According to comments in JDK-8014361, non-signed jnlp with insecure properties will not show warning prompt in attachment. And according to Andy, "greed upon changes were implemented under different bugs". But I still can reproduce this issue. Steps to reproduce: 1. Import self signed ca self.valid.cert to have a valid trusted cert Open JCP -> Security -> Manage Certificates - Singer CA,import http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/vmargs/lib/self.valid.cert 2. Load non-signed jnlp with JAR properly signed: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/vmargsjarsign/jnlp/testsignedvmWrong.jnlp The property in jnlp are not correct. 3. If a security warning with title "Security Warning" shows up and in more info dialog it says "Although the application has a digital signature, the application's associated file (JNLP) does not have one......", then this issue is reproduced. See attached jarsign.png Note: 1. If all jar and jnlp are signed, app still failed with jre9-b26 and 8u20-b25 due to: java.lang.NullPointerException at com.sun.javaws.JnlpxArgs.execProgram(Unknown Source) at com.sun.javaws.Launcher.relaunch(Unknown Source) at com.sun.javaws.Launcher.prepareResources(Unknown Source) at com.sun.javaws.Launcher.prepareAllResources(Unknown Source) at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source) at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source) at com.sun.javaws.Launcher.launch(Unknown Source) at com.sun.javaws.Main.launchApp(Unknown Source) at com.sun.javaws.Main.continueInSecureThread(Unknown Source) at com.sun.javaws.Main.access$000(Unknown Source) at com.sun.javaws.Main$1.run(Unknown Source) at java.lang.Thread.run(Unknown Source) all signed test app: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/vmargs/jnlp/testsignedvmWrong.jnlp But if run above all signed jnlp with 8u5-13, a fatal error dialog will show up instead of NPE. See attachment 8u5-wrong-property.png
|