I just do not get it!
How are we to be able to build and deploy WS Applications on different customer sites in the future?
We have a scenario where we launch a WS Client that communicates with our server. We need to pass (at least) parameters for communication details via the JNLP file,
Currently we trust on a homebrew JNLP servlet that injects different settings into the requested JNLP file.
So far this has been working just fine, but as of Java 7 it has been more and more difficult and from u45 stopped working entirely.
I read all about the new security "features" and have been fighting for hours and hours to follow all new guidelines...
Properties must have a "jnlp." prefix, check! (Just duplicate the properties on the client without the silly prefix)
Permissions manifest-attribute, check!
Codebase manifest-attribute, check!
Application-name manifest-attribute, check!
Trusted-Library manifest-attribute, check! (Hmm didn't work out that well did it)
OK less warnings about our own stuff, nice!
Manifest attributes in all the library jar files....who do I call?
Warnings, warnings, warnings....alright, never mind. I'll just tell my customers to ignore them.
Signed JNLP file, hmm... kinda hard for a dynamic one right?
Signed JNLP using APPLICATION_TEMLPLATE, well yeah, it must match the actual JNLP file exactly except for the code base...or where did I go wrong?
How did you guys think?
Even if I missed out on some details about the template pattern and it actually is possible to pass dynamic parameters via the JNLP file, I can't even come up with an idea how to set up a descent build environment, currently using Maven 2....with dependencies, yeah they might change! And I even change my own version number sometimes.
So I figure I need to generate the APPLICATION_TEMPLATE from a stub, based on dependencies from my main jar and at the SAME TIME put that very template back into the main jar and then sign it.
Frustrated!
Brgds
Joakim