Discuss this help topic in SecureBlackbox Forum

JNLP file allows to execute the applet either inside a browser or as a separate application in the case the browser doesn't support applets. JNLP is Java Network Launch Protocol.

The process of using JNLP file looks like:

  1. A page with a reference to the applet (inside the tag) is sent to a browser. The <applet> tag should contain a reference to the JNLP-file with the Session ID parameter in jnlp_href parameter:
    <applet archive="com.secureblackbox.dc.jar, com.secureblackbox.dc.applet.jar"
    	code="com.secureblackbox.dc.applet.ElDCServerApplet" width=500 height=240>
    	<param name="jnlp_href" value="<%= "AppletJnlp?SessionId=" + request.getAttribute("paramID") %>" enableviewstate="false" />
    	<param name="Color" value="#FFFFFF" />
    The session ID should be passed because it should be preserved across further requests to the server.
  2. After the browser retrieves the web page, it parses this page and requests the JNLP file (the request contains the Session ID as a parameter).
  3. The server, based on the Session ID parameter, need to find a DC signature for the signing document and dynamically generate a JNLP-file and add a DC signature block as well as the Session ID to the generated JNLP file. The JNLP-file is returned to the browser.
  4. The browser gives the obtained JNLP-file to the java plugin, which parses the JNLP file, requests the applet from the server and executes it.
  5. The applet obtains the necessary data from the JNLP file (for details see description of the applet in the documentation), signs the DC-signature block and sends it back to the server.

If the browser doesn't support Java or have it disabled, the initial web page can contain a "Download JNLP" button or a link to download the JNLP-file (the samples contain such button). The button allows to download and save the JNLP file to a local storage and execute the applet outside of the browser (by using the JNLP-file as a guide). Depending on the browser the applet will be either started immediately after the click, or the user will be prompted to download and save the JNLP file, or open (launch) it. Java runtime environment (JRE) must be installed on the machine for this scheme to work.

To simplify JNLP-file generation SecureBlackbox 15 includes new TElJNLPFile class. You can create an instance of this class, load the previously created JNLP-template using TElJNLPFile.LoadFromStream() method, add necessary modifications (see SetAppletDescParameter, SetSecurity, JnlpCodebase and other properties), and generate the JNLP-file (use TElJNLPFile.SaveToStream() method). The sample below shows how to do this.


public static byte[] getJNLPFile(HttpServlet servlet, String codebase, String sessionId, String Data) {

	TElMemoryStream ms = new  TElMemoryStream(servlet.getServletContext().getResourceAsStream("/jnlptemplate.xml"));
	TElJNLPFile jnlp = new TElJNLPFile();


	jnlp.setAppletDescParameter("Data", Data);
	jnlp.setAppletDescParameter("SessionID", sessionId);

	ms = new TElMemoryStream();
	byte[] data = ms.toByteArray();

	jnlp = null;

	return data;

How To articles about Distributed Cryptography add-on.

Discuss this help topic in SecureBlackbox Forum