stillhacking

Java security was a hot topic in 2013 and I think it will continue to get some attention as tooling catches up to the newer requirements.  Signing the JNLP for Java Web Start programs is now required. The Java Web Start maven plugin does not yet sign the JNLP file but there is an outstanding issue which I imagine will be resolved before too much longer. In the meantime, this blog entry  and this stack overflow question and answer  may be all you need to get your JNLP signed correctly. The way I read it, you have two choices. First you can create a template file which should be named APPLICATION_TEMPLATE.JNLP in src/main/resources/JNLP-INF and wildcards are permitted.  This is nice if you have the need to deploy your application from more than one server. The second method involves creating a file named APPLICATION.JNLP also in the src/main/resources/JNLP-INF folder.  This file must match the application's jnlp file exactly. Don't forget to mo...