Trip and Tick 200: WebStart me up, baby!
So today i tried pack200 - and it compresses my jar from 440k to, urm, 110k! OK, so, um, clearly all WebStart jars should be made this way. Some great resources i found in the process were deployment.dev.java.net which has the important links related to WebStart, and "Deployment Tips and Tricks using WebStart and Java Plugin" (JavaOne2006 PDF slides), which shows you how to lazily load your app via the web, eg. maybe your WebStart app is just a login splash-screen teaser thingymajig that loads your real app in the background, to create the perception of loading a very large app, very quickly. "Mmmm... crumbled-up cookie things."
Previously in "JooJ up your project page with a WebStart demo" we looked at using Netbeans' JNLP tool to create our first JNLP file. This article is the PG13 SNVL version of that, minus the sxx, nudity, and violence - darn it to hell, what a frikkin pity! At least we
got the bad language going on, woohoo!
Creating the JNLP
Once we get through the XML with all those angle brackets, we notice that a JNLP file is actually a trivially minimal thing that just specifies our main class, dependent jars, required JRE version, and um, URL thingy.
We specify the codebase to be where we upload our jars eg. jroller.com. The all-permissions means we can be naughty, eg. use reflection. Hopefully in future there'll be a some-permissions option. For testing offline, we would specify the codebase as a local directory where we gonna put we jars.
Wrapping Jars signed by others
You can test if a jar is signed as follows, using jarsigner, which is included in the JDK of course (along with keytool, pack200 and javaws).
jarsigner -certs -verbose -verify activation.jar
If any of your resources are jars signed by others, you gotta wrap those in a JNLP as follows, and put this in the resources section of the JNLP as an extension, as shown above.
<jnlp codebase="http://aptframework.dev.java.net/codebase/" href="javadb.jnlp">
<vendor>Signed by Sun Microsystems, Inc</vendor>
Creating a keystore
We create a keystore (file), and a key therein, using keytool (in the JDK).
keytool -genkey -keystore myKeystore -alias myself
keytool -selfcert -alias myself -keystore myKeystore
keytool -list -keystore myKeystore
Signing the jars
We copy our minty jar and sign it as follows.
cp /my/nbprojects/myproject/dist/my.jar .
jarsigner -keystore myKeystore my.jar myself
pack200 my.jar.pack.gz my.jar
pack200 creates my.jar.pack.gz, where we need to have both the original jar, as well as the compressed gz one, in our codebase. The heffalump one is a fallback, e.g. for older javaws clients that don't do the pack200 thing. I keep two JNLP files, one local one (with my local jars directory as the codebase) e.g. my_local.jnlp, and then the uploadable one eg. my.jnlp, with the online codebase, eg. on jroller.com.
In the above script, i test using the local one, before uploading and testing the online one.
The HTML Link
Now we can insert the JNLP link into our HTML web page as follows.
<img border="0" alt="Launch"
</a>(QuiteBusy, 150k/500k, unsandboxed, Java5)
We need to put the alt "Launch" text in the img element, because some people configure their browsers to load images from the "originating" site only, in which case the webstart.small.gif won't show, and they'll see nothing to click on. You'll want check the server webserver logs (if you can), to make sure it is the pack200'ed my.jar.pack.gz that is getting downloaded :)