How to disable the Java "Security Warning" popup?

17

5

enter image description here

Is there a way to disable this Java Security popup? I only use sites on my intranet and each page is home to 40+ applets that generate a new ID with each load. Because of this, every time the page is visited it requires you to click "Run" 40+ times.

OS: Windows 7

Browser: IE 10

Here is my fix:

  1. Open Internet Explorer
  2. Click on Tools and select Internet Options
  3. Click on Security tab and Click the ‘Custom Level’ button
  4. In the ‘Miscellaneous’ section change “Display mixed content” to Enable.

Tyler

Posted 2013-04-03T14:18:32.130

Reputation: 394

1This can be handled by adjusting the security settings on the Java Windows Control Panel applet. Since you didn't indicate which operating system I must assume Windows. – Ramhound – 2013-04-03T15:36:17.953

Using IE 10 on Windows 7. This computer only accesses the local network and has no connection to the internet or other PCs, it connections to building monitoring tools. – Tyler – 2013-04-05T18:28:03.473

1Did you try adjusting the security level in the control panel? For me, it doesn't work at all (level is constantly reset), but maybe you'll have more luck. – Der Hochstapler – 2013-04-22T16:43:38.170

what java version? – kinokijuf – 2013-04-27T15:26:31.890

@kinokijuf The OP specifically mentioned Windows 7 three comments above. Please don't change the meaning of others' posts. Thanks. – slhck – 2013-04-27T16:16:37.617

@slhck the screenshot shows Windows 8. – kinokijuf – 2013-04-28T08:59:53.500

@kinokijuf The OP says they're "using IE 10 on Windows 7", both in the comment and the question. So please don't change that aspect. The screenshot could have come from the internet or could have been made with a Windows 8 theme, who knows. – slhck – 2013-04-28T09:02:54.347

Answers

3

Setting that option to Disable verification will remove that pop-up. Yes it's a security risk, but I'm fairly sure that disabled was the default level of security of the previous Java versions. I'm sure the pop-up does provide some extra security, but in an environment where each vendor rolls their own crazy web apps and the updates are few and far between, this is more of a hassle than security. Unfortunately this setting appears to be controlled by a file under each users profile. Specifically C:\Users\username\AppData \LocalLow\Sun\Java\Deployment\deployment.properties . I can't think of a way off the top of my head to push this setting via group policy. If someone comes up with a solution, please post it in the comments. Until then we will be sticking with Java 6 Update 19 for our environment.

source: http://gdgtry.com/2010/05/disable-javas-new-security-warning/

Karan Raj Baruah

Posted 2013-04-03T14:18:32.130

Reputation: 894

1-1 the OP is talking about a different dialog – kinokijuf – 2013-04-27T11:58:02.573

3

Put a text document in this location named deployment.properties c:\windows\sun\Java\deployment\deployment.properties

Despite what Java documentation says, you do not need the deployment.config file unless you want to use the manditory setting.

This file will change the default for every user on the computer, even if they already have a deployment.properties file in their appdata folder. You can verify that the settings are taking effect when you open the java 32 control panel since it reads the settings then.

Here are some of the things we put in our deployment.properties file.

#disables the java desktop shortcut on install - might not be required for modern versions
deployment.javaws.shortcut="NEVER"

#tells sets security level to it's minimum "MEDIUM" to allow for apps to run on outdated java versions
deployment.security.level=MEDIUM

#disabled certificate checking so that java apps load much faster.  Java still checks the certificate
#blacklist though so the certificate is still used.
deployment.security.validation.ocsp=true

#moves the user trusted certificates store to a shared location so we can pre-approve controls
deployment.user.security.trusted.certs=C\:\\Program Files\\Java\\jre7\\security\\trusted.certs

The last bit is the best way to get rid of "do you want to run this app" boxes. Once you set the trusted.certs location to a shared location, create your own trusted.certs file by manually going to the process of checking the box "don't show this again". They deploy this trusted.certs file to all your machines with this deployment.properties file and viola, no more security pop-ups.

Note that the extra slashes in the path are required. Colons are reserved characters and the backslash is the escape character.

Iconiu

Posted 2013-04-03T14:18:32.130

Reputation: 49

2

I am using java 7 update 17. What you can do is check the box "Do not show this again for this app" (the check-box on the image you provided). You could also try to change the settings in Java Control Panel but i am not sure if it will work: In Java Control Panel on the Security Tab change the security-level from High to Medium or Low and then go to the Advance Tab and check "Hide Warning and run with protections" or if it does not work then choose "disable verification".

Devid

Posted 2013-04-03T14:18:32.130

Reputation: 5 566

It makes it a bit more insecure but for what he is doing that's fine on an intranet. If he is accessing the same content over and over, he could just bear down and check the box all 50+ times once and will likely not see them again. – Will.Beninger – 2013-04-29T00:55:29.430

1

Which Java version are you using ?

Oracle introduced new security features to its Java web browser plug-in when it released Java 7 Update 11 on December 11, 2012.

You could go back to an earlier version from 2012, as security is not too important in an intranet environment.

With an earlier version, adjusting the security level in the control panel may be easier.

harrymc

Posted 2013-04-03T14:18:32.130

Reputation: 306 093

1

To control JAVA default action, better configure all settings on system level.

C:\Windows\Sun\Java\Deployment. you need 4 files

@ deployment.config

@ deployment.properties -- deployment.security.mixcode=DISABLE

@ exception.sites

@ Most importantly you need a trusted.cert certificate file to disable that message box

This will give all users on that PC the same settings.

See more from here

Root Loop

Posted 2013-04-03T14:18:32.130

Reputation: 785

0

Put below lines in server system level C:\Windows\Sun\Java\Deployment\deployment.properties file to stop these messages

deployment.security.mixcode=DISABLE
deployment.security.level=MEDIUM
deployment.security.validation.ocsp=true
deployment.expiration.check.enabled=false

Manish Thakare

Posted 2013-04-03T14:18:32.130

Reputation: 1

There are already two answers similar to yours. Considering that you're answering a post that is 4 years old, you could at least explain how your answer is different or what might be inaccurate or outdated about the other answers. – Edward – 2017-10-11T13:08:20.620

-3

Put this line into your login script, that should take care of it

mkdir "%AppData%\Sun\Java\Deployment"
echo deployment.security.mixcode=DISABLE >> "%AppData%\Sun\Java\Deployment\deployment.PROPERTIES"

dr_banner

Posted 2013-04-03T14:18:32.130

Reputation: 1

3How uncool is that -- it creates a new line in deployment.properties upon each and every login. How long should that file become? :O – TheBlastOne – 2015-01-14T14:05:18.810

Asked: 2013-04-03T14:18:32.130

Viewed: 230 535 times

Active: 2017-10-11T12:53:19.697