Firefox 35.0 on Ubuntu 14.04.1 LTS 64-bit always prompted for

Thu Jan 29 18:55:51 UTC 2015

Thanks for the quick reply I think I will contact with the IT department of
my university and may forward your e-mail to point at the issue. Apart from
that I changed the mentioned line on the file
*~/.config/icedtea-web/deployme**nt.properties *but it did not solve my
issue, here is the modified version of the file for the trial of a quick
fix:

#Netx deployment configuration
#Thu Jan 29 20:47:47 EET 2015
#deployment.security.level=ASK_UNSIGNED
deployment.security.level=FALSE

I should also note that I use Firefox 35.0 as a regular user and noticed
that the settings differ in the "IcedTea Web Control Panel" when launched
within the terminal via the following command:

gksudo itweb-settings

itweb-settings

Should I modify another file instead for a global change in effect for all
the users on my PC? Furthermore, is it possible to install IcedTea 1.6
somehow(via using backports for example)?

Ongun Arısev

On Thu, Jan 29, 2015 at 11:52 AM, Jiri Vanek <jvanek at redhat.com> wrote:

> On 01/28/2015 08:45 PM, Ongun Arısev wrote:
>
>> I could not attach the screen shot to the previous e-mail, I apologize
>> for that here it is.
>>
>> Ongun Arısev
>>
>> On Wed, Jan 28, 2015 at 9:43 PM, Ongun Arısev <ongunarisev at gmail.com
>> <mailto:ongunarisev at gmail.com>>
>> wrote:
>>
>>     Greetings,
>>
>>     I would like to mark some of the Java applications I use regularly
>> such as the campus VPN
>>     services as trusted so that I will not be prompted everytime I launch
>> it about whether I am sure
>>     or not running the application. However, I could not find an easy way
>> after doing an exhausting
>>     search on the web and using the *IcedTea Web Control Panel* both as a
>> regular user and as an
>>     administrator. I am posting a screenshot too in order to illustrate
>> the prompt that I want to
>>     get rid of. I would be very grateful if someone can assist or guide
>> me in the right direction
>>     with this problem.
>>
>>     Regards,
>>
>>     Ongun Arısev
>>
>>
>>  hi!
>
> Luckily for you, there is multiple solutions for your case.
>
> If you have access to the application (as it is in your vpn, some
> administrator should be able to fix it)  then you should apply the most
> correct solution:
>
> Most correct solution: adapt application manifest to valid state:
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/
> security/manifest.html
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/
> security/no_redeploy.html
>
> In your case, the non-set/wrongly set attribute is
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/
> security/manifest.html#app_library
> Your admin just can put :
>
> Application-Library-Allowable-Codebase: https://vpn.ku.edu.tr/*
>
> to main jar's manifest. (note, the application must be signed again after
> this change)
>
> If you will go by this way, you may wont to fill in most of the rest
> security manifest attributes
>
>
>
>
> Other solution are customization of your itw via itweb settings:
> If you put
> Extended applet security -> security settings  to LOW then
> Application-Library-Allowable-Codebase attribute is not checked. (you
> could read this in the provided links in yor dialogue ;)
>
>
> If you need Extended applet security -> security settings  on higher level
> then low, you have to modify  ~/.config/icedtea-web/deployment.properties
> file. If you will include line
> deployment.manifest.attributes.check=false
> then  manifest attributes are not ever checked.
>
>
> If you set this up, and will access outside of vpn, you may face
> mallicious programs.
>
>
> I strongly encourages you to use "most correct solution"
>
>
>
> If non of those solutions fits you, then good new for you is, that in
> upcoming version of ITW (1.6)  this dialogue have "remember decision"
> checkbox. But you must wait for few month for it.
>
>
> J.
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20150129/1c7683c8/attachment.html>