Using JavaFX on secure (SSL) pages

On IE, when displaying a JavaFX applet on a secure page, a dialog is displayed warning the user: "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?" At least some of the remote resources required for JavaFX can only be accessed using http rather than https (e.g. "http://dl.javafx.com/1.2/dtfx.js".) So long as it's required that JavaFX deployment use these remote sites, please make sure that they're all available via both http and https.
That said, is there a way to configure the jnlps (that in turn reference other jnlps) to reference their resources using either http or https, perhaps based on the protocol used to reference them in the first place?

Do you still see the https: protocol on the location bar?
If that is the case then that means that there is content on that page that comes via an insecure http: link.
Start Firefox in <u>[[Safe Mode]]</u> to check if one of the extensions or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox (Tools) > Add-ons > Appearance/Themes).
*Don't make any changes on the Safe mode start window.
*https://support.mozilla.com/kb/Safe+Mode
*https://support.mozilla.com/kb/Troubleshooting+extensions+and+themes

Similar Messages

Want to Create SliderView using JavaFX,like we desingHTML page using JQuery

I want to create a slider view using javafx2.0.3, when we click on left button the images moves left and come from right side. Like we are creating using JQuery in HTML. from left to right. Anyone know, how it is possinle in Javafx 2.0, Please tell me.
Edited by: 924666 on Mar 31, 2012 3:50 PM

Thank you sir for your valuable time.
But will try which you told. But what i want. In Center view need to display 4 images, and in right side have 1 button. when we click on right button, the 4 images moves right side, and next 4 images comes from left side in the center view.
Can you explain me , how it is possible? Please

Unexpected Exception Error :Netbeans remote project on dev using secure SSL

I created the remote project for the Dev envirnment to debug the workflow activity,
I can set the identity manager external instance for this dev envirnment even while doing that
need to click the check box for secure connection other wise will get the error for connection,
Now when connection is set, and I tried to start the debuger on dev, I am getting the unexpected exception error,
Is this error is because of Dev envirnment is secure SSL, Can I still run the debugger on this dev envirment.
Thanks,

Don't multipost and don't use the browser's back button to edit your posts as that creates multiple postings. I've removed the other thread you started with the same questio.
Also, don't post to long dead threads. I've blocked your post and locked the thread you resurrected.
db

After installing the notified update I am unable to send e-mails (using O/E on XP) as my system is supposedly unsecure. (I receive a message saying "... Secure(SSL): No, Error Number: 0x800CCC0F".) Everything was working fine immediately before I updated.

After installing the notified update I am unable to send e-mails (using Outlook Express on Windows XP) as my system is now thought to be Unsecure. (I receive a message saying "... Secure(SSL): No, Error Number: 0x800CCC0F") Everything was working fine immediately before I installed the update. Can anyone (pleeeease) tell me where Flash has changed my security settings as I have looked at the setup, but everything looks okay. Thankyou!

Branching this to a new discussion as it appear you are facing difficulties with the installation or running the programs you have been downloading and installing.

While on my td bank secure site i log off then press the back arrow my secure page that i closed opens up.when i use internet explorer the same page doesnt sho

when i log off my td bank secure account page with the td log off botton i get a new td page. if i press the back arrow on the address bar the secure page i just closed pops up. when i do the same witn onternet explorer a generic td bank page home page pops up NEVER an account page with secure info shown. when this happens every time i dont know if i have logged off the secure page. i close my online browser[now firefox] to be sure the connection is broken but is the secure page open to any kind of breach? i am using firefox due to concern about intternet explore but i know on explorer when i log off td bank secure page i was on i can not access that page again unlees i login ,on firefox i press back arrow on address bar and the secure page i logged off shows up.i feel this is an important issue and must be addressed. thank you

Hi grdy83,
What are your cookie settings?
*[[Enable and disable cookies that websites use to track your preferences]]
*[[Permissions Manager - Give certain websites the ability to store passwords, set cookies and more]]
You can delete all history when you exit Firefox, but it seems odd that a secure page that should expire is still accessible. It may be a timed expiration, but check the third party cookie settings to make sure it is not allowed to be saved.
I hope this helps prevent this from happening again.

I use javaFx WebViewBrowser to download ZIP file, the page no action

I use javaFx WebViewBrowser to download ZIP file, the page no action; other tools example chrome ,ie can download the zip file .
so can you writer a download zip file example for me ?
thanks ,my english is so bad ,sorry !!! :)

WebView doesn't have a built in file downloader - you have to implement it yourself.
You can find a sample implementation for file downloads in JavaFX here =>
http://www.zenjava.com/2011/11/14/file-downloading-in-javafx-2-0-over-http/
That sample does not include the hooks into WebView to trigger the downloads.
You will need to trigger off the mime type or the file extension in the url.
A rudimentary sample trigger a download off of webview is provided in the code below.
For a nice solution, you would probably want to spin the downloader off with it's own UI similar and manage the download itself as a JavaFX Task similar to how the zenjava component works.
Code adapted from => http://code.google.com/p/willow-browser/source/browse/src/main/java/org/jewelsea/willow/BrowserWindow.java
// monitor the location url, and if it is a pdf file, then create a pdf viewer for it, if it is downloadable, then download it.
view.getEngine().locationProperty().addListener(new ChangeListener<String>() {
@Override public void changed(ObservableValue<? extends String> observableValue, String oldLoc, String newLoc) {
    if (newLoc.endsWith(".pdf")) {
      try {
        final PDFViewer pdfViewer = new PDFViewer(false); // todo try icepdf viewer instead...
        pdfViewer.openFile(new URL(newLoc));
      } catch (Exception ex) {
        // just fail to open a bad pdf url silently - no action required.
    String downloadableExtension = null; // todo I wonder how to find out from WebView which documents it could not process so that I could trigger a save as for them?
    String[] downloadableExtensions = { ".doc", ".xls", ".zip", ".tgz", ".jar" };
    for (String ext: downloadableExtensions) {
      if (newLoc.endsWith(ext)) {
        downloadableExtension = ext;
        break;
    if (downloadableExtension != null) {
      // create a file save option for performing a download.
      FileChooser chooser = new FileChooser();
      chooser.setTitle("Save " + newLoc);
      chooser.getExtensionFilters().add(new FileChooser.ExtensionFilter("Downloadable File", downloadableExtension));
      int filenameIdx = newLoc.lastIndexOf("/") + 1;
      if (filenameIdx != 0) {
        File saveFile = chooser.showSaveDialog(view.getScene().getWindow());
        if (saveFile != null) {
          BufferedInputStream is = null;
          BufferedOutputStream os = null;
          try {
            is = new BufferedInputStream(new URL(newLoc).openStream());
            os = new BufferedOutputStream(new FileOutputStream(saveFile));
            int b = is.read();
            while (b != -1) {
              os.write(b);
              b = is.read();
          } catch (FileNotFoundException e) {
            System.out.println("Unable to save file: " + e);
          } catch (MalformedURLException e) {
            System.out.println("Unable to save file: " + e);
          } catch (IOException e) {
            System.out.println("Unable to save file: " + e);
          } finally {
            try { if (is != null) is.close(); } catch (IOException e) { /** no action required. */ }
            try { if (os != null) os.close(); } catch (IOException e) { /** no action required. */ }
        // todo provide feedback on the save function and provide a download list and download list lookup.
});

How to Disable caching of all SSL pages?

May anyone can help me, how to Disable caching of all SSL pages in an web application?
Thanks in advance.
Balamurugan.K

sabre150 wrote:
kajbj wrote:
It doesn't matter that you are using SSL if I understood your question correctly. I'm not certain but I think it does matter. As I understand it, no SSL/HTTPS pages should be cached since this could represent a security weakness. I was a bit vague. I meant that it doesn't matter what he is using under the hood since he isn't doing any "programming" if he's only serving pages. Everything should be related to configuring the server correctly, and/or using the correct header directives (not sure since I'm not a web developer)

Site name) uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)

I am working with Firefox 35.0 I get the security certificate error message of site name) uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer).
This happens on each page that I go to. I can pull the page up with no problem with Explorer. Please Help. I don't have any security software that would be stopping or scanning SSL.

Check the date and time and time zone in the clock on your computer: (double) click the clock icon on the Windows Taskbar.
Check out why the site is untrusted and click "Technical Details" to expand this section.
If the certificate is not trusted because no issuer chain was provided (sec_error_unknown_issuer) then see if you can install this intermediate certificate from another source.
You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
*Click the link at the bottom of the error page: "I Understand the Risks"
Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".
*Click the "View..." button and inspect the certificate and check who is the <b>issuer of the certificate</b>.
You can see more Details like intermediate certificates that are used in the Details pane.
If <b>"I Understand the Risks"</b> is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".
*Note that some firewalls monitor (secure) connections and that programs like Sendori or FiddlerRoot can intercept connections and send their own certificate instead of the website's certificate.
*Note that it is not recommended to add a permanent exception in cases like this, so only use it to inspect the certificate.

Flex SSL Connection on Non-SSL page

hey there everyone,
i'm about to get into my first FLEX project. however, before my company decides as to whether or not we'll go w/ Flex and the proposed solution, there was a question that I had to find an answer to, namely: if the end-user is on a non-ssl page, selects a link that has something similar to a shadowbox popup open in the window containing the FLEX interface, can the said FLEX webapp connect via SSL?
Hopefully I explained the problem correctly. Please let me know if I need to develop the idea and explanation further.
Thanks for any help!

Yes a Flex app can use secure transport even if it's not hosted in a secure container.
Look at
SecureAMFChannel
SecureHTTPChannel
for examples on how to do this.
I suppose the converse is also true... you can make non-secure calls from a secure page, but I've never tried this, so...

Why can't I print a secured web page (https)? Win7, FireFox 5.0

Whenever I try to print a secured web page using FireFox 5.0 nothing happens.
I have to switch to Internet Explorer 9.0 to get the printed secured web page.
I'm using win 7 Pro 32-bit on a desktop machine

I tried the steps you indicated. It brought me to IE which I don't use, unless someone will die due to my decision. I hate monopoly, such as Microsof imposes to its customers. My printer works fine with any application, except with firefox, since I updated to version 5.0

WLC cert to avoid the security warning page

Hi guys,
I am doing some tests with installiing a 3rd party cert on a WLC to avoid the security warning page when trying to access the WLC through https, and I am following the following configuration example:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml
I have followed the same precedures given in the above document, and I am using windows CA to sign the CSR just for a test, I could install the final .pem cert successfully onto the WLC however I am still getting the same warning page when I was trying to login to the WLC through https. I have checked in my certificate store and I have trusted the root CA which is the windows CA in this case.
I have also tried to access the WLC from the CA server (windows 2008 box) still getting the same warning message.
so what should I do in order to make this to work with windows CA? did I missed something in the configuration?
Thanks in advance for your time and help.
Andy

ok guys.... I was wrong last time... actually after double check again it was NOT working .... I think i just simply trusted the cert last time when i was using firefox....
I have tried a number of different things and double checked the places that mentioned previously in this thread however I could not pick up anything wrong in particular, although I know there must be something I have missed out.....
so this time I have also read through some other references on the web, and found the following:
http://www.my80211.com/home/2011/1/16/wlcgenerate-third-party-web-authentication-certificate-for-a.html
I think I did very similar config and only difference is that I am using unchained cert.
I have double checked the following:
on virtual interface configuration, I have ip address 1.1.1.1 and DNS host name as "wlc2112.mydomain.local"
from the controller GUI --> Security --> web auth --> certificate, under subject name, I have CN=wlc2112.mydomain.local, however under Issuer name, I have CN=mydomain, this is a bit different from the last screen shot in the above link. could this be a problem?
in windows 2003 server, with DNS server I have a field called "wlc2112" with IP address 1.1.1.1
as mentioned by Scott previously, I went to the mmc certificate snap in, and under trusted root certificate authorities, I have installed the WLC cert there and I could see it there as well.
now if I try to access the WLC GUI from here I am still getting the error message same as the one below:
http://www.vistaclues.com/the-security-certificate-presented-by-this-website-was-issues-for-a-different-website%E2%80%99s-address/
I then followed the instruction and continue to the website, and when I go file --> properties --> certificate, it actually shows the certificate is issued to 169.254.1.1 and issued by 169.254.1.1, with a red cross on the cert itself....... I have no idea where is this come from, so I just want to ask when I try to access the WLC GUI through a web browser, after I type in https://wlc-ip-address, how does the browser know / search for which certificate it needs to look into? I think in my case here it clearly points to the wrong certificate?
also on the server I went to http://127.0.0.1/certsrv and selected "download a CA certificate, certificate chain or CRL" and then "install this CA certificate chain", does this mean I acknowledge to trust the root CA by doing this?
I am not sure what I have missed out but it just does not work for some reason... is there any other places that I need to check/verify?
Sorry for the long writing but any comments would be highly appreciated.
Thanks in advance for your help.

SSL certificate error on every SSL page

Hello,
I was having problems earlier with connecting to my wireless internet so I deleted some of my .plist files attempting to fix the problem. Now I am having problems connecting to ANY SSL page, (as well as google chat, etc.) saying "security certificate is not trusted". Same happens on all browsers. I think it is because I deleted some plist files (not sure which ones).
How can I fix this problem? I cannot find any documentation of anyone else having this problem, so please help!
Much thanks.

The answer was found elsewhere: Android is much more picky when it comes to SSL certificates and what works in the browser doesn't necessarily work in an Android app.
A technician had to add a "SSLCACertificateFile to the SSL conf to provide this intermediate chain". I don't know what this is, but it worked.

File Adapter FTPS: Error - iaik.security.ssl.SSLException

I'm trying to use FTPS to communicate from XI ( SP 15 ) . FTPS system Admin provided CA Certificate and we installed same in key Storage as trusted CAs.
However when I try to send file It was throwing message " Error: Message processing failed: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: illegal parameter " In the Adapter Monitoring .
However same Certificates installed on recent versions of XI ( PI 7.0) works just fine.
Any ideas will be appreciated.

Hi S T,
Check these..
Details for 'Is Web service security available?'
HTTPS Error
All the best!
cheers,
Prashanth
P.S Please mark helpful answers

How to secure one page not entire application?

Hi there,
I'm looking for some guidance on how to secure individual pages on my site. I've read a number of articles discussing creating a login using the Application.cfc. The thing is this approach locks down the entire site. I only want to secure a page. In my scenario, if the user hasn't logged in, and goes to a profile.cfm page, they will be asked to login. Once they login, they will then be directed to the profile.cfm page.
Any and all advice would be greatly appreciated.
Thanks.
Novian

Hi, Novian,
An option that come directly to mind is to check for the specific page to be locked down in onRequestStart of your Application.cfc.
This approach is relatively easy to implement but may not be the best approach (don't know how it might affect performance or something else). Basically, use a conditional in your onRequestStart method to see if the page being requested by the user is the page that needs to be secured. Something along the lines of:
<cffunction name="onRequestStart">
     <cfargument name="target_page" />
     <cfif target_page is 'super-secure-page.cfm'>
          
     </cfif>
</cffunction>
There are, of course, other options but this was a quick and easy one that came right to mind.

Javafx deployment in html page(please help me urgent)

i used the following method to deploy javafx in an html page.
javafx file is:
package hello;
import javafx.scene.*;
import javafx.stage.Stage;
import javafx.scene.text.Text;
import javafx.scene.text.Font;
import javafx.scene.paint.Color;
import javafx.scene.effect.DropShadow;
Stage {
    title: "My Applet"
    width: 250
    height: 80
    scene: Scene {
        content: Text {
            x: 10 y: 30
            font: Font {
                 size: 24 }
            fill: Color.BLUE
            effect: DropShadow{ offsetX: 3 offsetY: 3}
            content: "VAARTA"
I save the file as HelloApplet in a 'hello' named folder in my D:
after that i downloaded from internet html code as
<html>
    <head>
        <title>Wiki</title>
    </head>
    <body>
        <h1>Wiki</h1>
        <script src="dtfx.js"></script>
        <script>
            javafx(
                archive: "HelloApplet.jar",
                draggable: true,
                width: 150,
                height: 100,
                code: "hello.HelloApplet",
                name: "Wiki"
        </script>
    </body>
</html>now i typed in DOS prompt as javafxc.exe HelloApplet.fx & i got the class files .
_The main problem which is coming is how to create HelloApplet.jar file which is used in the html page without which the html page is not displaying the javafx script. Please help me urgently i am in the middle of my project & stuck up due to JAVAFX                   i am using WIndowsXP & javafx-sdk1.0 when i am typing jar command inside hello package it is displaying invalid command.in DOS prompt. If there is any other method to deploy javafx in html page then specify it also.

Crossposted: [http://forums.sun.com/thread.jspa?threadID=5323288].
Please don't crosspost without notifying others. It is rude in terms of netiquette. Stick to one topic.

Using JavaFX on secure (SSL) pages

Similar Messages

Maybe you are looking for