Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
Re: JNLP signing requirement.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: JNLP signing requirement.



I have the same issue with else options for a workaround.

I don't want them signed.  I am already signing my java code base with a trusted expensive certificate, why must I also use Apple's stupid tools to mess with it more?  Its a text file!

My JNLP is dynamically generated as well, adjusting parameters in the file that the user downloads when the app is requested.  I have to put in the URL to the server where the resource is at...its not a static location, it changes with every user's install.  I can't expect end users of my software to have a developer account and a key, and a Mac to go sign the JNLP file so that their end users trying to utilize my app to connect to their servers will work.

If there is no solution, the solution will be in removing security completely through other hack methods.

--Ben


> Date: Wed, 12 Jun 2013 10:03:32 +0000
> From: "Isenberg, Holger" <email@hidden>
> To: "email@hidden" <email@hidden>
> Subject: Re: JNLP signing requirement.
> Message-ID: <email@hidden>
> Content-Type: text/plain; charset=Windows-1252
>
> That breaks our product usage on Mac OS X Clients in standard settings with Gatekeeper enabled!
>
> A solution would be a site based Gatekeeper configuration in Safari as it is already implemented for Java usage itself.
>
> Reason: Our JNLP file is created dynamically on every application launch to insert a one-time-ticket to allow the client to authenticate after the user already authenticated himself on the application web page.
>
> Technically we could enhance the Servlet creating the JNLP file by signing the output, but that would mean we needed to insert our secret developer signing key into our server application which is distributed to customers. And that is of course not possible if you don't want to find your secret key later anywhere on the Internet.
>


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2011 Apple Inc. All rights reserved.