Lesson: Java Web Start

ava Web Start provides the power to launch full-featured applications with a single click. Users can
download and launch applications, such as a complete spreadsheet program or an Internet chat client,
without going through complicated installation procedures.

With Java Web Start, the user can launch a Java application by clicking a link in a Web page. The
link points to a JNLP file, which instructs Java Web Start to download, cache and run the application.

Java Web Start provides Java developers and users with many deployment advantages:

 With Java Web Start, you can place a single Java application on a Web server for
deployment to a wide variety of platforms, including Windows 2003/Vista/2000/XP,
Linux, and SolarisTM
 Java Web Start supports multiple, simultaneous versions of the Java Standard Edition
platform. Specific applications can request specific Java versions without conflicting
with the different needs of other applications. Java Web Start automatically
downloads and installs the correct version of the Java platform as necessary based on
the application's needs and the user's environment.
 Users can launch a Java Web Start application independently of a Web browser. The
user can be off-line, or unable to access the browser. Desktop shortcuts can also
launch the application, providing the user with the same experience as a native
application.
 Java Web Start takes advantage of the inherent security of the Java platform. By
default, applications have restricted access to local disk and network resources. Users
can safely run applications from sources that are not trusted.
 Applications launched with Java Web Start are cached locally, for improved
performance.
 Java Web Start provides limited support for applets through its built-in applet viewer.
However, this is not intended to be a full- scale applet environment, such as the one
provided by Java Plug-in. Java Web Start's applet viewer has certain limitations; for
example, you cannot specify class files as resources, and it does not accept policy
files.

In Java Version 1.4.2 and beyond, Java Web Start is installed as part of the JRE. Users do not have to
install it separately or perform additional tasks to use Java Web Start applications.

This lesson contains the following sections:

Running Java Web Start Applications

You can run an application with Java Web Start in three different ways.

Deploying Java Web Start Applications

You deploy an application for Java Web Start in four simple steps.

Developing Java Web Start Applications

1218
You develop an application for use through Java Web Start just as you would any Java application,
with a few special considerations.

The JNLP API

You can use the JNLP API to access additional information in applications run through Java Web
Start.

Java Web Start and Security

Java Web Start applications run in a sandbox by default. You can provide digital signatures and
permissions in the JNLP file to enable functionality beyond the sandbox.

Common Java Web Start Problems

Gives solutions to some problems you might encounter while learning Java Web Start.

Questions and Exercises: Java Web Start

Test what you've learned about Java Web Start.

Additional References

This lesson is intended to get you started with Java Web Start and does not include all available
documentation. For more information about Java Web Start, see the following:

 Java Web Start Guide

 Java Web Start FAQ
 JNLP Specification
 javax.jnlp API Documentation
 Java Web Start Developers Site

Running Java Web Start Applications

Users can run Java Web Start applications in the following ways:

 Running a Java Web Start Application from a Browser

 Running an Application from the Java Cache Viewer
 Running a Java Web Start Application from the Desktop

Note: Users of applications deployed with Java Web Start must have a compatible version of the
Java Runtime Environment (JRE). The complete JDK is not required.

Running a Java Web Start Application from a Browser

You run an application with Java Web Start from a browser simply by clicking a link to the
application's JNLP file, such as:
<a href="Notepad.jnlp">Launch Notepad Application</a>
Java Web Start then loads and runs the application based on instructions in the JNLP file.

1219
Try it now: Run Notepad

Running an Application from the Java Cache Viewer

If you are using Java Version 1.6.0, you can run a Java Web Start application through the Java Cache
Viewer.

When Java Web Start first loads an application, information fro

1220
m the application's JNLP file is stored in the local Java Cache Viewer. To launch the application again, you do not need to return to the Web page
where you first launched it; you can simply open the Java Cache Viewer.

To open the Java Cache Viewer:

1. Open the Control Panel.

2. Double click on the Java icon. The Java Control Panel opens.
3. Select the General tab.
4. Click View. The Java Cache Viewer opens.

The application is listed in the viewer:

Java Cache Viewer application

To run the application, select it and click the Run button, , or double click the application. The application starts just as it did from the Web
page.
1221
Running a Java Web Start Application from the Desktop

Through the Java Cache Viewer, you can add a short

1222
cut to the application to your desktop. Simply select the application, right-click and select Install

Shortcuts, or Click the Install button, . A shortcut is then added to the desktop:

You can then launch the Java Web Start application just as you would any native application.

Deploying Java Web Start Applications

This section describes the basics of deploying an application using Java Web Start.
Deploying an application involves the following steps:

1. Setting up the Web Server

2. Creating the JNLP File
3. Placing the Application on the Web Server
4. Creating the Web Page

This section uses the Notepad example application to demonstrate Java Web Start
technology. You can find all the source files for the Notepad application example in the
\demo\plugin\jfc\Notepad directory within the JDK installation directory.

Setting up the Web Server

Before you can deploy an application with Java Web Start over the Web, you must ensure
that the Web server you are using can handle JNLP files.

Configure the Web server so that files with the .jnlp extension are set to the application/x-
java-jnlp-file MIME type.

How you set the JNLP MIME type depends on the Web server you are using. For example, for the
Apache Web server, you simply add the line

application/x-java-jnlp-file JNLP
to the mime.types file.

For other Web servers, check the documentation for instructions on setting MIME types.

Creating the JNLP File

The key to running an application with Java Web Start is the Java Network Launching
Protocol, or JNLP, file. The JNLP file is an XML file that contains elements and attributes
that tell Java Web Start how to run the application.

An Example JNLP File

Following is the JNLP file for the Notepad demo:
<?xml version="1.0" encoding="utf-8"?>
<!-- JNLP File for Notepad -->

<jnlp spec="1.0+"

1223
codebase="http://java.sun.com/docs/books/tutorialJWS/deployment/webstart/examples
/"
href="Notepad.jnlp">
<information>
<title>Notepad Demo</title>
<vendor>The Java(tm) Tutorial: Sun Microsystems, Inc.</vendor>
<description>Notepad Demo</description>
<homepage
href="http://java.sun.com/docs/books/tutorial/deployment/webstart/running.html"/>
<description kind="short">ClickMeApp uses 3 custom classes plus several
standard ones</description>
<offline-allowed/>
</information>
<resources>
<jar href="Notepad.jar"/>
<j2se version="1.6+"
href="http://java.sun.com/products/autodl/

1224
 j2se"/>
</resources>
<application-desc main-class="Notepad"/>
</jnlp>
If you click this link to the Notepad.jnlp file, you open and run the Notepad application.

JNLP File Contents

The following table describes the elements and attributes in the sample JNLP file.

Note: This table does not include all possible contents of the JNLP file. For more information, see the Java Network Launching Protocol
& API Specification (JSR-56).

Elements and Attributes of a JNLP file

Element Attributes Description Since Required
jnlp This is the main xml element for a jnlp file. Everything is contained within the jnlp element. 1.0 yes
The spec attribute can be 1.0, 1.5.0, or 1.6.0 or can use the wildcards such as 1.0+. It denoted the
spec 1.0
minimum version of the JNLP Specification that this jnlp file can work with.
The codebase attribute specifies the base location for all relative URLs specified in href attributes in
codebase 1.0
the JNLP file.
href The href specifies the URL of the JNLP file itself. 1.0
version The version of the application being launched, as well as the version of the JNLP file itself. 1.0
information The information element contains other elements that describe the application and it's source. 1.0 yes
1.5.0
os Specifies the operating system for which this information element should be considered.

arch Specifies the architecture for which this information element should be considered 1.5.0
platform Specifies the platform for which this information element should be considered. 1.5.0

1225
 locale Specifies the locale for which this information element should be considered. 1.5.0
title The title element specifies the title of the application. 1.0 yes
vendor The vendor element specifies the provider of the application. 1.0 yes
homepage The homepage of the application. 1.0
href A URL pointing to where more information on this application can be found. 1.0 yes
description A short statement describing the application. 1.0
kind An indicator as to what type of description this is, legal values are one-line, short, and tooltip. 1.0
icon Describes an icon that can be used to identify the application to the user. 1.0
href A URL pointing to the icon file, may be in one of the following formats: gif, jpg, png, ico. 1.0 yes
kind Indicates the suggested use of the icon, can be: default, selected, disabled, rollover, splash, or shortcut. 1.0
width Can be used to indicate the resolution of the image. 1.0
height Can be used to indicate the resolution of the image. 1.0
depth Can be used to indicate the resolution of the image. 1.0
offline-allowed Indicates that this application can operate when the client system is disconnected from the network. 1.0
shortcut The shortcut element can be used to indicate an application's preferences for desktop integration. 1.5.0
online Can be used to describe the application's preference for creating a shortcut to run online or offline. 1.5.0
desktop Can be used to indicate an application's preference for putting a shortcut on the users desktop. 1.5.0
menu Can be used to indicate an application's preference for putting a menu item in the users start menus. 1.5.0
sub-menu Can be used to indicate an application's preference for where to place the menu item. 1.5.0
association Can be used to hint to the JNLP client that it wishes to be registered with the operating system as the 1.5.0
1226
 primary handler of certain extensions and a certain mime-type.
Contains a list of file extensions (separated by spaces) that the application requests it be registered to
extensions 1.5.0
handle.
mime-type Contains the mime-type that the application requests it be registered to handle. 1.5.0
related-content Describes an additional piece of related content that may be integrated with the application. 1.5.0
href A URL pointing to the related content. 1.5.0 yes

The update element is used to indicate the preferences for how application updates should be handled
update 1.6.0
by the JNLP Client.
Indicates the preference for when the JNLP Client should check for updates. It can be always,
check 1.6.0
timeout, or background..
Indicates the preference for how the JNLP Client should handle an application update when it is
policy known an update is available before the application is launched. It can be always, prompt-update, or 1.6.0
prompt-run.
1.0
security This element can be used to request enhanced permissions. 1.0
all-permissions Requests that the application be run with all permissions. 1.0
j2ee-application- Requests that the application be run with a permission set that meets the security specifications of the
1.0
client-permissions J2EE Application Client environment.
1.0
resources Describes all the resources that are needed for an application. 1.0 yes
os Specifies the operating system for which the resources element should be considered. 1.0

1227
 arch Specifies the architecture for which the resources element should be considered. 1.0
locale Specifies that the locales for which the resources element should be considered.
1.6.0
java (or java se) Specifies what version(s) of Java to run the application with.
(java)
version Describes an ordered list of version ranges to use. 1.0 yes
href The URL denoting the supplier of this version of java, and where it may be downloaded from. 1.0
Indicates an additional set of standard and non-standard virtual machine arguments that the
java-vm-args 1.0
application would prefer the JNLP Client to use when launching Java.
initial-heap-size Indicates the initial size of the Java heap. 1.0
max-heap-size Indicates the maximum size of the Java heap. 1.0
jar Specifies a JAR file that is part of the application's classpath. 1.0 yes
href The URL of the jar file. 1.0 yes
version The requested version of the jar file. Requires using the version-based download protocol 1.0
main Indicates if this jar contains the class containing the main method of the application. 1.0
download Can be used to indicate this jar may be downloaded lazily, or when needed. 1.0
size Indicates the downloadable size of the jar file in bytes. 1.0
part Can be used to group resources together so they will be downloaded at the same time. 1.0
nativelib Specifies a JAR file that contains native libraries in it's root directory. 1.0
href The URL of the jar file. 1.0 yes
version The requested version of the jar file. Requires using the version-based download protocol 1.0

1228
 download Can be used to indicate this jar may be downloaded lazily. 1.0
size Indicates the downloadable size of the jar file in bytes. 1.0
part Can be used to group resources together so they will be downloaded at the same time. 1.0
extension Contains pointer to an additional component-desc or installer-desc to be used with this application. 1.0
href The URL to the additional extension jnlp file. 1.0 yes
version The version of the additional extension jnlp file. 1.0
name The name of the additional extension jnlp file 1.0
ext-download Can be used in an extension element to denote the parts contained in a component-extension. 1.0
ext-part Describes the name of a part that can be expected to be found in the extension. 1.0 yes
download Can be used to indicate this extension may be downloaded eagerly or lazily. 1.0
part Denotes the name of a part in this jnlp file to include the extension in. 1.0
package Can be used to indicate to the JNLP Client which packages are implemented in which JAR files. 1.0
name Package name contained in the jar files of the given part. 1.0 yes
part Part name containing the jar files that include the given package name. 1.0 yes
Can be used to indicated that all package names beginning with the given name, can be found in the
recursive 1.0
given part.
Defines a system property that will be available through the System.getProperty and
property 1.0
System.getProperties methods.
name Name of the system property. 1.0 yes
value Value it will be set to. 1.0 yes

1229
 1.0
Note: A jnlp file must contain one of application-desc, applet-desc, component-desc, or installer-desc 1.0 yes
applicaation-desc Denotes this is the jnlp file for an application. 1.0
main-class The name of the class containing the public static void main(String[]) method of the application. 1.0 yes
argument Each argument contains (in order) an additional argument to be passed to main. 1.0
applet-desc Denotes this is the jnlp file for an applet. 1.0
main-class This is the name of the main Applet class. 1.0 yes
documentbase The document base for the Applet as a URL. 1.0
name Name of the Applet. 1.0 yes
width The width of the applet in pixels. 1.0 yes
height The height of the applet in pixels 1.0 yes
param A set of parameters that can be passed into the applet. 1.0
name The name of this parameter 1.0 yes
value The value of this parameter 1.0 yes
component-desc Denotes this is the jnlp file for a component extension. 1.0
installer-desc Denotes this is the jnlp file for an installed extension. 1.0
main-class The name of the class containing the public static void main(String[]) method of the installer. 1.0 yes

1230
Encoding JNLP Files
Java Web Start supports encoding of JNLP files in any character encoding supported by the Java platform. For more information on
character encoding in Java, see the Supported Encodings Guide. To encode a JNLP file, specify an encoding in the XML prolog of that
file. For example, the following line indicates that the JNLP file is encoded in UTF-16.
<?xml version="1.0" encoding="utf-16"?>

Note: The XML prolog itself must be UTF-8-encoded.

Placing the Application on the Web Server

The next step in deploying your application with Java Web Start is as simple as placing all the application's JAR files and the JNLP file
on the Web server. You must ensure the JAR files are in

1231
the locations specified by the href attribute of the jar element in the JNLP file.

Creating the Web Page

Once you've completed to preceding steps, you are ready to write a Web page that gives
users access to your application. Adding a link to your application in a Web page for users
with Java Web Start already installed is simple; however, you must also design your Web
page for users that might not have Java Web Start installed.

Adding the Basic Link to the JNLP File

In order to enable your users to launch the application from a Web page, you must include
a link to the application's JNLP file from that Web page. To add this link, you use the
standard HTML link syntax, with the href attribute specifying the location of the JNLP file:
<a href="Notepad.jnlp">Launch Notepad Application</a>
Assuming Java Web Start is installed on the client computer, when the user clicks this link,
Java Web Start executes the application based on the instructions in the JNLP file.

Adding the Link when Java Web Start is not Installed

For users who might not have Java Web Start installed, you must write scripts in your Web
page to:

1. Detect which browser the user has.

2. Detect whether Java Web Start is installed.
3. If Java Web Start is not installed, either auto-install it, or direct the user to a
download page.

For more information and sample scripts to use for these steps, see the Java Web Start
Guide.

Developing Java Web Start Applications

For the most part, you develop applications to be deployed through Java Web Start just as you would
develop stand-alone Java applications. However, there are some packaging considerations, which are
described in the following sections:

 Packaging the Application in JAR Files

 Reading Resources in a JAR File
 Untrusted Applications

Packaging the Application in JAR Files

To deploy an application with Java Web Start, you must package the application as one or more JAR
files. In particular, you must package the application's files into one or more JAR files.

Note : Other resources such as images and property files can, if necessary, be outside of JAR files
and retrieved using HTTP requests. However, storing resources in JAR files is preferred, because
JAR files are cached on the local computer by Java Web Start.

If the application needs unrestricted access to the local system, all JAR files and entries must be
signed. For more information, see the Java Web Start and Security section.

Reading Resources in a JAR File

1232
Use the getResource method to read resources from a JAR file. For example, the following code
example retrieves images from a JAR file:
// Get current classloader
ClassLoader cl = this.getClass().getClassLoader();
// Create icons
Icon saveIcon = new ImageIcon(cl.getResource("images/save.gif"));
Icon cutIcon = new ImageIcon(cl.getResource("images/cut.gif"));
The example assumes that the following entries exist in the JAR files for the application:

 images/save.gif
 images/cut.gif

Untrusted Applications

Unless you sign your application's JAR files, which requires users to accept your certificate, your
application deployed through Java Web Start is untrusted. Untrusted applications have the following
restrictions:

 The application can not access the local disk.

 All JAR files for the application must be downloaded from the same server.
 The application can only make network connections to the server from which the JAR
files were downloaded.
 A security manager can not be removed or replaced.
 The application cannot use native libraries.
 The application has limited access to system properties. The application has
read/write access to a set of system properties known to be secure, and read-only
access to the same set of properties as an applet.

For more information, see the Java Web Start and Security section.

Also see The JNLP API section for information on using the special Java Web Start packages in your
applications.

The JNLP API

The Java platform includes the JNLP API to enable you to provide additional information to
applications deployed through Java Web Start.

The JNLP API is included in the javax.jnlp package, which is delivered in the jnlp.jar as part of
te Java Development Kit version 6, in the sample/jnlp/servlet directory. The javax.jnlp
package is also delivered in the javaws.jar, which is located in the JRE's lib directory.

The following table provides an overview of the main interfaces and classes in the javax.jnlp
package. For more information, see the API documentation and the Java Web Start Guide .

Warning : Java Web Start warns users of the following Interfaces and Classes about the potential
security risk of allowing an untrusted application to access the file system, use the system printer, use
the system clipboard, or increase the disk space used by the PersistenceService.

Interfaces and Classes in the javax.jnlp Package

Interface or Class Description
1233
 Provides methods for:

 Determining the codebase of the application

BasicService
 Determining whether the application is online or not
 Determining whether a Web browser is supported on the current
platform and by the JNLP client.
 Opening a specific URL in the browser

Provides methods for copying contents to and from the client system's
ClipboardService clipboard. The ClipboardService interface works for applications
running in a sandbox.

DownloadService
Provides the ability to control how the application's resources are
cached.

ExtendedService
Provides additional support to the current JNLP API. It allows
applications to open specific file(s) in the client's file system.
Encapsulates the name and contents of a file. An object of this class is
FileContents used by the FileOpenService, FileSaveService and
PersistenceService interfaces.

FileOpenService
Provides the ability for applications to open files on the local file
system.
Provides methods for exporting files to the local disk, even for
applications that are running in the restricted execution environment.
FileSaveService
Note: This interface provides the same level of disk access to potentially
untrusted Web-deployed applications that a Web browser provides for
content it displays through its Save As . . . dialog box.

JNLPRandomAccessFile
Supports reading from and writing to a random access file. A random
access file behaves like a large array of bytes stored in the file system.
Provides methods for storing data locally on the client system, even for
applications that are running in a sandbox.

PersistenceService
Note: This service is similar to the cookie mechanism for HTML-based
applications. Cookies allow a small amount of data to be stored locally
on the client system. That data can be securely managed by the browser
and can only be retrieved by HTML pages which originate from the
same URL as the page that stored the data.
Provides methods for access to printing, even for applications that are
running in the restricted execution environment.

PrintService Note: Starting with Java Web Start 5.0, you can use the Java Printing
APIs, so there is no need to use this interface. If the application is
running in a sandbox, Java Web Start opens a security dialog box asking
the user for permission to print.

SingleInstanceService
Provides a set of methods for applications to register themselves as
singletons, and to register listener(s) for handling arguments passed in

1234
 from different instances of applications.

Java Web Start and Security

This section describes the basics of security for applications deployed through Java Web Start and
includes:

 Java Web Start Security Basics

 Signing JAR Files for Java Web Start Deployment
 Security and JNLP Files
 Dynamic Downloading of HTTPS Certificates

Java Web Start Security Basics

Applications launched with Java Web Start are, by default, run in a restricted environment, known as
a sandbox. In this sandbox, Java Web Start:

 Protects users against malicious code that could affect local files
 Protects enterprises against code that could attempt to access or destroy data on
networks

Unsigned JAR files launched by Java Web Start remain in this sandbox, meaning they cannot access
local files or the network.

Signing JAR Files for Java Web Start Deployment

Java Web Start supports signed JAR files so that your application can work outside of the sandbox
described above, so that the application can access local files and the network.

Java Web Start verifies that the contents of the JAR file have not changed since it was signed. If
verification of a digital signature fails, Java Web Start does not run the application.

When the user first runs an application as a signed JAR file, Java Web Start opens a dialog box
displaying the application's origin based on the signer's certificate. The user can then make an
informed decision regarding running the application.

For more information, see the Signing and Verifying JAR Files section.

Security and JNLP Files

For a signed JAR file to have access to the local file system and network, you must specify security
settings in the JNLP file. The security element contains security settings for the application.

The following example provides the application with complete access to the client system if all its
JAR files are signed:

<security>
<all-permissions/>
</security>

Dynamic Downloading of HTTPS Certificates

1235
Java Web Start dynamically imports certificates as browsers typically do. To do this, Java Web Start
sets its own https handler, using the java.protocol.handler.pkgs system properties, to initialize
defaults for the SSLSocketFactory and HostnameVerifier . It sets the defaults with the methods
HttpsURLConnection.setDefaultSSLSocketFactory and
HttpsURLConnection.setDefaultHostnameVerifier .

If your application uses these two methods, ensure that they are invoked after the Java Web Start
initializes the https handler, otherwise your custom handler will be replaced by the Java Web Start
default handler.

You can ensure that your own customized SSLSocketFactory and HostnameVerifiter are used by
doing one of the following:

 Install your own https handler, to replace the Java Web Start https handler. For
more information, see the document A New Era for Java Protocol Handlers .
 In your application, invoke HttpsURLConnection.setDefaultSSLSocketFactory
or HttpsURLConnection.setDefaultHostnameVerifier only after the first https
URL object is created, which executes the Java Web Start https handler initialization
code first.

Common Java Web Start Problems

Problem: My browser shows the JNLP file for my application as plain text.
Most likely, your Web server is not aware of the proper MIME type for JNLP files. See the Setting
up the Web server section for more information.

Furthermore, if you are using a proxy server, ensure that the update versions of the files are returned,
by updating the time stamp of the resources on the Web server such that the proxies will update their
caches.

Problem: When I click on a link to a JNLP file with Internet Explorer and Java Web Start launches,
I get the message "Could not load file/URL specified: C:\Documents and
Settings\...\application[1].jnlp".

This problem only occurs with Internet Explorer. It is usually caused by a no-cache directive from
the Web or proxy server, which causes Internet Explorer to not write the JNLP file to the local disk.

This frequently happens when you upgrade a Tomcat-based server, as later versions set the no-cache
directive by default for any resource that is within a security-constraint in the web.xml file. Try
removing the relevant URI from the security constraint.

This problem can also occur because of a full cache, or if the cache is turned off in Internet Explorer.

The most likely cause is that your browser and Java Web Start have different proxy settings. To
modify Java Web Start proxy settings:

1. Open the Java Application Cache Viewer.

2. From the Edit menu, select Preferences. The Java Control Panel opens.
3. Click Network Settings. The Network Settings dialog box opens.
4. Select Use proxy server, enter the proxy server name, and port number
(typically 8080).
5. Click OK.
1236
Problem: When I try to launch my JNLP file, I get the following error:

MissingFieldException[ The following required field is missing from the

launch file: (|||)]
at com.sun.javaws.jnl.XMLFormat.parse(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Often this error occurs when your XML is malformed. You can stare at the code until you figure it
out but it is easier to run an XML syntax checker over the file. (NetBeans IDE and jEdit both provide
XML syntax checkers.)

However, this error can occur in a other situations and the above was caused by the following line in
an otherwise well-formed XML file:

<description kind="short">Demonstrates choosing the drop location in the target

<code>TransferHandler</code></description>
The error was caused by the illegal embedded code tags.

Questions and Exercises: Java Web Start

Questions

1. In a link that is to run a Java Web Start application, which file is specified as the a
tag's href attribute?
2. Which MIME type must a Web server recognize in order for it to host Java Web Start
applications?
3. In an application's JNLP file, which two elements must be specified within the
resources element?
4. Which interface provides the ability to control how the Java Web Start application's
resources are cached?
a. BasicService
b. DownloadService
c. PersistenceService
d. ExtendedService
5. True or False: Java Web Start applications run in a secure sandbox by default.
6. True or False: If a Java Web Start application is running in a secure sandbox, JAR
files for the application can reside on different servers.
7. For a Java Web Start application to support operations outside of the secure sandbox,
what must you do with its JAR files?

Exercises

1. Write the XML code you would add to a JNLP file in order to request that the
application have complete access to the client system.
2. For a Java Web Start application, you have two icons, one.gif and two.gif, in the
images directory in a JAR file. Write the application code you would use to access
these images.

Answers to Questions and Exercises: Java Web Start

1237
Questions

1. Question: In a link that is to run a Java Web Start application, which file is specified
as the a tag's href attribute?

Answer: You use the application's JNLP file name as the value of the href attribute.
When a user clicks the link to the JNLP file, Java Web Start loads the application
specified by that JNLP file.

2. Question: Which MIME type must a Web server recognize in order for it to host Java
Web Start applications?

Answer: You must configure the Web server so that files with the .jnlp extension are
set to the application/x-java-jnlp-file MIME type.

3. Question: In an application's JNLP file, which two elements must be specified within
the resources element?

Answer: The resources element must contain:

o The j2se element, which specifies the Java platform on which to run the
application.
o The jar element, which specifies the JAR file for the application.
4. Question: Which interface provides the ability to an application to control how its
own resources are cached?
a. BasicService
b. DownloadService
c. PersistenceService
d. ExtendedService

Answer: B. The DownloadService interface provides the ability to an application to

control how its own resources are cached.

5. Question: True or False: Java Web Start applications run in a secure sandbox by
default.

Answer: True.

6. Question: True or False: If a Java Web Start application is running in a secure

sandbox, JAR files for the application can reside on different servers.

Answer: False. All JAR files for the application must reside on the same server.

7. Question: For a Java Web Start application to support operations outside of the secure
sandbox, what must you do with its JAR files?

Answer: You must sign JAR files to enable your application can work outside of the
sandbox.

Exercises

1238
1. Exercise: Write the XML code you would add to a JNLP file in order to request that
the application have complete access to the client system.

Answer:

<security>
<all-permissions/>
</security>

2. Exercise: For a Java Web Start application, you have two icons, one.gif and
two.gif, in the images directory in a JAR file. Write the application code you would
use to access these images.

Answer:

// Get current classloader

ClassLoader cl = this.getClass().getClassLoader();
// Create icons
Icon firstIcon = new
ImageIcon(cl.getResource("images/one.gif"));
Icon secondIcon = new
ImageIcon(cl.getResource("images/two.gif"));

1239