Documentation Contents

Deployment Configuration File and Properties

This page covers the following topics:

Overview

The deployment.properties file is used for storing and retrieving deployment configuration properties in the Java Control Panel. They are also used for customizing runtime behavior for both Java Plug-in and Java Web Start.

There is always a User-Level deployment.properties file. Its location, which is non-configurable, is described below. There may also be an (optional) System-Level deployment.properties file. If it exists, its location is determined by a System Administrator through the deployment.config file as described below.

Deployment Configuration File (deployment.properties)

User Level

The User-Level deployment.properties file is located as follows:

Operating System
Location
Windows <User Application Data Folder>\Sun\Java\Deployment\deployment.properties
Unix ${user.home}/.java/deployment/deployment.properties

(${user.home} is typically home/<username>.)

Examples:

For user jsmith running on Windows 2000/XP, the deployment.properties file would be located as follows:

C:\Documents and Settings\jsmith\Application Data\Sun\Java\Deployment\deployment.properties

For user bjones running on Unix, the deployment.properties file would be located as follows:

/home/bjones/.java/deployment/deployment.properties

System Level

The deployment.config file is used for specifying the System-Level deployment.properties in the infrastructure. By default no deployment.config file exists; thus, no system-wide deployment.properties file exists. If deployment.config exists, it is located either here

Operating System
Location
Windows <Windows Directory>\Sun\Java\Deployment\deployment.config
Unix /etc/.java/deployment/deployment.config

or here

Operating System
Location
Windows ${deployment.java.home}\lib\deployment.config
Unix ${deployment.java.home}/lib/deployment.config

(${deployment.java.home} is the location of the jre from which the deployment products are run. Deployment products include Java Web Start, Java Plug-in, Java Control Panel ...)

deployment.config (if it exists) contains two properties: deployment.system.config and deployment.system.config.mandatory.

deployment.system.config is the URL to the system (enterprise-wide) deployment.properties file. It can be used by system administrators to centrally administrate or "lock-down" user-specific configuration settings.

deployment.system.config.mandatory is a boolean. The default is false. If false, there will be an attempt to load the deployment.properties file pointed to by the deployment.system.config URL. If the URL can be found and loaded, it will be used. If true, there will likewise be an attempt to load the system deployment.properties file pointed to by the deployment.system.config URL. If the URL can be found and loaded, it will be used; but if it cannot be found or loaded, then nothing will be allowed to run.

Deployment Configuration Properties

The following table describes the properties that can be set in the deployment.properties file.

Note: Any system deployment property, say SomeKey=SomeValue, may be locked by including another key, SomeKey.locked. The key SomeKey.locked may or may not be set to a value; in either case, SomeKey=SomeValue will be locked so that the user cannot change it. If a system deployment property is not locked, then a user will be allowed to change it.

Infrastructure

Property Key
Type
Default Value
Description
deployment.user.cachedir
String "$USER_HOME" +
File.separator + "cache"
User-level cache directory.
deployment.system.cachedir
String null System-level cache directory.
deployment.user.logdir String "$USER_HOME" + File.separator + "log" User-level log directory.
deployment.user.tmp
String "$USER_HOME" +
File.separator + "tmp";
Temporary user directory.

Certificate stores and policy files

Property Key
Type
Default Value
Description
deployment.user.security.policy
String "file://$USER_HOME/security/java.policy"

User-level security policy file. The protocol of URL is either file, HTTP, or HTTPS.

deployment.user.security.trusted.cacerts

String "$USER_HOME" + File.separator + "security" + File.separator + "trusted.cacerts";

User-level Root CA certificate store.

deployment.user.security.trusted.jssecacerts

String "$USER_HOME" + File.separator + "security" + File.separator + "trusted.jssecacerts"

User-level JSSE CA certificate store.

deployment.user.security.trusted.certs

String "$USER_HOME" + File.separator + "security" + File.separator + "trusted.certs"

User-level Trusted signer certificate store.

deployment.user.security.trusted.jssecerts

String "$USER_HOME" + File.separator + "security" + File.separator + "trusted.jssecerts";

User-level Trusted JSSE certificate store.

deployment.user.security.trusted.clientauthcerts

String "$USER_HOME" + File.separator + "security" + File.separator + "trusted.clientcerts"

User-level Client Authentication certificate store.

deployment.system.security.policy

String null

System-level security policy file. The protocol of URL is either file, HTTP, or HTTPS.

deployment.system.security.cacerts

String "$JAVA_HOME" + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts"

System-level Root CA certificate store.

deployment.system.security.jssecacerts

String "$JAVA_HOME" + File.separator + "lib" + File.separator + "security" + File.separator + "jssecacerts";

System-level JSSE CA certificate store.

deployment.system.security.trusted.certs

String "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.certs"

System-level Signer certificate store.

deployment.system.security.trusted.jssecerts

String "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.jssecerts"

System-level JSSE certificate store.

deployment.system.security.trusted.clientauthcerts

String "$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.clientcerts"

System-level Client Authentication certificate store.

Security Access And Control settings

Property Key
Type
Default Value
Description

deployment.insecure.jres

String "PROMPT"
  • "NEVER": Untrusted content will always run with the default JRE
  • "PROMPT": Prompt user before using insecure JRE versions; users will see the new warning dialogs
  • "ALWAYS": Untrusted content will run with the requested JRE without any prompting
You can specify this value with the Java Control Panel Advanced tab setting, Insecure JRE versions.

deployment.security.askgrantdialog.show

String true Must be "true" if the user is allowed to grant permissions at all.

deployment.security.askgrantdialog.notinca

String true Must be "true" if the user is allowed to grant permissions to certificates that are not issued by a CA in the Root/JSSE CA certificate store.

deployment.security.jsse.hostmismatch.warning

String true Must be "true" for JSSE HTTPS certificate verification to show host-mismatch warning.

deployment.security.trusted.policy

String ""

Policy file contains the ceiling policy of permissions granted to trusted applications and applets. By default this is all permissions, but by using this configuration setting, a user or enterprise can configure a lesser set of permissions.

deployment.security.mixcode

String ENABLE "ENABLE" enables the software to test for mixing trusted and untrusted code and, when potentially unsafe components are detected, raises a warning dialog. "HIDE_RUN" suppresses the warning dialog and, if potentially unsafe components are detected, behaves as if the user had clicked No in the warning dialog - the applet or application continues running with some added protections. "HIDE_CANCEL" suppresses the warning dialog and behaves as if the user had clicked Yes in the warning dialog - potentially unsafe components are blocked from running and the program may terminate. "DISABLE" (not recommended) disables the software from checking for mixing trusted and untrusted code, leaving the user to run potentially unsafe code with no warning and without the additional protections.

deployment.security.sandbox.awtwarningwindow

String true "true" if the sandbox has awtShowWindowWithoutWarning.

deployment.security.sandbox.jnlp.enhanced

String true Must be "true" for the user to see and accept JNLP API security dialogs.
deployment.security.validation.ocsp Boolean false Specifies whether Online Certificate Status Protocol is enabled.
deployment.security.validation.ocsp.url String null Specifies a url string pointing to an OCSP response server.
deployment.security.validation.ocsp.signer String null Points to a OCSP response singer certificate subject name.
deployment.security.validation.crl Boolean false Specifies whether to use certificate revocation list.
deployment.security.validation.crl.url String null Specifies a URL in the Certificate Revocation List to perform a certificate validation.
deployment.security.authenticator
String true Normally Plug-in and Web Start install an Authenticator to handle communication with Authenticating web pages or Authenticating proxies. This is the default behavior (true). This option can be used to turn the normal behavior off if, for example, an application communicates itself with an authenticating web page and needs to install it's own Authenticator.

Networking

Property Key
Type
Default Value
Description

deployment.proxy.type

int 3 for PROX_TYPE_BROWSER

This is for the type of proxy that should be use. The choices are:

PROX_TYPE_UNKNOWN = -1;
PROX_TYPE_NONE = 0;
PROX_TYPE_MANUAL = 1;
PROX_TYPE_AUTO = 2; and
PROX_TYPE_BROWSER = 3;

deployment.proxy.same

boolean false This parameter (true) says to use the same web server and port for https and ftp as is configured for http. (This is only valid if deployment.proxy.type = PROX_TYPE_MANUAL.)
deployment.proxy.auto.config.url String (no default) URL for auto-Auto proxy configuration JavaScript.proxy configuration JavaScript.
deployment.proxy.bypass.list String (no default) List of host names that should bypass the proxy. Each host name is delimited by a comma in the property; e.g., "192.168.1.100,localhost,example.com"
deployment.proxy.bypass.local String (no default)

All local hosts should be bypassed.

deployment.proxy.http.host String (no default) HTTP proxy hostname.
deployment.proxy.http.port String (no default) HTTP proxy port.
deployment.proxy.https.host String (no default) HTTPS proxy hostname.
deployment.proxy.https.port String (no default) HTTPS proxy port.
deployment.proxy.ftp.host String (no default) FTP proxy hostname.
deployment.proxy.ftp.port String (no default) FTP proxy port.
deployment.proxy.socks.host String (no default) SOCKS v4 proxy hostname.
deployment.proxy.socks.port String (no default) SOCKS v4 proxy port.
deployment.proxy.override.hosts
String "" Proxy overridden list.

Cache and Optional Package Repository

Property Key
Type
Default Value
Description
deployment.cache.max.size
String "-1"

Maximum size of deployment cache in MB. This is the cache size for each cache: Java Web Start and Java Plug-in.

"0"-Disables caching in Java Plug-in; cache size in Java Web Start will be unlimited.

"-1"-For unlimited cache size.

deployment.cache.jarcompression
String 0

0-9 compression ratio to be used in applet jar compression.

deployment.cache.enabled
String false Specifies if cache should be disabled. false means it should not be disabled.

Java Console

Property Key
Type
Default Value
Description

deployment.console.startup.mode

String

"HIDE"

The choices are:

  • "HIDE" to hide the Java Console;
  • "SHOW" to show the Java Console;
  • "DISABLE" to disable the Java Console;

Tracing and Logging

Property Key
Type
Default Value
Description
deployment.trace String false Enable tracing.
deployment.log
String false Enable logging.

Java Web Start: JNLP Association

Property Key
Type
Default Value
Description
deployment.javaws.associations int 2

The JNLP associations. The choices are:

ASSOCIATION_NEVER = 0;
ASSOCIATION_NEW_ONLY = 1;
ASSOCIATION_ASK_USER = 2;
ASSOCIATION_REPLACE_ASK = 3;

Java Web Start: Desktop Integration

Property Key
Type
Default Value
Description


deployment.javaws.shortcut

String "ASK_IF_HINTED"

This relates to creating a desktop shortcut for Java Web Start. The choices are:

  • "NEVER"
  • "ALWAYS"
  • "ASK_USER"
  • "ASK_IF_HINTED"
  • "ALWAYS_IF_HINTED"

Java Web Start JRE Selections

Property Key
Type
Default Value
Description

deployment.javaws.installURL

String "http://java.sun.com/products/autodl/j2se"

The autodownload URL.

Java Web Start JRE management

Property Key
Type
Default Value
Description

deployment.javaws.autodownload

String "ALWAYS"

This sets the choices for autodownloading. The choices are:

  • "ALWAYS"
  • "PROMPT"
  • "NEVER"

Browser selection and path

Property Key
Type
Default Value
Description

deployment.browser.path

String "<No Browser Selected>"

This is the path to the browser for showing web pages from the application viewer, the About Box, and Web Start applications.

Note that this property is used for Solaris and Linux only. On Widows, this property is ignored, and the default browser is determined the same way it is by any other application that launches a browser on Windows.

Check for update Timeout

Property Key
Type
Default Value
Description
deployment.javaws.update.timeout int 500 Units are milliseconds.

Oracle and/or its affiliates Copyright © 1993, 2012, Oracle and/or its affiliates. All rights reserved.
Contact Us