local jnlp overrules server!?! Security?
i deploy my app with jws and i want to restrict some customers to specific version numbers.
at the beginning every customer had the same jar to download:
now i tried to change the jnlp on the server to something like:
if i dont touch the client jnlp, it will always download the first version without version number.
i tried to delete my jws cache and set up a new jnlp, which was different to the one on the server. just like the example above.
1st startup: it "correctly" loaded the jar, that ist defined in the server-jnlp (xyz-3.2.jar)
2nd startup: it loaded the jar that was defined in the local jnlp!
i don't think, that this is correct, but i didnt find a way to force a specific download, if i couldnt change the local jnlp.
can someone please tell me, if this is intended to be this way. or is it a bug - a security vulnerability. or is there some other way to only change a server jnlp and overrule the local one.