add java exceptions

I have a post showing how you can manage the Java 7 Exception Site list:

http://derflounder.wordpress.com/2014/01/16/managing-oracles-java-exception-site-list/

The script associated with the post is set up to set two servers. If you need more than that, Eric Holtam developed this script to do the same job with as many servers as needed:

1#!/bin/bash
2
3exceptionList="$HOME/Library/Application Support/Oracle/Java/Deployment/security/exception.sites"
4exceptionListPath="$HOME/Library/Application Support/Oracle/Java/Deployment/security/"
5SITES=( "https://server.example.com" "https://server2.example.com" "https://server3.example.com" )
6MYLOG="$HOME/Library/Logs/java_exception.log"
7
8if [ ! -d "$exceptionListPath" ]
9then
10    mkdir -p "$exceptionListPath"
11    /bin/echo "Created exception list path in: $exceptionListPath " >> "$MYLOG"
12fi
13
14touch "$exceptionList"
15touch "$MYLOG"
16
17/bin/echo "=================Start `date "+DATE: %m-%d-%Y TIME: %H:%M:%S"`===================" >> "$MYLOG"
18for MYSITE in "${SITES[@]}"
19    do
20        if grep -Fxq "$MYSITE" "$exceptionList"
21        then
22            /bin/echo "NOT ADDED:  $MYSITE - Already exists." >> "$MYLOG"
23        else
24            echo "$MYSITE" >> "$exceptionList"
25            /bin/echo "ADDED:  $MYSITE" >> "$MYLOG"
26        fi
27    done
28
29/bin/echo "=================Complete `date "+DATE: %m-%d-%Y TIME: %H:%M:%S"`===================" >> "$MYLOG"

Your users should be able to manage exceptions on their own as well, as that should be a user-level function. I have a post showing how they can add entries themselves:

http://derflounder.wordpress.com/2014/01/15/oracle-java-7-update-51-blocks-unsigned-java-applets-by-default/

Thank you!

The 2nd option seems to be the best to me, however using Casper to push down some Config Profiles to 10.9.x seems to automatically grey out the Java settings, so the users don't have access to that.

Edit: FOund this which is supposed to address my greyed out preference - https://jamfnation.jamfsoftware.com/article.html?id=204

@jwojda:

I followed that article for Java and Wacom tablet prefs. Worked like a charm.

I was trying to figure out how to handle exceptions where the site changes port numbers throughout the session.

Wildcards don't seem to work from my tests so far...

E.g. server starts out of servername:2002 and then after a login I've watched it change to another port number and the process continues throughout the session where the URL changes to a different port number.

It is a Cisco web tool that we're using and it is doing this...

Any thoughts on handling exceptions lists with a wildcard? Trying to capture all the ports would be a nightmare...

Hey Rick, I am facing the same problem with CISCO ACS. did you find a solution ?

Regards,