Troubleshooting
Problem
When downloading IBM WebSphere/Rational Host On-Demand clients with Sun Java 1.6.0_19 and higher, a pop up security warning states: Java has discovered application components that could indicate a security concern.
Symptom
With Sun Java 1.6.0_19 and higher, if the application or applet being downloaded has both signed and unsigned components, the following warning dialog is displayed:
Java has discovered application components that could indicate a security concern.
Cause
Sun java 1.6.0_19 and higher detects whether components of an application or applet are signed or unsigned.
The Host On Demand cached client or Webstart client at 10.0.6.0 and higher are not affected as they do not have mixed code in the applet. Prior to Host On-Demand 10.0.6.0, Java 1.6.0_19 and higher might detect mixed code in the cached client and Webstart client.
In a download client (all levels of Host On-Demand), the components are downloaded to the workstation's hard disk at the time referenced and leaves the caching decisions to browser settings. This involves mixed code and java will throw a warning.
During the download Java detects certain file types and the warning is displayed. The types we know about for Host On-Demand detected are:
- .class
- .fnt
- .gif
- .cf
- .p12
- .properties
- .txt
- .obj
If the client includes Additional Archives which are unsigned, Java will also detect these files regardless of Host On-Demand level and client type.
This is not a bug in Host On-Demand, but development is currently working on a solution to put the components in a signed jar file. Target for the update is unknown at this time.
Resolving The Problem
Following are several different options to handle the prompt or prevent the prompt from displaying:
- For Host On-Demand to appear as before, the user should click No on the above pop up.
If you select Yes, Host On-Demand might continue to work and any other detected files will be blocked. Buttons and descriptors will have string text instead of the correct text similar to the following for the logon prompt::
- To prevent the warning during the download of the client, and the client is created with the Deployment Wizard you can select a specific language instead of using the default of 'Use the system locale' option. Select Advanced Options button on the Additional Options page. Expand Other on the left, then select Languages. Select the appropriate language for your clients. This will not prevent the warning if other file types are detected.
- To prevent this pop up from appearing every time the Host On-Demand download client or Administration Utility is accessed, you can change the value of the mixed mode security verification in the Java control panel.
For Windows platform, open the Java control panel (Start ->Control Panel->Java), select the Advanced tab, expand Security, then "Mixed code security verification" and select the second option: "Enable - hide warning and run with protections".
For Linux platform, first cd to <Java home>/bin directory and enter ./ControlPanel. Once in the Control Panel, click on Advanced tab, then expand Security. Then select either Enable - hide warning and run with protections or Disable Verification.
Making this selection is the same as selecting No on the pop up panel. Be aware this will affect all Java applications and applets that execute on the client machine
- If the clients are restricted to change the Java control panel, a system wide deployment property can be set and deployed to the client machines to avoid the warning message from being displayed.
- For the Microsoft Windows platforms:
Add deployment.config file (if it does not already exist) in either C:\Windows\Sun\Java\Deployment
or
C:\Program Files\Java\jre6\lib
The contents of deployment.config file should be:
deployment.system.config=file:\C:/deploy/deployment.properties
deployment.system.config.mandatory=false
For the Linux platform,
deployment.config file needs to be placed in:
/etc/.java/deployment/deployment.config
or
${deployment.java.home}/lib/deployment.config where ${deployment.java.home} is the location of the JRE from which the deployment products are run.
- Add deployment.properties to the URL specified in deployment.config file
deployment.properties file, in this example is located at C:/deploy and contains the following.
deployment.security.mixcode=HIDE_RUN
OR
deployment.security.mixcode=DISABLE
The administrator could then distribute these two files to the client machines to prevent the warning message every time Host On-Demand is accessed.
The following link provides more information about the deployment.property file and deployment.config file.
http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/properties.html
Error : Java has discovered application components that could indicate a security concern.
http://www.java.com/en/download/help/error_mixedcode.xml
NOTE: The Host On-Demand development team is repackaging the clients to avoid this issue and is scheduled to be available 10.0.9.0. This is now available in HOD 11.0.3. Refer to the follow for details to download: 4028826: IBM Rational Host On-Demand V11.0.3.0 Manufacturing Refresh.
Was this topic helpful?
Document Information
Modified date:
19 April 2021
UID
swg21427068