If you're a Mac user and access javafx.com pages with embedded applets,, such as the JavaFX samples or documents on the Learn page, you may have noticed a new warning popping up, even for applets you've run before:
This new dialog box is appearing because Apple has changed to a
site/URL-based security model in one of its recent Java updates. You
can keep this message from popping up repeatedly by selecting the
checkbox that says Allow all applets from "javafx.com" access.
This is understandable. However, before this change, I never saw "requesting access to your computer." So what was happening before, what is happening now, what does it mean to allow unrestricted access to the computer?
Posted by MIke on July 01, 2009 at 04:16 AM PDT #
Hi Mike,
Thanks for your question. With previous updates of Java for Mac OS X, unless the applet was cached you would still see a Trust dialog box, but the wording was different, and "unrestricted access" was in the fine print:
"This applet was signed by "JavaFX Runtime," but Java cannot verify the authenticity of the signature's certificate. Click Trust to run this applet and allow it unrestricted access to your computer."
In other words, before the change, the dialog wording was more about the signed applet. The new dialog wording is more focused on the website URL.
For technical information about Java for Mac OS X v10.5 Update 4, see Apple support documentation at this URL and the links it contains:
http://support.apple.com/kb/HT3581
Posted by Nancy Hildebrandt (JavaFX technical writer) on July 01, 2009 at 12:59 PM PDT #
so how come this message doesn't appear in windows?
(is that a side effect because mac's jre is "old")
oh - and does unrestricted access mean it could write to my harddrive without asking for further permissions?
Posted by hansi on July 01, 2009 at 06:33 PM PDT #
Here are answers from one of Sun's deployment engineers:
1. so how come this message doesn't appear in windows?
It doesn't happen on Windows because the JavaFX runtime is signed by a SUN pre-trusted cert, and running on a SUN JRE (Windows, Solaris, Linux) won't show the dialog, because of the new pre-trusted feature in Java SE 6 update 10 or above.
2. oh - and does unrestricted access mean it could write to my harddrive without asking for further permissions?
Yes - unrestricted access means it could write to your hard drive without asking for further permissions. But you have to notice where the dialog box is coming from. On Mac OS X, it can be triggered by either the applet code itself or the JavaFX runtime code.
The JavaFX runtime is always signed and needs all-permission to work correctly. The applet code can be signed or unsigned. So on Mac, an unsigned JavaFX applet will pop up the security dialog too. But it only means the JavaFX runtime has all-permissions; the applet code still runs in the sandbox because the applet is unsigned itself.
Posted by Nancy Hildebrandt (JavaFX technical writer) on July 02, 2009 at 03:29 PM PDT #
The whole process of showing the popup window and making me click it before I can execute a JavaFX application is very annoying. Compare that to Ajax, Flash, Silverlight: no popup, no warning, just smoothly going into the application.
Unless JavaFX enables a similarly smooth application launch, the technology will always have the feeling of an old-school RIA technology. Is there chance to just launch an application without the popup? Would the popup still show, if the application is digitally signed?
Posted by Raju Bitter on July 10, 2009 at 12:23 PM PDT #
I was wondering if you could tell me how to change the decision I made. I decided to click the 'deny' button for some reason, and i now need to download something from the site. It was the Adobe website if that helps. How do I make it allow a download from the said site?
Posted by BorT on August 14, 2009 at 05:25 PM PDT #
Yeah,saw this pop up and research for it.At first,i thought there was something wrong but after my research i found out this change for security purposes.
Posted by digitalmind computers on October 14, 2009 at 11:00 PM PDT #