/build/static/layout/Breadcrumb_cap_w.png

Change Java Default Security Level?

With Java update 7u11 the default security level has been changed to "high." Is it possible to revert this security level to "medium" via script or registry change?

Asked 11 years ago 49830 views
0 Comments   [ + ] Show comments

Answers (5)

Answer Summary:
http://docs.oracle.com/javase/6/docs/technotes/guides/deployment/deployment-guide/properties.html contains information for setting system wide java configuration.
Posted by: nshah 11 years ago
Red Belt
3

You might want to check here:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Runtime Environment\1.7.0_11\MSI

 

and this article for the settings

http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html

 

Comments:
  • This pointed me to develop the silent installs for 32bit and 64 bit. Make sure you uninstall previous versions first!!! - ronfalkoff 11 years ago
  • >Make sure you uninstall previous versions first!!!
    Why? JREs are designed to co-exist side-by-side, aren't they? Also, there are some dumb apps which check for specific versions. - anonymous_9363 11 years ago
Posted by: oneway 10 years ago
White Belt
1
here is my command line, it worked. Please refer to the last parameter: WEB_JAVA_SECURITY_LEVEL=M

WEB_JAVA_SECURITY_LEVEL=M
WEB_JAVA_SECURITY_LEVEL=M
jre-7u55-windows-i586.exe /s /v"/qn IEXPLORER=1 MOZILLA=1 REBOOT=Suppress JAVAUPDATE=0 JU=0 AUTOUPDATECHECK=0 WEB_JAVA_SECURITY_LEVEL=M" /L

:)
Posted by: ronfalkoff 11 years ago
Green Belt
1

Keeping this lovely caveat in mind:

http://www.java.com/en/download/help/jcp_securityslider.xml

I used these to silently install:

 

jre-7u11-windows-i586.exe /s /v"IEXPLORER=1 MOZILLA=1 JAVAUPDATE=1 AgreeToLicense=1 EULA=1 WEB_JAVA_SECURITY_LEVEL=M /QN"

jre-7u11-windows-x64.exe /s /v"IEXPLORER=1 MOZILLA=1 JAVAUPDATE=1 AgreeToLicense=1 EULA=1 WEB_JAVA_SECURITY_LEVEL=M /QN"

Posted by: muebel 11 years ago
10th Degree Black Belt
1

Was able to figure this one out.
http://docs.oracle.com/javase/6/docs/technotes/guides/deployment/deployment-guide/properties.html

Two files,  deployment.config and deployment.properties stored in %systemroot%\Windows\Sun\Java\Deployment allow for system wide configuration of Java.

deployment.config specifies the location of deployment.properties.

deployment.system.config=file\C:\:/Windows/Sun/Java/Deployment/deployment.properties
deployment.system.config.mandatory=true

in deployment.properties are the actual configuration specifications.

deployment.security.level=MEDIUM

If a user has already configured something (the security level) in their own user level deployment.properties, it will overtake the system properties. There is probably a way to get around this, but it is irrelevant to my current needs. 

Comments:
  • I have been struggling with this issue for days. I have placed the deployment.config that points to a server share with the deployment.properties. I thought maybe you last comment was the answer but I logged in as a first time user and opened the Java control panel. The customized settings in my deployment.properties were not set and a deployment.properties file was created in this users profile.

    This worked fine for me before version 1.7
    Thanks. - jfrasier 11 years ago
  • We had a similar situation. I created a wrapper that installs the JRE msi. Next I copy the deployment.properties file with the configuration we need to the appropriate folder on the target machine. Then I launch a script that reads the user's profile and deletes any existing deployment.properties files.
    So, when Java is started it reads and uses the deployment.properties file - bking2811 11 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ