The Free Javaws Implementation in IcedTea Omair Majid Associate - PowerPoint PPT Presentation

The Free Javaws Implementation in IcedTea Omair Majid Associate Software Engineer Red Hat 2011-02-05 1

Overview of the Talk ● Background about JNLP ● Netx's Architecture ● Recent developments in Netx ● Future 2

Background 3

What's the name again? ● Java Network Launching Protocol ● Java Web Start 4

Overview of JNLP A way to run Java applications securely without installing them 5

Running JNLPs - Hyperlinks 6

Running JNLPs – Command Line 7

The Standard 8

Other Resources ● Java Deployment Documentation ● http://download.oracle.com/javase/6/docs/technotes/guides/jweb/ deployment_advice.html#deployingApplications ● Existing JNLP Applications 9

JNLP Application XML File Jars 10

JNLP File Example 11

Demo ● Show JNLP File ● Show Code ● Run 12

Netx 13

● What Is It? ● Architecture ● Components in Depth ● Netx and the Plugin 14

Netx ● Originally at http://jnlp.sourceforge.net/netx/ ● Last updated in 2003 ● Designed as a library ● About 18k lines of Java 15

Netx ● Imported into IcedTea in 2008 ● The default javaws implementation in most distributions ● About 27k lines of code 16

Overall Architecture 17

Overall Architecture 18

Parser Parses a JNLP (an XML file) and converts it into a set of java objects 19

JNLPFile InformationDesc ResourcesDesc JARDesc ApplicationDesc 20

Parser ● The main class is net.sourceforge.jnlp.Parser ● Most of the code is under net.sourceforge.jnlp ● Elements are named <element>Desc 21

Parser Uses (in-tree) NanoXML to parse ... and lives with the consequences 22

ClassLoader Application JNLPClassLoader Bootstrap ClassLoader 23

ClassLoaders - Lazy Download Jars only when needed 24

ClassLoader - Security Along with loading classes, associates permissions with them 25

Cache ● Recall that applications are not installed ● File are cached in ~/.icedtea/cache/ 26

Cache - Downloading ● Multiple threads spawned ● Each file goes through multiple states to arrive at ● Error ● Or Downloaded 27

Verifier Verifier Keystore 28

Services Allow unsigned applications to break the sandbox (securely) 29

Services Access to Files 30

Services - Integration 31

32

Secure GUI 33

Security Manager ● Custom security manager ● Allows some permissions ● Custom policy can be defined 34

Security/ClassLoader/Verifier Demo 35

Service Demo 36

Netx and the Plugin The plugin relies on Netx for most of its non browser functionality 37

38

Plugin in the component framework 39

Recent Developments in Netx 40

Versioned/Packed Jars – Sever Side ● Server-side ● content-encoding ● version-id 41

Versioned/Packed Jars – Client Side test__V1.56.3.0x0.pack.gz test.jar test.jar 42

Support for deployment.properties ● Allows configuring almost every part of netx ● Described at ● http://download.oracle.com/javase/6/docs/technotes/gui des/deployment/deployment-guide/contents.html 43

Deployment.properties ● Located at ~/.icedtea/deployment.properties ● Key-value pairs in the standard properties file format 44

Proxy Support ● Read proxy settings from deployment.properites ● Or Firefox's preferences 45

Custom Policies ● Possible to sandbox trusted applications ● Possible to grant untrusted applications some permissions 46

TagSoup-based Parser ● Instead of a XML parser, use a html parser 47

The Future ● Better compatibility ● Implement missing JNLP API services ● Use libproxy ● Better system integration ● Stuff Deepak mentioned... 48

Questions 49