JDK-8042868 : Add lib/ext/jfxrt.jar to java.policy file
  • Type: Bug
  • Component: install
  • Affected Version: 9
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2014-05-09
  • Updated: 2015-08-20
  • Resolved: 2014-05-27
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 9
9 b22Fixed
Related Reports
Relates :  
JDK-8040059 - Change default policy for extensions to no permission
Relates :  
JDK-8134114 - Need to append javafx module entries to java.policy file
Description
The fix for JDK-8040059 has changed the default security policy for jar files in lib/ext in JDK 9 to not grant all permissions by default.

In order for the JavaFX runtime to continue to run when a security manager is present, we will need to add an entry to the java.policy file in the JRE at build time.

JavaFX will provide a new javafx-java.policy file in the artifacts that the FX build delivers into the JDK install build. This file should be concatenated to the lib/security/java.policy file in the JRE (see JDK-8023279 for a similar thing that was done to append entries to lib/ext/meta-index).
Comments
Changes are needed to the install Makefile to append javafx-specific policy data to the lib/security.java.policy file: $(CAT) "$(JAVAFX_JAVA_POLICY_FILE)" >> "$(JAVA_POLICY_FILE)"
15-05-2014
Thanks to the following guide from Mong: Jerry, Would you be able to help us on this? It would be great if this can be done in JDK 9 b13 next week. We need to add the "javafx-java.policy" file to in Get_FX_Image() function in bin/build/prebuild.sh, similar to what Amy did for the "javafx-ext-meta-index" file below in the Get_FX_Image() function in the bin/build/prebuild.sh if [ $majornum -ge 8 ]; then if [ -f "${fx_location}/$onedir/javafx-samples-for-cobundle.zip" ]; then cp ${fx_location}/$onedir/javafx-samples-for-cobundle.zip $onedir else errorExit "${fx_location}/$onedir java samples cobundle does not exist" fi if [ -f "${fx_location}/$onedir/javafx-ext-meta-index" ]; then cp ${fx_location}/$onedir/javafx-ext-meta-index $onedir else errorExit "${fx_location}/$onedir javafx-ext-meta-index does not exist" fi fi Thanks, Mong
12-05-2014
The JavaFX bug for this is tracked here: https://javafx-jira.kenai.com/browse/RT-36848
09-05-2014