4

we are currently migrating a Java application from Oracle JDK 8 (application code delivered by JNLP) to OpenJDK 11 (application code delivered as runnable along with a Java Runtime). Although we found more or less a working solution in our test environment we still have following issues:

  1. Our application needs JavaFX and we want to use jlink for building. Is it recommended to use the OpenJFX jmods supplied on https://gluonhq.com/products/javafx to build an appropriate jlink image using OpenJDK, or are there other options?

  2. OpenJFX jmods seems to be officially currently only delivered in version 11 (compiled for JDK 11) on gluonhq, whereas Proguard obfuscation does only work for code compiled for JDK's until version 10 (see https://sourceforge.net/p/proguard/feature-requests/188/). It is unsure when Proguard will support version 11 as well. Should we wait until it does, or what options do we have? Would it be a good option to download and build the OpenJFX sources targeted to version 10 (I have no clue if this is possible out of the box), or even to stay with the Oracle 10 JDK binaries and/or its javafx jmod files as long as Proguard does not understand OpenJDK 11 code?

  3. We are further looking for a tool to create user-friendly runnables for Windows and MacOS (e. g. self-extracting executables without registry modifications). javapackager seems to be not available right now (http://openjdk.java.net/jeps/343 planned for OpenJDK 12) and supports neither cross-compilation nor an auto-update mechanism. So we are looking for a tool which can do both a) auto-updating (loading application code or new jlink images dynamically on startup) and b) building runnables for Windows and MacOS. Is there any good tool supporting something similar to the auto-updating mechanism of Oracle's JNLP launcher that is ready for use in production environments?

  4. For JNLP we apply code signing. Is it still recommended and possible to sign a) our application code located in jlink images and b) dynamically loaded application code, both built with JDK11+?

Thank you for helping, Peter.

user27772
  • 522
  • 1
  • 4
  • 18
  • Please keep us up to date when you've found solutions to your questions :) I am in the same boat regarding the third question. Currently I am evaluating Getdown, but I have mixed feelings about this. Getdown itself is a java application, so the user still needs a JRE installed. Also,the project seems to be barely alive, but the alternatives are not better in this regard. There are other things to consider. For example, Java Webstart automatically picked up the proxy settings from the browser, even supporting NTLM authentication. I don't know of any alternative that does that. – Christian Ciach Nov 06 '18 at 13:35
  • @Christian: Ok, to 1.: The jlink files supplied on gluon seems to be pretty well suited (alternatively we could build it from source). To 2., there is some work in progress at Proguard, so we wait patiently :) To 3., we use Inno Setup on Windows and simple handmade .dmg with .app file on MacOS and ignore the Not-Certified-Developer Warnings. Auto-updating the application (plugin .jar) can simply be done via java.util.ServiceLoader, feels quite similar to JWS loading. System/own proxy can be configured using net.properties or own configfile. To 4., we sign only the image, not the plugin .jar. – user27772 Nov 28 '18 at 13:34

1 Answers1

0

For your third question, there's the Open Web Start solution, which enables you to Run JNLP files with the latest Java version. It's an open-source reimplementation of the Java Web Start technology. This replacement provides the most commonly used features of Java Web Start and the JNLP standard so that you can continue using applications based on Java Web Start and JNLP without any change.

On your fourth question, you can use the Jarsigner maven plugin, as long as you provide it a private key and the jar's path to sign, you're fine.

Anyul Rivas
  • 655
  • 2
  • 12
  • 31