There are several things invalid here from Java Web Start point of view.
First, you cannot invoke java web start with insecure vm-args and property settings, and expect them to be passed on the command line. Javaws specification and doccumentation clearly state, that insecure properties will only be set by javaws after java is started before application code is called.
you set 6 insecure properties in the jnlp file:
<property name="sunmc.server.console.firewall.Enable" value= "true" />
<property name="sunmc.server.console.firewall.MinPort" value= "45000" />
<property name="sunmc.server.console.firewall.MaxPort" value= "48000" />
<property name="INTERFACE_PATH" value= "C:\Program Files" />
<property name="sunmc.cfg" value= "javaconsole.properties" />
<property name="java.security.policy" value= "rmiConsole.policy" />
then try to get arround this restriction by using the -J<vm-arg> argument to javaws to set the same properties.
However, -J<vm-arg> will only work for <vm-args> not already used by the java web start launcher to launch java web start.
The one property I see here that is already used by Java Web Start, -J-Djava.security.policy=rmiConsole.policy
would likely prevent this from working,
Please add the -verbose arg to javaws and look at and record what the args to java actually are.
When I do this with the cache viewer, simply calling:
javaws -J-Djava.security.policy=rmiConsole.policy -verbose -viewer
javaws -J-Djava.security.policy=rmiConsole.policy -verbose -viewer , I can see java is launched with this property multiply deffined:
also, the rmiConsole.policy is called with an unfully qualified path name, which may be ok if you are launching from command line, but may not.
Normally, a javaws app cannot have a determinable "current directory" since it is launched from a browser.
finally, and more importantly even, you are launching javaws version 1.5.0_12, yet you are using the -J argument to javaws.
support for -J argument was added to javaws in version 1.6.0, so all of the -J args are passed on to java as additional args to the java code.
in 1.5.0 family, you can not use the -verbose mentioned above, but you can do the same thing by setting environment variable:
JAVAWS_TRACE_NATIVE = 1
similarily, you might be able to force in the same thing as passing -J args, by setting the environmental variable:
JAVAWS_VM_ARGS = -Djava.security.policy=rmiConsole.policy
but I am not sure if there is any way to pass multiple additional vm args.