The Java Control Panel is a multipurpose control panel. It allows
you to view and set a wide range of parameters controlling how Java runs on
your computer. It lets you view and delete temporary files used for Java Plug-in,
which allows Sun Java to be used by your web browser to run applets, and Java
Web Start, which allows you to run Java applications over the network. It allows
you to control certificates, making it safe to run applets and applications
over the network. It allows you to set runtime parameters for applets run with
Java Plug-in and applications run with Java Web Start. It provides a mechanism
for updating your version of Java so that you always have the latest. And it
allows you to set options for debugging, desktop integration, applet handling,
etc. The Java Control Panel includes the following separately viewable panels:
Each is discussed below.
General
The General panel looks like this:
It includes three subpanels: About, Network Settings, and Temporary
Internet Files.
About
The About... button displays version information
for the latest JRE installed on the computer.
Network Settings Subpanel
These settings are for network connections. Press the Network Settings...
button to get the Network Settings dialog. There are four choices:
Use browser settings
Check this to use the browser default proxy settings. This is the default setting
(checked).
Use proxy server
You have two choices here:
- You can set the Address and the Port for a proxy server with the option
to bypass it for local addresses.
- You can press the Advanced ... button to get the Advanced
Network Settings dialog. In this panel you can individually set the proxy
server for HTTP, Secure, FTP, and Socks connections. You can also provide
a list of addresses for which you do not want to use a proxy server. The Advanced
Network Settings panel looks like this:
Use automatic proxy configuration script
You can specify the location (URL) for the JavaScript file (.js or .pac extension)
that contains the FindProxyForURL function. FindProxyForURL
has the logic to determine the proxy server to use for a connection request.
Direct Connection
Select this for situations where you do not want to use a proxy.
Temporary Internet Files Subpanel
You can do the following:
- Press the Delete Files... button to get the Delete Temporary
Files dialog from which you can delete:
- Downloaded Applets;
- Downloaded Applications;
- Other Files.
- Press the Settings... button to get the Temporary Files
Settings dialog from which you can:
- Press the Delete Files... button (same as above) to
get the Delete Temporary Files dialog, from which you can delete:
- Downloaded Applets,
- Downloaded Applications,
- Other Files;
- press the View Applications... button to get the Java
JNLP Applications Viewer dialog, from which you can:
- view and remove applications, applets, libraries, and installers,
- launch online and offline applications, applets, and installers;
- press the View Applets... button to view the Details
- Cache dialog, from which you can view cached applet files, enable/disable
caching in Java Plug-in, Delete cached files, and Refresh the viewer;
- from the Settings subpanel, set the location, the amount of disk space,
and the compression for .jar files.
Security
Notes
- Some information in this section depends on an understanding of System-
and User-Level Properties Files. Please read that section.
- System-Level
keystore files do not exist by default;
they are created and managed by a System Administrator using keytool.
(See Security Tools.)
|
The Security panel looks like this:
Press the Certificates... button to get the Certificates
dialog, which looks like this:
Certificate Types
It handles both User- and System-Level (enterprise-wide) certificates
of the following types:
Trusted Certificates
These are certificates for signed applets and applications that are trusted.
Secure site
These are certificates for secure sites.
Signer CA
These are certificates of Certificate Authorities (CAs) for Trusted Certificates;
Certificate Authorities are the ones who issue the certificates to the signers
of Trusted Certificates.
Secure site CA
These are certificates of Certificate Authorities (CAs) for secure sites;
Certificate Authorities are the ones who issue the certificates for secure
sites.
Client Authentication
These are certificates for a client to authenticiate itself to a server.
User-Level Certificates
Options
For Trusted, Secure site, and Client Authentication
certificates, there are four options: Import, Export, Remove,
and Details. The user can import, export, remove, and view the details
of a certificate.
For Signer CA and Secure site CA, there is only one option:
Details. The user can only view the details of a certificate.
Default Keystore Location
The default locations of the of the keystore files for Unix
and Windows are as follows:
| Operating System |
Location |
| Unix |
${user.home}/.java/deployment/security. |
| Windows |
${deployment.user.home}\security
|
For instance, on Windows 2000/XP, the default location of the keystore
files for user jsmith would be as follows:
C:\Docments and Settings\jsmith\Application Data\Sun\Java\Deployment\security
Non-Default Keystore Location
For non-default locations of the certificate keystore files,
specify them in the User-Level deployment.properties
file with the following property names:
| Certificate Type |
Property Name |
| Trusted Certificates |
deployment.user.security.trusted.certs |
| Secure site |
deployment.user.security.trusted.jssecerts |
| Signer CA |
deployment.user.security.trusted.cacerts |
| Secure site CA |
deployment.user.security. trusted.jssecacerts |
| Client Authentication |
deployment.user.security.trusted.clientcerts |
System-Level Certificates
Options
For System-Level certificates, the only options a user has are Export
and Details.
Default Keystore Location
Trusted, Secure Site, and Client Authentication certificate keystore
files do not exist by default. Thus there are no default locations for them.
The default location for the Signer CA keystore is:
| Operating System |
Location |
| Unix |
$JAVA_HOME/lib/security/cacerts |
| Windows |
$JAVA_HOME\lib\security\cacerts
|
The default location for the Secure Site CA keystore is:
| Operating System |
Location |
| Unix |
$JAVA_HOME/lib/security/jssecacerts |
| Windows |
$JAVA_HOME\lib\security\jssecacerts
|
Non-Default Keystore Location
The location of the keystore files for the various types of
certificates can also be set in a System-Level deployment.properties
file, if it exists. (The System-Level deployment.properties
file does not exist by default. It is specified in a deployment.config
file. See System-Level deployment.properties
file.) The following properties may be specified:
| Certificate Type |
Property Name |
| Trusted Certificates |
deployment.system.security.trusted.certs |
| Secure site |
deployment.system.security.trusted.jssecerts |
| Signer CA |
deployment.system.security.trusted.cacerts |
| Secure site CA |
deployment.system.security. trusted.jssecacerts |
| Client Authentication |
deployment.system.security.trusted.clientcerts |
Java
The Java panel looks like this:
It has two subpanels: Java Applet Runtime Settings and Java Application Runtime
Settings.
Java Applet Runtime Settings
These settings will be used when an applet is launched in a browser.
Press View... for the Java Runtime Settings for applets. On
Windows you will see this:
Note that on Unix there will also be Add and Remove buttons.
Notes
There will always be at least one entry. It will be the most recently
installed JRE; i.e., the JRE associated with the Java Control Panel.
Windows will show all JREs installed on a computer. The Java Control
Panel finds the JREs by looking in the registry. On Unix the situation
is different. There is no registry so there is no easy way to find the
JREs that a user may have installed. Thus, for Unix there are Add and
Remove buttons.
For Unix, only version 5.0 or higher should be added. For Windows,
where all JREs are found in the registry, only version 5.0 or higher
will be displayed.
Example:
Assume you are running on Microsoft Windows with Microsoft Internet Explorer,
have first installed version 1.4.2, then version 5.0, and you want to
run 1.4.2.
- Go to the
j2re1.4.2\bin directory where JRE 1.4.2 was
installed. On a Windows default installation, this would be here:
C:\Program Files\Java\j2re1.4.2\bin
- Double-click the
jpicpl32.exe file located there. It
will launch the control panel for 1.4.2.
- Select the Browser tab. Microsoft Internet Explorer might still appear
to be set (checked). However, when 5.0 was installed, the registration
of the 1.4.2 JRE with Internet Explorer was overwritten by the 5.0
JRE.
- If Microsoft Internet Explorer is shown as checked, uncheck it and
click Apply. You will see a confirmation dialog stating that browser
settings have changed.
- Check Microsoft Internet Explorer and click Apply. You should see
a confirmation dialog.
- Restart the browser. It should now use the 1.4.2 JRE for conventional
APPLET tags.
|
On Unix you can add a JRE by pressing Add and specifiying its
location (see notes above).
For Window and Unix you can optionally set Java Runtime Settings
for the JRE.
Java Runtime Parameters
You can override the Java Plug-in default startup parameters by specifying
custom options in the Java Runtime Parameters field. With the exception of
setting classpath and cp (see Setting
classpath and cp below), the syntax is the same
as used with parameters to the java command line invocation.
See the java launcher for a full list of command
line options:
java launcher: Windows,
Solaris and Linux.
Below are some examples of Java runtime parameters.
Setting classpath
and cp
The following format should be used for setting classpath
and cp in Java Plug-in. It differs slightly from the java
command line format, which uses a space instead of the equal (=)
sign.
-classpath=<path>
-cp=<path>
Enabling and disabling assertion support
To enable assertion support, the following system property must be specified
in the Java Runtime Parameters:
-[ enableassertions | ea ][:<package name>"..."
| : <class name> ]
To disable assertion in the Java Plug-in, specify the following in the
Java Runtime Parameters:
-[ disableassertions | da ][:<package name>"..."
| : <class name> ]
See Assertion
Facility for more details on enabling/disabling
assertions.
Assertion is disabled in Java Plug-in code by default. Since the effect
of assertion is determined during Java Plug-in startup, changing assertion
settings in the Java Plug-in Control Panel will require a browser restart
in order for the new settings to take effect.
Because Java code in Java Plug-in also has built-in assertion, it is possible
to enable the assertion in Java Plug-in code through the following:
-[ enableassertions | ea ]:sun.plugin
Tracing and logging support
Tracing is a facility to redirect any output in the Java Console to a trace
file (.plugin<version>.trace).
-Djavaplugin.trace=true
-Djavaplugin.trace.option=basic|net|security|ext|liveconnect
If you do not want to use the default trace file name:
-Djavaplugin.trace.filename=<tracefilename>
Similar to tracing, logging is a facility to redirect any output in the
Java Console to a log file (.plugin<version>.log) using
the Java Logging API. Logging can be turned on by enabling the property
javaplugin.logging.
-Djavaplugin.logging=true
If you do not want to use the default log file name, enter:
-Djavaplugin.log.filename=<logfilename>
Furthermore, if you do not want to overwrite the trace and log files each
session, you can set the property:
-Djavaplugin.outputfiles.overwrite=false.
If the property is set to false, then trace and log files
will be uniquely named for each session. If the default trace and log file
names are used, then the files would be named as follows
.plugin<username><date hash code>.trace
.plugin<username><date hash code>.log
Tracing and logging set through the Control Panel will take effect when
the Plug-in is launched, but changes made through the Control Panel while
a Plug-in is running will have no effect until a restart.
For more information about tracing and logging, see the chapter called
Tracing and Logging.
Debugging applets in Java Plug-in
The following options are used when debugging applets in the Java Plug-in.
For more information on this topic see the Debugging
Support in the Java
Plug-in Developer Guide.
-Djava.compiler=NONE
-Xnoagent
-Xdebug
-Xrunjdwp:transport=dt_shmem,address=<connect-address>,server=y,suspend=n
The <connect-address> can be any string (example: 2502)
which is used by the Java Debugger (jdb) later to connect to
the JVM
Default connection timeout
When a connection is made by an applet to a server and the server doesn't
respond properly, the applet may appear to hang and may also cause the browser
to hang, since by default there is no network connection timeout.
To avoid this problem, Java Plug-in 1.4 has added a default network timeout
value (2 minutes) for all HTTP connections. You can override this setting
in the Java Runtime Parameters:
-Dsun.net.client.defaultConnectTimeout=<value in milliseconds>
Another networking property that you can set is sun.net.client.defaultReadTimeout.
-Dsun.net.client.defaultReadTimeout=<value in milliseconds>
Note
Java Plug-in does not set sun.net.client.defaultReadTimeout
by default. If you want to set it, do so through the Java Runtime
Parameters as shown above. |
Networking properties description:
sun.net.client.defaultConnectTimeout
sun.net.client.defaultReadTimeout
These properties specify, respectively, the default connect and read
timeout values for the protocol handlers used by java.net.URLConnection.
The default value set by the protocol handlers is -1, which
means there is no timeout set.
sun.net.client.defaultConnectTimeout specifies the timeout
(in milliseconds) to establish the connection to the host. For example,
for http connections it is the timeout when establishing the connection
to the http server. For ftp connections it is the timeout when establishing
the connection to ftp servers.
sun.net.client.defaultReadTimeout specifies the timeout
(in milliseconds) when reading from an input stream when a connection
is established to a resource.
For the official description of these properties, see Networking
Properties.
Java Application (JNLP) Runtime Settings
These settings will be used when a JNLP application is launched.
Press View... for JNLP Java Runtime Settings. You will see
this:
The Table contains the following information:
- Platform Version
- Product Version
- Product Location
- Path (Command)
- Enabled -- a checkbox that indicates that this JRE is enabled.
The panel includes the following buttons:
The Choose... button allows user to choose content
of the Path (Command) field. This button becomes enabled when the user clicks
on Path (Command) field of an existing JRE.
The Find... button pops up a tool that allows
the user to find JREs installed on the system.
The Add button adds a new line to the table of
JREs.
The Remove button removes a line from the table
of JREs.
When the OK button is pressed, the changes will
be saved in the config file and the dialog will be dismissed. When the Cancel
button is pressed, the changes will be discarded and the dialog will be dismissed.
Update
The Update panel looks like this:
Note
This panel is only available on Windows for 1.4.2_01 and higher releases
and only for users with Administrative privileges. |
The Update panel, in conjunction with the Java Update Scheduler
(jusched.exe), is used to provide the latest Java updates to the
end user.
Update Panel Options
There are two basic options on the Update tab:
- Automatic update—available only on Windows XP, 2003, 2000 (SP2 or higher)
and set by default for those operating systems
- Manual update
Automatic update is performed on a scheduled basis and it is selected by checking
the Check for Updates Automatically check box.
Manual update is performed by pressing the Update Now button.
If you select automatic update, you can then set the notification via the Notify
Me: drop-down menu, and you can set the update schedule via the Advanced...
button.
With notification, you can chose to be notified before an update is downloaded
and before it is installed; or you can chose to be notified only before an update
is installed (i.e., the download is automatic).
The Advanced... allows you to select the desired frequency for updates:
daily, weekly (default), or montly. For daily updates, you can select the time
of the day for the udpate; for weekly updates, you can select the day of the
week and the time of the day; for montly updates, you can select the day of
the month and the time of the day.
You can do manual updates at any time by presseing the Update Now button.
This allows you to do immediate, unscheduled upates.
Java Update Scheduler
The Java Update Scheduler (jusched.exe) is used for launching
automatic updates when Update Automatically is selected in the Update
tab. jusched.exe runs as a background process that launches the
Update Manager at predefined intervals set by the user through the Advanced
... button of the Update tab. The Update Manager coordinates the update
process.
jusched.exe is launched when the user reboots the computer after
installing the SDK/JRE. It is normally transparent to the user but can be viewed
in the Processes tab of the Windows Task Manager. Should a user for some reason
not want the scheduler to run, it can be killed via End Process button
of the Processes tab.
Advanced
The Advanced panel looks like this:
It includes options for Debugging, Java console, Default Java for Browsers, Desktop integration, JNLP File/MIME
Association, and Security.
Debugging
You can enable tracing and logging. For more information on tracing
and logging and how to set runtime parameters for tracing and logging, see Tracing
and Logging.
Java Console
There are three options:
- Show the console
- Hide the console (default)
- Do not start the console
See Java Console for information about
it.
<APPLET> tag support (Windows only)
Here you can specify whether a particular browser should use the
Sun VM for the standard <APPLET> tag.
Note
If Mozilla and Netscape 7 are both installed and <APPLET>
tag support for Mozilla and Netscape is disabled (unchecked), <APPLET>
tags continue to run with the Sun VM. This is a bug that is related to
the autoscan feature of Netscape 7. |
Shortcut Creation (Windows only)
This provides options for Java Web Start for creating shorcuts
on the desktop. The options are:
- Always allow
- Always allow if hinted
- Prompt user
- Prompt user if hinted
- Never allow
JNLP File/MIME Association (Windows only)
This allows you to associate files with the JNLP MIME type. The
options are (radio button, select only one):
- Prompt user
- Prompt user to replace
- Allow if association is new
- Never allow
Security
The options are checkboxes. You can select any number of available options. All options are checked by default except for those specified. The following are the various Java security options:
- Allow user to grant permissions to signed content
- Allow user to grant permissions to content from an untrusted authority
- Use certificates and keys in browser keystore
- Use personal certificate automatically if only one matches server request
- Warn if site certification does not match hostname
- Show sandbox warning banner
- Allow user to accept JNLP security requests
- Check publisher certificate for verification (Not Checked by Default)
- Enable online certificate validation (Not Checked by Default)
- Use SSL 2.0
- Use SSL 3.0
- Use TLS 1.0 (Not Checked by Default)
Miscellaneous (Window only)
Here you have the option to place the Java icon in the system tray (default).
Command to launch default browser (Unix only, not shown above)
Allows you to specify the location of the default browser to be launched.
|
