A platform version is a version of the J2SE platform. Platform versions are “1.2.2”, “1.3”,
“1.4”, and so on (both “x.y” and “x.y.z”). If you want to obtain the exact platform version
string you are using for your code, just extract it from the system property “ java.specifica-
The other way of specifying a JRE is to specify exactly where it is located by providing a URL
to the vendor's site. This kind of version is called a product version because it is the version of
a particular implementation of a J2SE platform version.
The system property to query for the current product version is “ java.version ”. When using
this kind of JRE specification, the line in the JNLP file should look like this:
<j2se href=”http://vendor.com/jres/j2se” version=”1.2”/>
Some constraints on the JRE product versions can be specified by means of the + sign. (For
example, “1.3.2+” means greater than or equal to the “1.3.2” product version.) You can also
use the asterisk (*). (For example, “1.4.*” means any J2SE JRE having 1.4 as a product ver-
It is always a bit dangerous to specify exactly one version only because if that version
is superseded or the vendor retires it, your applications run the risk of being unable
to execute anymore.
When designing your application, you have to decide whether it runs in an unrestricted envi-
ronment or not. The security mechanism adopted in JNLP resembles the applet's. If your code
is not signed, your program will run in a restricted environment (also known as a sandbox);
otherwise, it will have access at all the resources. A third modality can be set using the secu-
rity element switched to the so-called J2EE application client environment security value.
We will examine the differences of these modalities, but before we get into details, let's have a
look at the most commonly used permissions. In Table 10.1, Yes means that the action is
always allowed, whereas No means that is never allowed. Ask User means that the JNLP
Client presents an authorization window to the user before allowing the action.