That may work, but there seems to be a "security" hole. A client could change the properties if they knew about them. Well, I guess JNLP suffers from the same thing because if you can pull a copy of the JNLP from a cache, then you can modify the properties in there and run the JNLP locally.
[Message sent by forum member 'culli' (jim.cullison_at_gmail.com)]
http://forums.java.net/jive/thread.jspa?messageID=380465