12/02/15. Version final
JavaRuleSetter is a graphic tool created in Java that makes it easier to create Deployment Rule Sets in Java, and allows its management in a graphical environment.
Oracle introduced the Deployment Rule Sets in Java in its version Java7u40. This rules allow to create white and black lists for applets that may or not be executed in the browser. Depending on the applet characteristics, Deployment Rule Sets would block or allow the execution. It could be seen as a “Java applet firewall”.
To create the Deployment Rule Sets, it is necessary to work in the command line and commit this steps:
- Create a ruleset in xml (syntax has to be known).
- Compile it with Java.
- Sign it with a self generated certificate.
- Add the certificate to the repository.
- Copy the signed file where Java expects it to be.
This tool (created in Java, so it works under any operating system) allows the creation of these rules in a graphic environment, so it is much easier for a user and going through all these steps with just a click. Moreover, it allows the creation of rules in a more granular way through its advanced mode.
The basic creation of rules is defined here:
“Blocking everything else” allows to create a generic tool that will avoid any applet to execute in the browser.
With this tool, this message will appear every time an applet tries to be executed from the browser.
To add a rule that allows execution per domain, for example, a new rule like this may be added:
It will be added to the main window:
After applying the changes, the certificate will be generated, it will be added to the trust repository and the signed file with the rules will be copied to the place Java expects it to be.
To create more advanced rules, advanced mode may be used.
To deeply get to know the Deployment Rule Set system and take full advantage of the tool, we recommend reading this official documentation: