System- and User-Level Properties (original) (raw)

The deployment.properties file is used for storing and retrieving deployment configuration properties in the Java Control Panel. They are also used for customizing runtime behavior for both Java Plug-in and Java Web Start.

There is always a User-Level deployment.properties file. Its location, which is non-configurable, is described below. There may also be an (optional) System-Level deployment.properties file. If it exists, its location is determined by a System Administrator through the deployment.config file as described below.

For user jsmith running on Windows 2000/XP, the deployment.properties file would be located as follows:

For user bjones running on Unix, the deployment.properties file would be located as follows:

The deployment.config file is used for specifying the System-Level deployment.properties in the infrastructure. By default no deployment.config file exists; thus, no system-wide deployment.properties file exists. If deployment.config exists, it is located either here

(${deployment.java.home} is the location of the jre from which the deployment products are run. Deployment products include Java Web Start, Java Plug-in, Java Control Panel ...)

deployment.config (if it exists) contains two properties: deployment.system.config and deployment.system.config.mandatory.

deployment.system.config is the URL to the system (enterprise-wide) deployment.properties file. It can be used by system administrators to centrally administrate or "lock-down" user-specific configuration settings.

deployment.system.config.mandatory is a boolean. The default is false. If false, there will be an attempt to load the deployment.properties file pointed to by the deployment.system.config URL. If the URL can be found and loaded, it will be used. If true, there will likewise be an attempt to load the system deployment.properties file pointed to by the deployment.system.config URL. If the URL can be found and loaded, it will be used; but if it cannot be found or loaded, then nothing will be allowed to run.

The following table describes the properties that can be set in the deployment.properties file.

Property Key

Type

Default Value

Description

Infrastructure

deployment.user.cachedir

String

"$USER_HOME" +
File.separator + "cache"

User-level cache directory.

deployment.system.cachedir

String

null

System-level cache directory.

deployment.user.logdir

String

"$USER_HOME" + File.separator + "log"

User-level log directory.

deployment.user.tmp

String

"$USER_HOME" +
File.separator + "tmp";

Temporary user directory.

Certificate stores and policy files

deployment.user.security.policy

String

"file://$USER_HOME/security/java.policy"

User-level security policy file. The protocol of URL is either file, HTTP, or HTTPS.

deployment.user.security.trusted.cacerts

String

"$USER_HOME" + File.separator + "security" + File.separator + "trusted.cacerts";

User-level Root CA certificate store.

deployment.user.security.trusted.jssecacerts

String

"$USER_HOME" + File.separator + "security" + File.separator + "trusted.jssecacerts"

User-level JSSE CA certificate store.

deployment.user.security.trusted.certs

String

"$USER_HOME" + File.separator + "security" + File.separator + "trusted.certs"

User-level Trusted signer certificate store.

deployment.user.security.trusted.jssecerts

String

"$USER_HOME" + File.separator + "security" + File.separator + "trusted.jssecerts";

User-level Trusted JSSE certificate store.

deployment.user.security.trusted.clientauthcerts

String

"$USER_HOME" + File.separator + "security" + File.separator + "trusted.clientcerts"

User-level Client Authentication certificate store.

deployment.system.security.policy

String

null

System-level security policy file. The protocol of URL is either file, HTTP, or HTTPS.

deployment.system.security.cacerts

String

"$JAVA_HOME" + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts"

System-level Root CA certificate store.

deployment.system.security.jssecacerts

String

"$JAVA_HOME" + File.separator + "lib" + File.separator + "security" + File.separator + "jssecacerts";

System-level JSSE CA certificate store.

deployment.system.security.trusted.certs

String

"$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.certs"

System-level Signer certificate store.

deployment.system.security.trusted.jssecerts

String

"$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.jssecerts"

System-level JSSE certificate store.

deployment.system.security.trusted.clientauthcerts

String

"$SYSTEM_HOME" + File.separator + "security" + File.separator + "trusted.clientcerts"

System-level Client Authentication certificate store.

Security Access And Control settings

deployment.security.askgrantdialog.show

String

true

Must be "true" if the user is allowed to grant permissions at all.

deployment.security.askgrantdialog.notinca

String

true

Must be "true" if the user is allowed to grant permissions to certificates that are not issued by a CA in the Root/JSSE CA certificate store.

deployment.security.notinca.warning

String

true

Must be "true" for certificate dialog to show not-in-root-ca warning.

deployment.security.expired.warning

String

true

Must be "true" for certificate dialog to show certificate-expired warning.

deployment.security.jsse.hostmismatch.warning

String

true

Must be "true" for JSSE HTTPS certificate verification to show host-mismatch warning.

deployment.security.trusted.policy

String

""

Policy file contains the ceiling policy of permissions granted to trusted applications and applets. By default this is all permissions, but by using this configuration setting, a user or enterprise can configure a lesser set of permissions.

deployment.security.sandbox.awtwarningwindow

String

true

"true" if the sandbox has awtShowWindowWithoutWarning.

deployment.security.sandbox.jnlp.enhanced

String

true

Must be "true" for the user to see and accept JNLP api security dialogs.

deployment.security.authenticator

String

true

Normally plugin and webstart install an Authenticator to handle communication with Authenticating webpages or Authenticating proxies. This is the default behavior (true). This option can be used to turn the normal behavior off if, for example, an application communicates itself with an authenticating web page and needs to install it's own Authenticator.

Networking

deployment.proxy.type

int

3 for PROX_TYPE_BROWSER

This is for the type of proxy that should be use. The choices are:

PROX_TYPE_UNKNOWN = -1;
PROX_TYPE_NONE = 0;
PROX_TYPE_MANUAL = 1;
PROX_TYPE_AUTO = 2; and
PROX_TYPE_BROWSER = 3;

deployment.proxy.same

boolean

false

This parameter (true) says to use the same web server and port for https and ftp as is configured for http. (This is only valid if deployment.proxy.type = PROX_TYPE_MANUAL.)

deployment.proxy.auto.config.url

String

(no default)

URL for auto-Auto proxy configuration JavaScript.proxy configuration JavaScript.

deployment.proxy.bypass.list

String

(no default)

List of hostnames that should bypass the proxy. Each hostname is delimited by a comma in the property; e.g., "192.168.1.100,localhost,sun.com"

deployment.proxy.bypass.local

String

(no default)

All local hosts should be bypassed.

deployment.proxy.http.host

String

(no default)

HTTP proxy hostname.

deployment.proxy.http.port

String

(no default)

HTTP proxy port.

deployment.proxy.https.host

String

(no default)

HTTPS proxy hostname.

deployment.proxy.https.port

String

(no default)

HTTPS proxy port.

deployment.proxy.ftp.host

String

(no default)

FTP proxy hostname.

deployment.proxy.ftp.port

String

(no default)

FTP proxy port.

deployment.proxy.socks.host

String

(no default)

SOCKS v4 proxy hostname.

deployment.proxy.socks.port

String

(no default)

SOCKS v4 proxy port.

deployment.proxy.override.hosts

String

""

Proxy overridden list.

Cache and Optional Package Repository

deployment.cache.max.size

String

"-1"

Maximum size of deployment cache in MB. This is the cache size for each cache: Java Web Start and Java Plug-in.

"0"—Disables caching in Java Plug-in; cache size in Java Web Start will be unlimited.

"-1"—For unlimited cache size.

deployment.cache.jarcompression

String

0

0-9 compression ratio to be used in applet jar compression.

deployment.javapi.cache.enabled

String

false

Specifies if cache should be disabled. false means it should not be disabled.

Java Console

deployment.console.startup.mode

String

"HIDE"

The choices are:

• "HIDE" to hide the Java Console;
• "SHOW" to show the Java Console;
• "DISABLE" to disable the Java Console;

Tracing and Logging

deployment.trace

String

false

Enbable tracing.

deployment.log

String

false

Enable logging.

Java Web Start: JNLP Association

deployment.javaws.associations

int

2

The JNLP associations. The choices are:

ASSOCIATION_NEVER = 0;
ASSOCIATION_NEW_ONLY = 1;
ASSOCIATION_ASK_USER = 2;
ASSOCIATION_REPLACE_ASK = 3;

Java Web Start: Desktop Integration

deployment.javaws.shortcut

String

"ASK_IF_HINTED"

This relates to creating a desktop shortcut for Java Web Start. The choices are:

• "NEVER"
• "ALWAYS"
• "ASK_USER"
• "ASK_IF_HINTED"
• "ALWAYS_IF_HINTED"

Java Web Start JRE Selections

deployment.javaws.installURL

String

"http://java.sun.com/products/autodl/j2se"

The autodownload URL.

Java Web Start JRE management

deployment.javaws.autodownload

String

"ALWAYS"

This sets the choices for autodownloading. The choices are:

• "ALWAYS"
• "PROMPT"
• "NEVER"

Browser selection and path

String

""

This is the path to the browser for showing web pages from the application viewer, the About Box, and webstart applications.

Note that this property is used for Solaris and Linux only. On Widows, this property is ignored, and the default browser is determined the same way it is by any other application that launches a browser on Windows.

Check for update Timeout

deployment.javaws.update.timeout

int

500

Units are miliseconds.