deployment.proxy.same Boolean false Set to true to use the same web server and port for https and ftp as is
configured for http. This is only valid if deployment.proxy.type =
PROX_TYPE_MANUAL.
deployment.proxy.auto.config.url String (no default) URL for auto-Auto proxy configuration JavaScript.proxy configuration
JavaScript.
deployment.proxy.bypass.list String (no default) List of host names that should bypass the proxy. Each host name is
delimited by a comma in the property, for example,
192.168.1.100,localhost,example.com
Property Key Type Default Value Description
Table 21-7 Configuration Properties Related to Cache and Optional Package Repository
deployment.cache.max.size int -1 Maximum size of the deployment cache in megabytes (MB). This is the cache size for each
cache: Java Web Start and Java Plug-in.
0: Disables caching in Java Plug-in; cache size in Java Web Start will be unlimited.
deployment.javapi.cache.enabled Boolean false Specifies if the cache should be disabled. Set to false to prevent the cache from being
disabled.
ASSOCIATION_NEVER = 0;
ASSOCIATION_NEW_ONLY = 1;
ASSOCIATION_ASK_USER = 2;
ASSOCIATION_REPLACE_ASK = 3;
deployment.javaws.shortcut String ASK_IF_HINTED Create a desktop shortcut for Java Web Start. The following values are valid:
NEVER
ALWAYS
ASK_USER
ASK_IF_HINTED
ALWAYS_IF_HINTED
deployment.browser.path String <No Browser Selected> Path to the browser for showing web pages from the application viewer, the About Box, and
Java Web Start applications.
Note that this property is used for Solaris and Linux only. On Windows, this property is ignored,
and the default browser is determined in the same way as other applications that launches a
browser on Windows.
Property Key Type Default Value Description
It should be noted that SSLv3 is obsolete and should no longer be used. See https://blogs.oracle.com/security/entry/information_about_ssl_poodle_vulnerability.
Starting with JDK 8u31 release, the SSLv3 protocol (Secure Socket Layer) has been deactivated and is not available by default.
If the user needs to use SSLv3 for applications, see the procedure to re-enable SSLv3 at
http://docs.oracle.com/javase/8/docs/technotes/guides/security//SunProviders.html#enable-sslv3.
More information about how to configure specific protocols can be found at:
http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html
Contents Previous Next
Copyright © 1993, 2023, Oracle and/or its affiliates. All rights reserved. | Cookie Preferences | Ad Choices. Contact Us