Note: This Java deployment guide describes features released prior to the Java SE 6 update 10 release. See Deployment Configuration File and Properties in Java Rich Internet Applications Development and Deployment for the latest information.
This page covers the following topics:
The deployment.properties
file is used for storing
and retrieving deployment configuration properties in the Java
Control Panel. They are also used for customizing runtime behavior
for both Java Plug-in and Java Web Start.
There is always a User-Level deployment.properties
file. Its location, which is non-configurable, is described below.
There may also be an (optional) System-Level
deployment.properties
file. If it exists, its location
is determined by a System Administrator through the
deployment.config
file as described below.
(deployment.properties)
The User-Level deployment.properties
file is
located as follows:
Operating System
|
Location
|
Windows | <User Application Data
Folder>\Sun\Java\Deployment\deployment.properties |
Unix |
${user.home}/.java/deployment/deployment.properties |
(${user.home}
is typically
home/<username>
.)
For user jsmith
running on Windows 2000/XP, the
deployment.properties
file would be located as
follows:
C:\Documents and Settings\jsmith\Application
Data\Sun\Java\Deployment\deployment.properties
For user bjones
running on Unix, the
deployment.properties
file would be located as
follows:
/home/bjones/.java/deployment/deployment.properties
The deployment.config
file is used for specifying
the System-Level deployment.properties
in the
infrastructure. By default no deployment.config
file
exists; thus, no system-wide deployment.properties
file exists. If deployment.config
exists, it is
located either here
Operating System
|
Location
|
Windows | <Windows
Directory>\Sun\Java\Deployment\deployment.config |
Unix | /etc/.java/deployment/deployment.config |
or here
Operating System
|
Location
|
Windows | ${deployment.java.home}\lib\deployment.config |
Unix | ${deployment.java.home}/lib/deployment.config |
(${deployment.java.home}
is the location of the jre
from which the deployment products are run. Deployment products
include Java Web Start, Java Plug-in, Java Control Panel ...)
deployment.config
(if it exists) contains two
properties: deployment.system.config
and
deployment.system.config.mandatory
.
deployment.system.config
is the URL to the system
(enterprise-wide) deployment.properties
file. It can
be used by system administrators to centrally administrate or
"lock-down" user-specific configuration settings.
deployment.system.config.mandatory
is a boolean.
The default is false
. If false
, there
will be an attempt to load the deployment.properties
file pointed to by the deployment.system.config
URL.
If the URL can be found and loaded, it will be used. If
true
, there will likewise be an attempt to load the
system deployment.properties
file pointed to by the
deployment.system.config
URL. If the URL can be found
and loaded, it will be used; but if it cannot be found or loaded,
then nothing will be allowed to run.
Deployment Configuration PropertiesThe following table describes the properties that can be set in
the deployment.properties
file.
Note: Any system deployment property, say
SomeKey=SomeValue
, may be locked by including another
key, SomeKey.locked
. The key
SomeKey.locked
may or may not be set to a value; in
either case, SomeKey=SomeValue
will be locked so that
the user cannot change it. If a system deployment property is not
locked, then a user will be allowed to change it.
Property Key
|
Type
|
Default Value
|
Description
|
deployment.user.cachedir |
String | "$USER_HOME" + File.separator + "cache" |
User-level cache directory. |
deployment.system.cachedir |
String | null | System-level cache directory. |
deployment.user.logdir | String | "$USER_HOME" + File.separator + "log" | User-level log directory. |
deployment.user.tmp |
String | "$USER_HOME" + File.separator + "tmp"; |
Temporary user directory. |
Property Key
|
Type
|
Default Value
|
Description
|
deployment.user.security.policy |
String | "file://$USER_HOME/security/java.policy" |
User-level security policy file. The protocol of URL is either file, HTTP, or HTTPS. |
deployment.user.security.trusted.cacerts |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.cacerts"; |
User-level Root CA certificate store. |
deployment.user.security.trusted.jssecacerts |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.jssecacerts" |
User-level JSSE CA certificate store. |
deployment.user.security.trusted.certs |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.certs" |
User-level Trusted signer certificate store. |
deployment.user.security.trusted.jssecerts |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.jssecerts"; |
User-level Trusted JSSE certificate store. |
deployment.user.security.trusted.clientauthcerts |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.clientcerts" |
User-level Client Authentication certificate store. |
deployment.system.security.policy |
String | null |
System-level security policy file. The protocol of URL is either file, HTTP, or HTTPS. |
deployment.system.security.cacerts |
String | "$JAVA_HOME" + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts" |
System-level Root CA certificate store. |
deployment.system.security.jssecacerts |
String | "$JAVA_HOME" + File.separator + "lib" + File.separator + "security" + File.separator + "jssecacerts"; |
System-level JSSE CA certificate store. |
deployment.system.security.trusted.certs |
String | "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.certs" |
System-level Signer certificate store. |
deployment.system.security.trusted.jssecerts |
String | "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.jssecerts" |
System-level JSSE certificate store. |
deployment.system.security.trusted.clientauthcerts |
String | "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.clientcerts" |
System-level Client Authentication certificate store. |
Property Key
|
Type
|
Default Value
|
Description
|
deployment.insecure.jres |
String | "PROMPT" |
|
deployment.security.askgrantdialog.show |
String | true | Must be "true" if the user is allowed to grant permissions at all. |
deployment.security.askgrantdialog.notinca |
String | true | Must be "true" if the user is allowed to grant permissions to certificates that are not issued by a CA in the Root/JSSE CA certificate store. |
deployment.security.jsse.hostmismatch.warning |
String | true | Must be "true" for JSSE HTTPS certificate verification to show host-mismatch warning. |
deployment.security.trusted.policy |
String | "" |
Policy file contains the ceiling policy of permissions granted
to trusted applications and applets. By default this is all
permissions, but by using this configuration setting, a user or
enterprise can configure a lesser set of permissions. |
deployment.security.mixcode |
String | ENABLE | "ENABLE" enables the software to test for mixing trusted and untrusted code and, when potentially unsafe components are detected, raises a warning dialog. "HIDE_RUN" suppresses the warning dialog and, if potentially unsafe components are detected, behaves as if the user had clicked No in the warning dialog - the applet or application continues running with some added protections. "HIDE_CANCEL" suppresses the warning dialog and behaves as if the user had clicked Yes in the warning dialog - potentially unsafe components are blocked from running and the program may terminate. "DISABLE" (not recommended) disables the software from checking for mixing trusted and untrusted code, leaving the user to run potentially unsafe code with no warning and without the additional protections. |
deployment.security.sandbox.awtwarningwindow |
String | true | "true" if the sandbox has awtShowWindowWithoutWarning. |
deployment.security.sandbox.jnlp.enhanced |
String | true | Must be "true" for the user to see and accept JNLP API security dialogs. |
deployment.security.blacklist | String | ENABLE | Support for blacklisting signed jar files that contain serious security vulnerabilities. deployment.security.blacklist.check is used to toggle this behaviour. For more information visit Blacklist Feature. |
deployment.security.validation.ocsp | Boolean | false | Specifies whether Online Certificate Status Protocol is enabled. |
deployment.security.validation.ocsp.url | String | null | Specifies a url string pointing to an OCSP response server. |
deployment.security.validation.ocsp.signer | String | null | Points to a OCSP response singer certificate subject name. |
deployment.security.validation.crl | Boolean | false | Specifies whether to use certificate revocation list. |
deployment.security.validation.crl.url | String | null | Specifies a URL in the Certificate Revocation List to perform a certificate validation. |
deployment.security.authenticator |
String | true | Normally Plug-in and Web Start install an Authenticator to handle
communication with Authenticating web pages or Authenticating
proxies. This is the default behavior (true). This option can be
used to turn the normal behavior off if, for example, an
application communicates itself with an authenticating web page and
needs to install it's own Authenticator. |
Property Key
|
Type
|
Default Value
|
Description
|
deployment.proxy.type |
int | 3 for PROX_TYPE_BROWSER |
This is for the type of proxy that should be use. The choices are: PROX_TYPE_UNKNOWN = -1; |
deployment.proxy.same |
boolean | false | This parameter (true) says to use the same web server and port
for https and ftp as is configured for http. (This is only valid if
deployment.proxy.type = PROX_TYPE_MANUAL.) |
deployment.proxy.auto.config.url | String | (no default) | URL for auto-Auto proxy configuration JavaScript.proxy configuration JavaScript. |
deployment.proxy.bypass.list | String | (no default) | List of host names that should bypass the proxy. Each host name is delimited by a comma in the property; e.g., "192.168.1.100,localhost,example.com" |
deployment.proxy.bypass.local | String | (no default) |
All local hosts should be bypassed. |
deployment.proxy.http.host | String | (no default) | HTTP proxy hostname. |
deployment.proxy.http.port | String | (no default) | HTTP proxy port. |
deployment.proxy.https.host | String | (no default) | HTTPS proxy hostname. |
deployment.proxy.https.port | String | (no default) | HTTPS proxy port. |
deployment.proxy.ftp.host | String | (no default) | FTP proxy hostname. |
deployment.proxy.ftp.port | String | (no default) | FTP proxy port. |
deployment.proxy.socks.host | String | (no default) | SOCKS v4 proxy hostname. |
deployment.proxy.socks.port | String | (no default) | SOCKS v4 proxy port. |
deployment.proxy.override.hosts |
String | "" | Proxy overridden list. |
Property Key
|
Type
|
Default Value
|
Description
|
deployment.cache.max.size |
String | "-1" |
Maximum size of deployment cache in MB. This is the cache size for each cache: Java Web Start and Java Plug-in. "0"-Disables caching in Java Plug-in; cache size in Java Web Start will be unlimited. "-1"-For unlimited cache size. |
deployment.cache.jarcompression |
String | 0 |
0-9 compression ratio to be used in applet jar compression. |
deployment.cache.enabled |
String | false | Specifies if cache should be disabled. false means it should not be disabled. |
Property Key
|
Type
|
Default Value
|
Description
|
deployment.console.startup.mode |
String |
"HIDE" |
The choices are:
|
Property Key
|
Type
|
Default Value
|
Description
|
deployment.trace | String | false | Enable tracing. |
deployment.log |
String | false | Enable logging. |
Property Key
|
Type
|
Default Value
|
Description
|
deployment.javaws.associations | int | 2 |
The JNLP associations. The choices are: ASSOCIATION_NEVER = 0; |
Property Key
|
Type
|
Default Value
|
Description
|
|
String | "ASK_IF_HINTED" |
This relates to creating a desktop shortcut for Java Web Start. The choices are:
|
Property Key
|
Type
|
Default Value
|
Description
|
deployment.javaws.installURL |
String | "http://java.sun.com/products/autodl/j2se" |
The autodownload URL. |
Property Key
|
Type
|
Default Value
|
Description
|
deployment.javaws.autodownload |
String | "ALWAYS" |
This sets the choices for autodownloading. The choices are:
|
Property Key
|
Type
|
Default Value
|
Description
|
deployment.browser.path |
String | "<No Browser Selected>" |
This is the path to the browser for showing web pages from the application viewer, the About Box, and Web Start applications. Note that this property is used for Solaris and Linux only. On Widows, this property is ignored, and the default browser is determined the same way it is by any other application that launches a browser on Windows. |
Property Key
|
Type
|
Default Value
|
Description
|
deployment.javaws.update.timeout | int | 500 | Units are milliseconds. |