JavaRuleSetter


JavaRuleSetter

12/02/15. Version final

JavaRuleSetter

JavaRuleSetter is a graphic tool created in Java that makes it easier to create Deployment Rule Sets in Java, and allows its management in a graphical environment.

Oracle introduced the Deployment Rule Sets in Java in its version Java7u40. This rules allow to create white and black lists for applets that may or not be executed in the browser. Depending on the applet characteristics, Deployment Rule Sets would block or allow the execution. It could be seen as a “Java applet firewall”.

To create the Deployment Rule Sets, it is necessary to work in the command line and commit this steps:

  • Create a ruleset in xml (syntax has to be known).
  • Compile it with Java.
  • Sign it with a self generated certificate.
  • Add the certificate to the repository.
  • Copy the signed file where Java expects it to be.

This tool (created in Java, so it works under any operating system) allows the creation of these rules in a graphic environment, so it is much easier for a user and going through all these steps with just a click. Moreover, it allows the creation of rules in a more granular way through its advanced mode.

The basic creation of rules is defined here:

“Blocking everything else” allows to create a generic tool that will avoid any applet to execute in the browser.

JavaRuleSetter

With this tool, this message will appear every time an applet tries to be executed from the browser.

JavaRuleSetter

To add a rule that allows execution per domain, for example, a new rule like this may be added:

JavaRuleSetter

It will be added to the main window:

JavaRuleSetter

After applying the changes, the certificate will be generated, it will be added to the trust repository and the signed file with the rules will be copied to the place Java expects it to be.

To create more advanced rules, advanced mode may be used.

JavaRuleSetter

To deeply get to know the Deployment Rule Set system and take full advantage of the tool, we recommend reading this official documentation:

http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/deployment_rules.html