Documentation Center

Java security and signed applets: prerequisites and setup

This section applies to any Contenta Web or Contenta S1000D users who will use tools that check out data, such as Check Out/Check In, Dynamic Import, LiveContent Preview, and S1000D Upload Content and are using Internet Explorer with applets.

Java security impacts the behavior of applets such as those used with Contenta Web Check Out/Check In and Dynamic Import and Contenta S1000D Check Out/Check In. The Java changes result in security warnings being presented to the user in new dialog boxes, making it more challenging to use the applets. In addition, after certain Java 7 updates, the Java security level must be changed from High to Medium; otherwise, the applets will be blocked from working.

Add the Contenta Web server URLs to the Java Exception Site List

Perform the following steps to prepare Java for using Contenta Web applets.

  1. Install the applet patches provided by SDL on your Contenta Web servers.
  2. Upgrade all clients to Java 1.7.0_80 or later.
  3. Add the Contenta Web server site URLs to the Java Exception Site List, a new feature starting with Java 1.7.0_80. Access the Exception Site List on the client as follows (or, alternatively, create or update the Exception Site List as follows).
    1. Open the Java Control Panel.
    2. Click Security.
    3. Click Edit Site List.
    4. Click Add in the Exception Site List dialog.
    5. Enter the Contenta Web server site URL, and then press Enter.

      Site URL examples:

      http://beagle:8080

      https://bulldog.com

    6. Click OK.
    7. Click OK again.
    In the security directory, create or update a file named exception.sites with URL sites listed in the following format (note the trailing slash).
    • http://beagle:8080/
    • https://bulldog.com/
  4. Add the Contenta Web server site URLs to the Trusted Sites list in Internet Explorer (consult www.microsoft.com on how to edit IE security zones).
  5. Make sure that the Web server name in the registry path HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\XyEnterprise\Content@\Settings\Web is set to the Contenta Web server you are using.

For customers who cannot immediately upgrade to Java 1.7.0_80, note the following.

  • You can still install the patched applets on the Contenta Web server. Installing these patches will not cause any problems and, when Java is upgraded to 1.7.0_80 or higher, the patches will correct the security warning problem.
  • Security warnings will pop up every time the applets run on the clients until Java is upgraded. Starting with Java 1.7.0_25 and stopping with Java 1.7.0_51, whether or not the patched applets are installed, you will need to set the Java security level to Medium; otherwise, the applets will be blocked from working. For example, you can run the Contenta Web Check Out tool successfully, but when you run Contenta Web Check In, the applet’s ellipsis button will not work, preventing you from selecting anything to check in.

Setting the Java security level on the client

To set Java security level to Medium on clients, use the Java Control Panel or modify the deployment.properties file as follows.

  1. Navigate to the directory containing the deployment.properties file.

    On Windows clients: <User Application Data Folder>\LocalLow\Sun\Java\Deployment

  2. Edit this file and add or modify the security level line, setting it to medium:

    deployment.security.level=MEDIUM

Setting character encoding on the client

To ensure applets can handle Unicode (UTF-8) characters, modify the Java settings on the client as follows.
  1. Open the Java Control Panel while logged in as an Administrator.
  2. Select the Java tab.
  3. In the Runtime Parameters field for the installation of Java, add the following argument.

    -Dfile.encoding=utf-8

  4. Click OK.