[SOLVED] Application blocked by security settings after lowering security settings and adding site exceptions

Application blocked by security settings after lowering security settings and adding site exceptions

I have a Java applet that I am launching through a .jnlp file, but it gets blocked with the following message:

The Java security settings have prevented this application from running. You may change this behaviour in the Java Control Panel.

I used the Java Control Panel to change this, following the instructions here but I am still getting the same message. I added my site to the exceptions URL and lowered my security settings to Medium for both Java 7 and 8 control panel.

I also tried compiling in both Java 1.8 and 1.7, and I tried running the application with both Oracle's Java 7 and 8 web start. I tested on both Ubuntu and Windows 7, Firefox and Chrome respectively, and neither are working.

I also signed the .jar, as follows:

jarsigner -keystore ~/.keystore -tsa http://timestamp.comodoca.com/rfc3161 MapApp.jar lucas

Here is my manifest.mf:

Manifest-Version: 1.0
Permissions: all-permissions 
Application-Name: Map Application Demonstration
Main-Class: visualization.USMaps
Codebase: *
Trusted-Only: true
Trusted-Library: true

Here is my .jnlp file:

<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase=
"" href="mapApp.jnlp">
    <security>
      <all-permissions/>
    </security>
    <information>
        <title>Map Application Demonstration</title>
        <vendor>Luke Swart</vendor>
    </information>
    <resources>
        <!-- Application Resources -->
        <j2se version="1.7+"
              href="http://java.sun.com/products/autodl/j2se"/>
        <jar href="MapApp.jar"
            main="true" />

    </resources>
    <application-desc
         name="MapApp"
         main-class=
           "visualization.USMaps"
         width="300"
         height="300">
     </application-desc>
     <update check="background"/>
</jnlp>

Which I call from http://lukeswart.net/mapApp.html as follows:

    <body>
    <script src=
      "http://www.java.com/js/deployJava.js"></script>
    <script>
        // using JavaScript to get location of JNLP
        // file relative to HTML page
        var dir = location.href.substring(0,
            location.href.lastIndexOf('/')+1);
        var url = "mapApp.jnlp";
        deployJava.createWebStartLaunchButton(url, '1.7.0');
    </script>
  </body>

Even suggestions or references would be helpful. I cannot find anyone who still has this problem after adjusting their security settings and matching up their permissions. Any ideas?

Solution

I hope this helps, but in the manifest.mf, I noticed the Permissions key-value pair has an extra space at the end. The key-value pairs in the .jar manifests have to be EXACT String matches.

Manifest-Version: 1.0
Permissions: all-permissions 
Application-Name: Map Application Demonstration
Main-Class: visualization.USMaps
Codebase: *
Trusted-Only: true
Trusted-Library: true

I wish they had trimmed the key-value pairs before building the jar...