Warning on Permissions attribute when running an applet with JRE 7u45

Question

I\'ve just upgraded JRE to 7u45, and my applet receives a warning message on start-up, saying \" This application will be blocked in a future Java security update because th

Answer 1

After spending some time breaking my head on editing manifest (see how to config manifest with maven) and all those java configurations, I've found how it works:

To grant allPermissions with java 1.7+ you need to edit java.policy file.

Use the policytool to do that. At prompt command line:

policytool

see Oracle tutorial: http://docs.oracle.com/javase/tutorial/security/tour1/wstep2.html

Open the right policy file where your browser vm is executing. For me its in:

C:\Program Files (x86)\Java\jre7\lib\security\java.policy

Should load some CodeBase list. Click on it for edit or:

Add Entry

Leave CodBase blank for every location where code is running but you can put localhost or your stite if you want and signedBy blank for non signed jars/applets. Click Add Permission, then choose AllPermissions
I have CodeBase <ALL> and it java.security.AllPermission

Then save! java.policy and should get sucess message.

Done you can run non signed applet and acess disk files.

Answer 2

I have the same problem. I test it with a explicit codebase, but the warning "Missing Permissions manifest attribute" it continues appearing.

Also tried changing permissions to "sandbox", the message still appearing but the applet don't have privileges to execute some functions.

Edit:

Finally I've found the solution: manifest.mf

Manifest-Version: 1.0
Codebase: *
Permissions: all-permissions
Application-Library-Allowable-Codebase: *
Caller-Allowable-Codebase: *
Application-Name: AppName
Created-By: AppCreator

I hope this help you.

Answer 3

I had the same error when trying to open Dell iDRAC virtual console. This doesn't help if you want to get rid of the warnings in a proper fashion. But if you want to just run the application then for me the solution was to open Java Control Panel and in Security tab set Security Level to Medium.

After that I could run the application after accepting the warnings.

Answer 4

If you happen to be using webstart with version-based protocol, there seems to be a bug with this which causes the Permissions attribute warning when it shouldn't. Once we removed the version attributes from our jnlp, and removed the version string from the jar filenames, the Permissions attribute warning went away.

Edit: I found this forum thread which discusses the matter: https://forums.oracle.com/thread/2594060.

Answer 5

I placed my Java Security to Medium, and now can access the program.

Answer 6

I was also facing this problem and i resolved this problem in my application by just adding the certificate as a "Secure Site" under java control center.

The error message ("The application will be blocked ... Permission attribute") is so misleading and it acts more like a generic error message and has nothing to do with Permissions attribute really present in the jars or not. This to me is a bug and hopefully java will fix it in the next release.

Exact steps to remove this error message:
1) javaws -viewer
2) Open Security tab
3) Clik on "Manage Certificates"
4) Select Certificate Type as "Secure Site"
5) Add the application certificate.