Java Error: "Your security settings have blocked a local application from running"

Question

I'm trying to run this simple HelloWorld code written in Java from my browser (Chrome):

public class HelloWorld extends JApplet {
public void init() {
    try {
        SwingUtilities.invokeAndWait(new Runnable() {
            public void run() {
                JLabel lbl = new JLabel("Hello World");
                add(lbl);
            }
        });
    }
    catch (Exception e) {
        System.err.println("createGUI didn't complete successfully");
    }
}

I compiled it with NetBeans, and then I created a WebApplication project. The HTML code that runs the applet is:

<html>
    <head>
        <title></title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    </head>
    <body>
        <p><applet code="HelloWorld" archive="applet_HelloWorld.jar"  width="590" height="530"></applet></p>
    </body>
</html>

If run the applet from NetBeans it works. But when I run the HTML code by double clicking it, the following message pops up from the browser:

Your security settings have blocked a local application from running.

I tried with Internet Explorer and Firefox but nothing.

This message started to appear after the last update of Java. Where is the problem?

Answer 1

I am using an older Data Structure and Algs book that comes with Java Applets for practice. So I needed to store and run some applets locally. I am currently running Windows 10 OS with Edge, Chrome, and IE 11.

Running applets seem to only be allowed in IE11, and as other have mentioned you have to add the applet to the exception list. My issue was since I am storing these locally, and opening them in IE, it opened with path starting with "C:\..." Adding the full path using, "file///..." like mentioned in one of the other answers didn't work for me.

The fix: So, I just added(without the quotes), "file:///" to the exception site list and finally got it working. This also allows me to run any applet stored locally, and I do not have to explicitly add an exception for each applet path.

I plan to remove the exception from the list once I am done using the programs, and only add it back as necessary.

Answer 2

• Starting with Java 8, there is no "medium" risk setting in the Security tab under Java

• You will keep getting this error till you revert to older Java (suggested Java 7, it has hit the end of life though).

• Install both 32-bit and 64-bit version because browsers are still 32-bit, even on a 64-bit machine, 64-bit OS

Answer 3

If you have no Medium security level, then you should add your application to the Exception Site List (Java Control Panel → Security tab).

1. Open your applet in a browser and copy the contents of your address bar.

2. Go to Control Panel → Java Control Panel → Security tab and press the Edit Site List... button.

3. Press the Add button, insert your path and press Enter.

4. Press Continue on the security warning that appears.

5. Open the applet again and don't forget to press Run on the pop-up window.

Answer 4

My problem case was to run portecle.jnlp file locally using Java8.

What worked for me was

1. Start Programs --> Java --> Configure Java...
2. Go to Security --> Edit Site List...
3. Add http://portecle.sourceforce.net
4. Start javaws portecle.jnlp in CMD prompt

On step 3, you might try also to add file:///c:/path/portecle.jnlp, but this addition didn't help with my case.

Answer 5

If you are like me whose Java Control Panel does not show Security slider under Security Tab to change security level from High to Medium then follow these instructions: Java known bug: security slider not visible.

---

Symptoms:

After installation, the checkbox to enable/disable Java and the security level slider do not appear in the Java Control Panel Security tab. This can occur with 7u10 and above.

Cause

This is due to a conflict that Java 7u10 and above have with standalone installations of JavaFX. Example: If Java 7u5 and JavaFX 2.1.1 are installed and if Java is updated to 7u11, the Java Control Panel does not show the checkbox or security slider.

Resolution

It is recommended to uninstall all versions of Java and JavaFX before installing Java 7u10 and above.
Please follow the steps below for resolving this issue.
1. Remove all versions of Java and JavaFX through the Windows Uninstall Control Panel. Instructions on uninstalling Java.
2. Run the Microsoft uninstall utility to repair corrupted registry keys that prevents programs from being completely uninstalled or blocking new installations and updates.
3. Download and install the Windows offline installer package.

Answer 6

1. Go to Control Panel
2. Double click on Java
3. Open the Security tab
4. Select Medium
5. Click on Apply
6. Restart your web browser

That's it!

Answer 7

If you are using Linux, these settings are available using /usr/bin/jcontrol (or your path setting to get the current Java tools). You can also edit the files in ~/.java/deployment/deployment.properties to set "deployment.security.level=MEDIUM".

Surprisingly, this information is not readily available from the Oracle web site. I miss java.sun.com...

Answer 8

I faced the same issue today, and I was able to fix the issue by changing the security settings on the Java Control Panel from HIGH to MEDIUM.

Well, setting the Java Security Setting to MEDIUM permanently is not really recommended as this will allow potentialy malicious software to run on your system and not be blocked. So I suggest after running your applet you may want to change back the setting to HIGH.

Location of the Java Control Panel

Change the setting of the Control Panel

Answer 9

After reading Java 7 Update 21 Security Improvements in Detail mention..

With the introduced changes it is most likely that no end-user is able to run your application when they are either self-signed or unsigned.

..I was wondering how this would go for loose class files - the 'simplest' applets of all.

Local file system

Your security settings have blocked a local application from running

That is the dialog seen for an applet consisting of loose class files being loaded off the local file system when the JRE is set to the default 'High' security setting.

---

Note that a slight quirk of the JRE only produced that on point 3 of.

1. Load the applet page to see a broken applet symbol that leads to an empty console.
   Open the Java settings and set the level to Medium.
   Close browser & Java settings.
2. Load the applet page to see the applet.
   Open the Java settings and set the level to High.
   Close browser & Java settings.
3. Load the applet page to see a broken applet symbol & the above dialog.

Internet

If you load the simple applet (loose class file) seen at this resizable applet demo off the internet - which boasts an applet element of:

<applet
    code="PlafChanger.class"
    codebase="."
    alt="Pluggable Look'n'Feel Changer appears here if Java is enabled"
    width='100%'
    height='250'>
<p>Pluggable Look'n'Feel Changer appears here in a Java capable browser.</p>
</applet>

It also seems to load successfully. Implying that:-

Applets loaded from the local file system are now subject to a stricter security sandbox than those loaded from the internet or a local server.

Security settings descriptions

As of Java 7 update 51.

• Very High: Most secure setting - Only Java applications identified by a non-expired certificate from a trusted authority will be allowed to run.
• High (minimum recommended): Java applications identified by a certificate from a trusted authority will be allowed to run.
• Medium - All Java applications will be allowed to run after presenting a security prompt.

Answer 10

Java applets do create a security risk, hence are disabled in most modern browsers. You have to lower the security to run it. There is a guide by Oracle for that.