Java Rich Internet Applications Guide > Java Control Panel > Deployment Configuration File and Properties
The following topics are covered:
The deployment.properties
file is used for storing
and retrieving deployment configuration properties in the Java
Control Panel. They are also used for customizing runtime behavior
for both Java Plug-in and Java Web Start.
There is always a User-Level deployment.properties
file. Its location, which is non-configurable, is described below.
There may also be an (optional) System-Level
deployment.properties
file. If it exists, its location
is determined by a System Administrator through the
deployment.config
file as described below.
(deployment.properties)
The following table shows the location of the User-Level deployment.properties
file.
Operating System | Location |
---|---|
Windows | <User Application Data
Folder>\LocalLow\Sun\Java\Deployment\deployment.properties |
UNIX |
${user.home}/.java/deployment/deployment.properties |
Mac OS X | ~/Library/Application Support/Oracle/Java/Deployment/deployment.properties |
On Windows, <User Application Data Folder>
is typically C:\Users\username
. On UNIX, ${user.home}
is typically
/home/username
. On Mac OS X, the tilde (~) represents the home directory, which is typically /Users/username
.
For user jsmith
running on Windows 7, the
deployment.properties
file would be located in the following directory:
C:\Users\jsmith\AppData\LocalLow\Sun\Java\Deployment\deployment.properties
For user bjones
running on UNIX, the
deployment.properties
file would be located in the following directory:
/home/bjones/.java/deployment/deployment.properties
For user jdoe
running on Mac OS X, the
deployment.properties
file would be located in the following directory:
/Users/jdoe/Library/Application Support/Oracle/Java/Deployment/deployment.properties
The deployment.config
file is used for specifying
the System-Level deployment.properties
in the
infrastructure. By default no deployment.config
file
exists; thus, no system-wide deployment.properties
file exists. If deployment.config
exists, it is
located in one of the directories shown in the following table.
Operating System |
Location |
---|---|
Windows |
|
UNIX |
|
Mac OS X |
|
${deployment.java.home}
is the location of the JRE
from which the deployment products are run. Deployment products
include Java Web Start, Java Plug-in, Java Control Panel, and others.
deployment.config
(if it exists) contains two
properties: deployment.system.config
and
deployment.system.config.mandatory
.
deployment.system.config
is the URL to the system
(enterprise-wide) deployment.properties
file. This property can
be used by system administrators to centrally administer or
"lock-down" user-specific configuration settings. For local files, use the file
protocol in the URL, for example, file:///C:/Windows/Sun/Java/Deployment/deployment.properties
.
deployment.system.config.mandatory
is a boolean.
The default is false
. If false
, there
will be an attempt to load the deployment.properties
file pointed to by the deployment.system.config
URL.
If the URL can be found and loaded, it will be used. If
true
, there will likewise be an attempt to load the
system deployment.properties
file pointed to by the
deployment.system.config
URL. If the URL can be found
and loaded, it will be used; but if it cannot be found or loaded,
then nothing will be allowed to run.
Deployment Configuration PropertiesThe following table describes the properties that can be set in
the deployment.properties
file.
Note: Any system deployment property, say
SomeKey=SomeValue
, may be locked by including another
key, SomeKey.locked
. The key
SomeKey.locked
may or may not be set to a value; in
either case, SomeKey=SomeValue
will be locked so that
the user cannot change it. If a system deployment property is not
locked, then a user will be allowed to change it.
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.user.cachedir |
String | "$USER_HOME" + File.separator + "cache" |
User-level cache directory. |
deployment.system.cachedir |
String | null | System-level cache directory. |
deployment.user.logdir | String | "$USER_HOME" + File.separator + "log" | User-level log directory. |
deployment.user.tmp |
String | "$USER_HOME" + File.separator + "tmp"; |
Temporary user directory. |
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.user.security.trusted.cacerts |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.cacerts"; |
User-level Root CA certificate store. |
deployment.user.security.trusted.jssecacerts |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.jssecacerts" |
User-level JSSE CA certificate store. |
deployment.user.security.trusted.certs |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.certs" |
User-level Trusted signer certificate store. |
deployment.user.security.trusted.jssecerts |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.jssecerts"; |
User-level Trusted JSSE certificate store. |
deployment.user.security.trusted.clientauthcerts |
String | "$USER_HOME" + File.separator + "security" + File.separator + "trusted.clientcerts" |
User-level Client Authentication certificate store. |
deployment.user.security.exception.sites |
String | "$USER_HOME" + File.separator + "security" + File.separator + "exception.sites" | Location of the exception site list. See Exception Site List for information. |
deployment.system.security.policy |
String | null |
System-level security policy file. The protocol of URL is either file, HTTP, or HTTPS. |
deployment.system.security.cacerts |
String | "$JAVA_HOME" + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts" |
System-level Root CA certificate store. |
deployment.system.security.jssecacerts |
String | "$JAVA_HOME" + File.separator + "lib" + File.separator + "security" + File.separator + "jssecacerts"; |
System-level JSSE CA certificate store. |
deployment.system.security.trusted.certs |
String | "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.certs" |
System-level Signer certificate store. |
deployment.system.security.trusted.jssecerts |
String | "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.jssecerts" |
System-level JSSE certificate store. |
deployment.system.security.trusted.clientauthcerts |
String | "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.clientcerts" |
System-level Client Authentication certificate store. |
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.security.level | String | HIGH |
|
deployment.webjava.enabled | Boolean | true | Must be "true" to run applets or Java Web Start applications. |
deployment.insecure.jres |
String | "PROMPT" |
|
deployment.expiration.check.enabled | Boolean | true | Must be "true" to prompt users to update the JRE when an out-of-date JRE is found on their system. Set to "false" to suppress the prompt. Note: To ensure that the expiration check is disabled, use the -userConfig deployment.expiration.check.enabled false option with the javaws command. If this property is changed in the deployment.properties file, open the Java Control Panel before starting an application to ensure that the native cache is synchronized with the file. Otherwise, the change might be ignored the first time an application is started. |
deployment.security.askgrantdialog.show |
Boolean | true | Must be "true" if the user is allowed to grant permissions at all. |
deployment.security.askgrantdialog.notinca |
Boolean | true | Must be "true" if the user is allowed to grant permissions to certificates that are not issued by a CA in the Root/JSSE CA certificate store. |
deployment.security.jsse.hostmismatch.warning |
Boolean | true | Must be "true" for JSSE HTTPS certificate verification to show host-mismatch warning. |
deployment.security.trusted.policy |
String | "" |
Policy file contains the ceiling policy of permissions granted
to trusted applications and applets. By default this is all
permissions, but by using this configuration setting, a user or
enterprise can configure a lesser set of permissions. |
deployment.security.mixcode |
String | ENABLE |
|
deployment.security.sandbox.awtwarningwindow |
Boolean | true | "true" if the sandbox has awtShowWindowWithoutWarning. |
deployment.security.sandbox.jnlp.enhanced |
Boolean | true | Must be "true" for the user to see and accept JNLP API security dialogs. |
deployment.security.sandbox.selfsigned | String | PROMPT |
|
deployment.security.sandbox.casigned | String | PROMPT |
|
deployment.security.blacklist.check | Boolean | true | Support for blacklisting signed JAR files that contain serious security vulnerabilities. deployment.security.blacklist.check is used to toggle this behaviour. For more information visit Blacklist Feature. |
deployment.security.revocation.check | String | ALL_CERTIFICATES |
|
deployment.security.validation.ocsp | Boolean | true | Specifies whether Online Certificate Status Protocol is enabled. |
deployment.security.validation.ocsp.url | String | null | Specifies a url string pointing to an OCSP response server. |
deployment.security.validation.ocsp.signer | String | null | Points to a OCSP response singer certificate subject name. |
deployment.security.validation.crl | Boolean | true | Specifies whether to use certificate revocation list. |
deployment.security.validation.crl.url | String | null | Specifies a URL in the Certificate Revocation List to perform a certificate validation. |
deployment.security.validation.clockskew | int | 900 | Acceptable time difference, in seconds, between the system clock and the clock on the server used for revocation checks. If the property is not set, or the value is negative, the default of 900 seconds (15 minutes) is used. |
deployment.security.validation.timeout | int | 15 | Maximum time, in seconds, that the system attempts to connect to the server for revocation checks before timing out. If the property is not set, or the value is negative, the default of 15 seconds is used. To never time out, set the property to 0. |
deployment.security.authenticator |
Boolean | true | Normally Plug-in and Web Start install an Authenticator to handle
communication with Authenticating web pages or Authenticating
proxies. This is the default behavior (true). This option can be
used to turn the normal behavior off if, for example, an
application communicates itself with an authenticating web page and
needs to install it's own Authenticator. |
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.proxy.type |
int | 3 for PROX_TYPE_BROWSER |
This is for the type of proxy that should be use. The choices are: PROX_TYPE_UNKNOWN = -1; |
deployment.proxy.same |
Boolean | false | This parameter (true) says to use the same web server and port
for https and ftp as is configured for http. (This is only valid if
deployment.proxy.type = PROX_TYPE_MANUAL.) |
deployment.proxy.auto.config.url | String | (no default) | URL for auto-Auto proxy configuration JavaScript.proxy configuration JavaScript. |
deployment.proxy.bypass.list | String | (no default) | List of host names that should bypass the proxy. Each host name is delimited by a comma in the property; e.g., "192.168.1.100,localhost,example.com" |
deployment.proxy.bypass.local | String | (no default) |
All local hosts should be bypassed. |
deployment.proxy.http.host | String | (no default) | HTTP proxy hostname. |
deployment.proxy.http.port | String | (no default) | HTTP proxy port. |
deployment.proxy.https.host | String | (no default) | HTTPS proxy hostname. |
deployment.proxy.https.port | String | (no default) | HTTPS proxy port. |
deployment.proxy.ftp.host | String | (no default) | FTP proxy hostname. |
deployment.proxy.ftp.port | String | (no default) | FTP proxy port. |
deployment.proxy.socks.host | String | (no default) | SOCKS v4 proxy hostname. |
deployment.proxy.socks.port | String | (no default) | SOCKS v4 proxy port. |
deployment.proxy.override.hosts |
String | "" | Proxy overridden list. |
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.cache.max.size |
int | "-1" |
Maximum size of deployment cache in MB. This is the cache size for each cache: Java Web Start and Java Plug-in. "0"-Disables caching in Java Plug-in; cache size in Java Web Start will be unlimited. "-1"-For unlimited cache size. |
deployment.cache.jarcompression |
String | 0 |
0-9 compression ratio to be used in applet jar compression. |
deployment.javapi.cache.enabled |
Boolean | false | Specifies if cache should be disabled. false means it should not be disabled. |
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.console.startup.mode |
String |
"HIDE" |
The choices are:
|
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.trace | Boolean | false | Enable tracing. |
deployment.log |
Boolean | false | Enable logging. |
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.javaws.associations | int | 2 |
The JNLP associations. The choices are: ASSOCIATION_NEVER = 0; |
Property Key | Type | Default Value | Description |
---|---|---|---|
|
String | "ASK_IF_HINTED" |
This relates to creating a desktop shortcut for Java Web Start. The choices are:
|
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.browser.path |
String | "<No Browser Selected>" |
This is the path to the browser for showing web pages from the application viewer, the About Box, and Web Start applications. Note that this property is used for Solaris and Linux only. On Widows, this property is ignored, and the default browser is determined the same way it is by any other application that launches a browser on Windows. |
Property Key | Type | Default Value | Description |
---|---|---|---|
deployment.javaws.update.timeout | int | 500 | Units are milliseconds. |