Developers: As of 7u51, (January, 2014), your Rich Internet Applications (RIAs, also known as Applets and Web Start applications) must be updated. The updates required are on the packaging and distribution; no API code changes should be required. The impetus for these changes relates to potential re-purposing of sandboxed applications, whereby placing permissions within a signed JAR prevents modification of your specified permission level.
RIAs must contain two things:
See the Java Platform Group Product Management blog for more information.Java 7 Update 45 (7u45), October 2013: LiveConnect calls will ask permission before interacting with Rich Internet Applications
Java - Help (Java.com)
Security level settings in the Java Control Panel
Java SE Security Secure Coding Guidelines for the Java Programming Language
JAR File Manifest Attributes for Security
Java SE Security Documentation
Technical information about the signed code change
Oracle Java SE Support provides 24x7 email and phone support for mission-critical applications
Oracle Java SE Advanced and Oracle Java SE Suite products provide enterprise features that minimize the costs of deployment, monitoring, and maintenance of Java-based IT environments.
Deployment Rule Sets for whitelisting applications
Deployment Best Practices
Java Rich Internet Applications Guide
Tutorial: Security Features in Java SE