|
For security, users are prompted for permission to run an RIA before launching for the first time, even if the application is signed or doesn't require access outside of the security sandbox. The prompt includes the following information, depending on the RIA being run:
For a description of the prompts, see What should I do when I see a security prompt from Java?
Users are also warned if they are running an out-of-date JRE and are given the opportunity to update to the latest version before running an application. Users can also choose to run with the JRE on their system, or to block the application from running.
The security settings in the Java Control Panel and the version of the JRE determine if users are given the opportunity to run RIAs. The default setting of High permits all but local applets to run on the current JRE with the user's permission. If the the user is running an out-of-date JRE, which is a JRE that is expired or below the security baseline, only applications signed with a certificate issued by a recognized certificate authority will be run with the user's permission.
Signing your RIA provides the user with a level of trust. Consider the following when preparing your application for deployment:
The best user experience is provided by an application that is signed with a certificate issued by a recognized certificate authority.
Self-signed and unsigned applications require additional steps by the user before the application is launched.
Self-signed applications are useful when developing and testing an application. However, a certificate from a recognized certificate authority is recommended for deploying to end users.
Signed applications can be either privileged applications or sandbox applications. Privileged applications are provided unrestricted access to resources on the user's system. Sandbox applications are restricted to the Java security sandbox. Unsigned applications are restricted to the sandbox.
|
