Java.lang.SecurityException: Jurisdiction policy files are not signed by t

Similar Messages

• Jurisdiction policy files are not signed by trusted signers!

  Hi All,
  I am getting the following Security exception while running a Java stand-alone program on Linux.
  The stand-alone program internally calls the JCE (Java Cryptography Extension) library for Encryption of data. The JCE Unlimited Strength Jurisdiction policy files are downloaded from Sun.
  Does anybody have the solution for this error?
  Is there Security policy modification to be made for the same?
  Exception in thread "main" java.lang.ExceptionInInitializerError
  at javax.crypto.Cipher.a(Unknown Source)
  at javax.crypto.Cipher.getInstance(Unknown Source)
  at lncrypt.LnCryptBase.encryptImpl(LnCryptBase.java:122)
  at lncrypt.LnAes.encrypt(LnAes.java:78)
  at CloakingUtils.encrypt(CloakingUtils.java:69)
  at AlertsMigrationSweepUtil.updateAlerts(AlertsMigrationSweepUtil.java:203)
  at AlertsMigrationSweepUtil.main(AlertsMigrationSweepUtil.java:65)
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
  at javax.crypto.e.<clinit>(Unknown Source)
  ... 7 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
  at javax.crypto.e.a(Unknown Source)
  at javax.crypto.e.a(Unknown Source)
  at javax.crypto.e.g(Unknown Source)
  at javax.crypto.f.run(Unknown Source)
  at java.security.AccessController.doPrivileged1(Native Method)
  at java.security.AccessController.doPrivileged(AccessController.java:351)
  ... 8 more
  Regards,
  Vilas Kulkarni

  Make sure that which javaindicates the Java executable you expect.

• Java.lang.SecurityException: Authentication denied: Boot identity not valid

  Hi,
  When I try to start up the WebLogic server by running a startup script
  in the WebLogic server root directory, I am getting the following
  error:
  <Apr 23, 2003 1:15:11 PM EDT> <Critical> <WebLogicServer> <000364>
  <Server failed during initialization.
  Exception:java.lang.SecurityException: Authentication denied: Boot
  identity not valid
  java.lang.SecurityException: Authentication denied: Boot identity not
  valid
  at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
  at weblogic.Server.main(Server.java:32)
  >
  <Apr 23, 2003 1:15:11 PM EDT> <Emergency> <WebLogicServer> <000342>
  <Unable to initialize the server: Fatal initialization exception
  Throwable: java.lang.SecurityException: Authentication denied: Boot
  identity not valid
  java.lang.SecurityException: Authentication denied: Boot identity not
  valid
  at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
  at weblogic.Server.main(Server.java:32)
  >
  The WebLogic Server did not start up properly.
  Exception raised:
  java.lang.SecurityException: Authentication denied: Boot identity not
  valid
  at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
  at weblogic.Server.main(Server.java:32)
  Reason: Fatal initialization exception
  Throwable: java.lang.SecurityException: Authentication denied: Boot
  identity not valid
  java.lang.SecurityException: Authentication denied: Boot identity not
  valid
  at weblogic.security.service.SecurityServiceManager.doBootAuthorization(SecurityServiceManager.java:1074)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:1216)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:723)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:594)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:282)
  at weblogic.Server.main(Server.java:32)
  I am also pasting below the source code of the startup script that I
  am using to start WebLogic server:
  #!/bin/sh
  # This script is used to start WebLogic Server.
  # To create your own start script for your domain, simply set the
  SERVER_NAME
  # variable to your server name then call this script from your domain
  # directory.
  # This script sets the following variables before starting WebLogic
  Server:
  # WL_HOME - The root directory of your WebLogic installation
  # JAVA_HOME - Location of the version of Java used to start
  WebLogic
  # Server. This variable must point to the root
  directory of a
  # JDK installation and will be set for you by the
  installer.
  # See the WebLogic platform support page
  # (http://e-docs.bea.com/wls/platforms/index.html)
  for an up-to-date list of
  # supported JVMs on your platform.
  # PATH - Adds the JDK and WebLogic directories to the system
  path.
  # CLASSPATH - Adds the JDK and WebLogic jars to the classpath.
  # JAVA_OPTIONS - Java command-line options for running the server.
  # Other variables that startWLS takes are:
  # ADMIN_URL - If this variable is set, the server started will be
  a
  # managed server, and will look to the url specified
  (i.e.
  # http://localhost:7001) as the admin server.
  # WLS_USER - Admin username for server startup
  # WLS_PW - Cleartext password for server startup
  # STARTMODE - Set to true for production mode servers, false for
  # development mode
  # JAVA_OPTIONS - Java command-line options for running the server.
  (These
  # will be tagged on to the end of the JAVA_VM and
  MEM_ARGS)
  # JAVA_VM - The java arg specifying the VM to run. (i.e.
  -server,
  # -hotspot, etc.)
  # MEM_ARGS - The variable to override the standard memory
  arguments
  # passed to java
  # PRE_CLASSPATH - Path style variable to be added to the beginning of
  the
  # CLASSPATH
  # POST_CLASSPATH - Path style variable to be added to the end of the
  # CLASSPATH
  # PRE_PATH - Path style variable to be added to the beginning of
  the
  # PATH
  # POST_PATH - Path style variable to be added to the end of the
  PATH
  # Alternately, this script will take the first two positional
  parameters and
  # set them to SERVER_NAME and ADMIN_URL. For instance, you could call
  this
  # script: "sh startWLS.sh myserver http://localhost:7001" to start a
  # managed server named myserver, or just "sh startWLS.sh myserver"
  # to start a server named myserver.
  # jDriver for Oracle users: This script assumes that native libraries
  required
  # for jDriver for Oracle have been installed in the proper location
  and that
  # your os specific library path variable (i.e.
  LD_LIBRARY_PATH/solaris,
  # SHLIB_PATH/hpux, etc...) has been set appropriately. Also note that
  this
  # script defaults to the oci817_8 version of the shared libraries. If
  this is
  # not the version you need, please adjust the library path variable
  # accordingly.
  # For additional information, refer to the WebLogic Server
  Administration Guide
  # (http://e-docs.bea.com/wls/docs70/adminguide/startstop.html).
  WL_HOME="/usr/local/bea/weblogic700"
  JAVA_HOME="/usr/local/bea/jdk131_06"
  . ${WL_HOME}/common/bin/commEnv.sh
  # Check that the WebLogic classes are where we expect them to be
  if [ ! -f "${WL_HOME}/server/lib/weblogic.jar" ]; then
  echo
  echo "The WebLogic Server wasn't found in directory
  ${WL_HOME}/server."
  echo "Please edit your script so that the WL_HOME variable points"
  echo "to the WebLogic installation directory."
  # Check that java is where we expect it to be
  elif [ ! -d "${JAVA_HOME}/bin" ]; then
  echo
  echo "The JDK wasn't found in directory ${JAVA_HOME}."
  echo "Please edit your script so that the JAVA_HOME variable"
  echo "points to the location of your JDK."
  else
  # Grab some file descriptors.
  if [ ! -n "`uname -s |grep -i cygwin || uname -s |grep -i windows_nt`"
  ]; then
  maxfiles=`ulimit -H -n`
  if [ !$? -a "${maxfiles}" != 1024 ]; then
  if [ "${maxfiles}" = "unlimited" ]; then
  maxfiles=1025
  fi
  if [ "${maxfiles}" -lt 1024 ]; then
  ulimit -n ${maxfiles}
  else
  ulimit -n 1024
  fi
  fi
  fi
  # Set first two positional parameters to SERVER_NAME and ADMIN_URL
  if [ -n "${1}" -a "${SERVER_NAME}" = "" ]; then
  SERVER_NAME="${1}"
  fi
  if [ -n "${2}" -a "${ADMIN_URL}" = "" ]; then
  ADMIN_URL="${2}"
  fi
  # Figure out how to use our shared libraries
  case `uname -s` in
  AIX)
  if [ -n "${LIBPATH}" ]; then
  LIBPATH="${LIBPATH}:${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
  else
  LIBPATH="${WL_HOME}/server/lib/aix:${WL_HOME}/server/lib/aix/oci817_8"
  fi
  PATH="${WL_HOME}/server/lib/aix:${PATH}"
  export LIBPATH PATH
  export AIXTHREAD_SCOPE=S
  export AIXTHREAD_MUTEX_DEBUG=OFF
  export AIXTHREAD_RWLOCK_DEBUG=OFF
  export AIXTHREAD_COND_DEBUG=OFF
  echo "LIBPATH=${LIBPATH}"
  HP-UX)
  if [ -n "${SHLIB_PATH}" ]; then
  SHLIB_PATH="${SHLIB_PATH}:${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
  else
  SHLIB_PATH="${WL_HOME}/server/lib/hpux11:${WL_HOME}/server/lib/hpux11/oci817_8"
  fi
  PATH="${WL_HOME}/server/lib/hpux11:${PATH}"
  export SHLIB_PATH PATH
  echo "SHLIB_PATH=${SHLIB_PATH}"
  IRIX)
  if [ -n "${LD_LIBRARY_PATH}" ]; then
  LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/irix"
  else
  LD_LIBRARY_PATH="${WL_HOME}/server/lib/irix"
  fi
  PATH="${WL_HOME}/server/lib/irix:${PATH}"
  export LD_LIBRARY_PATH PATH
  echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
  LINUX|Linux)
  arch=`uname -m`
  if [ -n "${LD_LIBRARY_PATH}" ]; then
  LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
  else
  LD_LIBRARY_PATH="${WL_HOME}/server/lib/linux/${arch}:${WL_HOME}/server/lib/linux/${arch}/oci817_8"
  fi
  PATH="${WL_HOME}/server/lib/linux:${PATH}"
  export LD_LIBRARY_PATH PATH
  echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
  OSF1)
  if [ -n "${LD_LIBRARY_PATH}" ]; then
  LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/tru64unix"
  else
  LD_LIBRARY_PATH="${WL_HOME}/server/lib/tru64unix"
  fi
  PATH="${WL_HOME}/server/lib/tru64unix:${PATH}"
  export LD_LIBRARY_PATH PATH
  echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
  SunOS)
  if [ -n "${LD_LIBRARY_PATH}" ]; then
  LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
  else
  LD_LIBRARY_PATH="${WL_HOME}/server/lib/solaris:${WL_HOME}/server/lib/solaris/oci817_8"
  fi
  PATH="${WL_HOME}/server/lib/solaris:${PATH}"
  export LD_LIBRARY_PATH PATH
  echo "LD_LIBRARY_PATH=${LD_LIBRARY_PATH}"
  if [ "${JAVA_VM}" = "" ]
  then
  # JAVA_VM=-server
  JAVA_VM=${COMM_SERVER_VM}
  fi
  Windows_NT*)
  if [ "${JAVA_VM}" = "" ]
  then
  # JAVA_VM=-hotspot
  JAVA_VM=${COMM_VM}
  fi
  PATHSEP=\;
  CLASSPATHSEP=\;
  CYGWIN*)
  if [ "${JAVA_VM}" = "" ]
  then
  # JAVA_VM=-hotspot
  JAVA_VM=${COMM_VM}
  fi
  CLASSPATHSEP=\;
  echo "$0: Don't know how to set the shared library path for `uname
  -s`. "
  esac
  if [ "${MEM_ARGS}" = "" ]
  then
  MEM_ARGS="-Xms32m -Xmx200m"
  fi
  if [ "${PATHSEP}" = "" ]; then
  PATHSEP=:
  fi
  if [ "${CLASSPATHSEP}" = "" ]; then
  CLASSPATHSEP=:
  fi
  CLASSPATH="${JAVA_HOME}/lib/tools.jar${CLASSPATHSEP}${WL_HOME}/server${CLASSPATHSEP}${WL_HOME}/server/lib/weblogic_sp.jar${CLASSPATHSEP}${WL_H
  OME}/server/lib/weblogic.jar${CLASSPATHSEP}${CLASSPATH}"
  # If we are on an old version of Cygnus we need to turn <letter>:/ in
  the path
  # to //<letter>/
  if [ `uname -s` = "CYGWIN32/NT" ]; then
  WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
  JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#//\1#g"`
  fi
  # If we are on an new version of Cygnus we need to turn <letter>:/ in
  the path
  # to /cygdrive/<letter>/
  if [ -n "`uname -s |grep -i cygwin_`" ]; then
  WL_HOME=`echo $WL_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
  JAVA_HOME=`echo $JAVA_HOME | sed "s#\([a-zA-Z]\):#/cygdrive/\1#g"`
  fi
  PATH=".${PATHSEP}${WL_HOME}/server/bin${PATHSEP}${JAVA_HOME}/jre/bin${PATHSEP}${JAVA_HOME}/bin${PATHSEP}${PATH}"
  # Import extended environment
  if [ -f extEnv.sh ]; then
  . extEnv.sh
  fi
  if [ ! -z "${EXT_PRE_CLASSPATH}" ]; then
  CLASSPATH="${EXT_PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
  fi
  if [ ! -z "${EXT_POST_CLASSPATH}" ]; then
  CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${EXT_POST_CLASSPATH}"
  fi
  if [ ! -z "${EXT_PRE_PATH}" ]; then
  PATH="${EXT_PRE_PATH}${PATHSEP}${PATH}"
  fi
  if [ ! -z "${EXT_POST_PATH}" ]; then
  PATH="${PATH}${PATHSEP}${EXT_POST_PATH}"
  fi
  # Get PRE and POST environment
  if [ ! -z "${PRE_CLASSPATH}" ]; then
  CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${CLASSPATH}"
  fi
  if [ ! -z "${POST_CLASSPATH}" ]; then
  CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}"
  fi
  if [ ! -z "${PRE_PATH}" ]; then
  PATH="${PRE_PATH}${PATHSEP}${PATH}"
  fi
  if [ ! -z "${POST_PATH}" ]; then
  PATH="${PATH}${PATHSEP}${POST_PATH}"
  fi
  echo CLASSPATH=${CLASSPATH}
  echo
  echo PATH=${PATH}
  echo
  echo "***************************************************"
  echo "* To start WebLogic Server, use a username and *"
  echo "* password assigned to an admin-level user. For *"
  echo "* server administration, use the WebLogic Server *"
  echo "* console at http://<hostname>:<port>/console *"
  echo "***************************************************"
  if [ "$ADMIN_URL" != "" ]
  then
  set -x
  "${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
  -classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
  -Dbea.home="/usr/local
  /bea" -Dweblogic.management.username=${WLS_USER}
  -Dweblogic.management.password=${WLS_PW}
  -Dweblogic.management.server=${ADMIN_URL} -Dweblogic
  .ProductionModeEnabled=${STARTMODE}
  -Djava.security.policy="${WL_HOME}/server/lib/weblogic.policy"
  weblogic.Server
  else
  set -x
  "${JAVA_HOME}/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}
  -classpath "${CLASSPATH}" -Dweblogic.Name=${SERVER_NAME}
  -Dbea.home="/usr/local
  /bea" -Dweblogic.management.username=${WLS_USER}
  -Dweblogic.management.password=${WLS_PW}
  -Dweblogic.ProductionModeEnabled=${STARTMODE} -Djava
  .security.policy="${WL_HOME}/server/lib/weblogic.policy"
  weblogic.Server
  fi
  set +x
  fi
  --------------END OF SCRIPT----------
  So can you please look at the exception and the above-pasted source
  code of the startup script file and let me know what needs to be done
  to fix the error?
  Thanks,
  Kalpana

  Senthil,
  What may have happened is that the boot identity (e.g., the "weblogic" user) is no longer in the realm. Or, you added a second authenticator which has a Control Flag of Required but the weblogic user cannot be found there.
  If it's the first scenario, add the weblogic user (and his inclusion in the Administrators group) to the data store for your authenticator.
  If it's the second scenario, you need to change the Control Flag to something less drastic such as Sufficient. In this case, you can't make the change in WebLogic Console since you can't boot your server. Have a look in config.xml and see if your newly created authenticator is listed there. If it is, change the Control Flag and try to reboot the server.
  Otherwise, copy config.xml.booted to config.xml and start your server. You'll have to re-do your security realm changes, though.
  HTH,
  Mike

• Java.lang.IllegalArgumentException: References to entities are not allowed

  Hi,
  I am using Berkely DB(native edition) 5.0.21 version. I have a couple classes as defined below:
  Class - 1:
  package bdb.test;
  import java.util.List;
  import com.sleepycat.persist.model.Entity;
  import com.sleepycat.persist.model.PrimaryKey;
  @Entity
  public class Employee {
       @PrimaryKey
       private String id ;
       private String name;
       private List<Employee> reportingManagers ;
       public String getId() {
            return id;
       public void setId(String id) {
            this.id = id;
       public String getName() {
            return name;
       public void setName(String name) {
            this.name = name;
       public List<Employee> getReportingManagers() {
            return reportingManagers;
       public void setReportingManagers(List<Employee> managers) {
            this.reportingManagers = managers;
  Class - 2 :
  package bdb.test;
  import java.io.File;
  import java.io.FileNotFoundException;
  import java.util.ArrayList;
  import java.util.List;
  import com.sleepycat.db.DatabaseException;
  import com.sleepycat.db.Environment;
  import com.sleepycat.db.EnvironmentConfig;
  import com.sleepycat.persist.EntityStore;
  import com.sleepycat.persist.PrimaryIndex;
  import com.sleepycat.persist.StoreConfig;
       public class BDBTest{
            public static void main(String agrs[]){
                 Environment myEnv;
                 EntityStore store;
                 try {
                      EnvironmentConfig myEnvConfig = new EnvironmentConfig();
                      myEnvConfig.setCacheSize(30000);
                      StoreConfig storeConfig = new StoreConfig();
                      myEnvConfig.setAllowCreate(true);
                      myEnvConfig.setInitializeCache(true);
                      storeConfig.setAllowCreate(true);
                      try {
                      // Open the environment and entity store
                      myEnv = new Environment(new File("c:\\BDBTEST\\"), myEnvConfig);
                      store = new EntityStore(myEnv, "MyStore", storeConfig);
                      PrimaryIndex<String, Employee> primaryIndex = store.getPrimaryIndex(String.class, Employee.class);
                      // write Employee
                      Employee employee = buildEmployee("E1", "EMP1");
                      primaryIndex.putNoReturn(employee);
                 } catch (FileNotFoundException fnfe) {
                      System.err.println(fnfe.toString());
                      System.exit(-1);
                 } catch(DatabaseException dbe) {
                      System.err.println("Error opening environment and store: " +
                      dbe.toString());
                      System.exit(-1);
            public static Employee buildEmployee(String id,String name){
                 Employee employee = new Employee();
                 employee.setId(id);
                 employee.setName(name);
                 employee.setManagers(buildManager());
                 return employee;
            public static List<Employee> buildManager(){
                 List <Employee> managers = new ArrayList<Employee>();
                 Employee manager1 = new Employee();
                 manager1.setId("M111");
                 manager1.setName("Manager1");
                 Employee manager2 = new Employee();
                 manager2.setId("M222");
                 manager2.setName("Manager2");
                 managers.add(manager2);
                 return managers;
  While running the Class 2, I am getting the following exception :
  Exception in thread "main" java.lang.IllegalArgumentException: References to entities are not allowed: bdb.test.Employee
       at com.sleepycat.persist.impl.RecordOutput.writeObject(RecordOutput.java:94)
       at com.sleepycat.persist.impl.ObjectArrayFormat.writeObject(ObjectArrayFormat.java:137)
       at com.sleepycat.persist.impl.RecordOutput.writeObject(RecordOutput.java:114)
       at com.sleepycat.persist.impl.ReflectionAccessor$ObjectAccess.write(ReflectionAccessor.java:398)
       at com.sleepycat.persist.impl.ReflectionAccessor.writeNonKeyFields(ReflectionAccessor.java:258)
       at com.sleepycat.persist.impl.ReflectionAccessor.writeNonKeyFields(ReflectionAccessor.java:255)
       at com.sleepycat.persist.impl.ComplexFormat.writeObject(ComplexFormat.java:528)
       at com.sleepycat.persist.impl.ProxiedFormat.writeObject(ProxiedFormat.java:116)
       at com.sleepycat.persist.impl.RecordOutput.writeObject(RecordOutput.java:114)
       at com.sleepycat.persist.impl.ReflectionAccessor$ObjectAccess.write(ReflectionAccessor.java:398)
       at com.sleepycat.persist.impl.ReflectionAccessor.writeNonKeyFields(ReflectionAccessor.java:258)
       at com.sleepycat.persist.impl.ComplexFormat.writeObject(ComplexFormat.java:528)
       at com.sleepycat.persist.impl.PersistEntityBinding.writeEntity(PersistEntityBinding.java:103)
       at com.sleepycat.persist.impl.PersistEntityBinding.objectToData(PersistEntityBinding.java:83)
       at com.sleepycat.persist.PrimaryIndex.putNoOverwrite(PrimaryIndex.java:474)
       at com.sleepycat.persist.PrimaryIndex.putNoOverwrite(PrimaryIndex.java:449)
       at bdb.test.BDBTest.main(BDBTest.java:42)
  Question : In the above example reportingManagers is also a list of Employee classes. Can't I self reference a object with in the same object ? How do I store list of reportingManagers in this example? Any help is highly appreciated.
  Thanks,
  Bibhu

  Hi Sandra,
  Thanks for the reply.
  Is there any restrictions in Berkeley DB to store cyclic referencing objects?
  API documentation for Entity annotation talks about cyclic references in one of section but contradicts the same in another section. Please refer the link below:
  [ http://download.oracle.com/docs/cd/E17076_02/html/java/com/sleepycat/persist/model/Entity.html]
  Following sections of this documentation contradicts each other. I have highlighted both of them in bold.
  Other Type Restrictions:
  Entity classes and subclasses may not be used in field declarations for persistent types. Fields of entity classes and subclasses must be simple types or non-entity persistent types (annotated with Persistent not with Entity).
  If a field of an Entity needs to reference an object, the referenced object should be marked with @Persistent and not with @Entity. So, self referencing is not possible as the main class would have been marked with @Entity.
  Embedded Objects
  As stated above, the embedded (or member) non-transient non-static fields of an entity class are themselves persistent and are stored along with their parent entity object. This allows embedded objects to be stored in an entity to an arbitrary depth.
  There is no arbitrary limit to the nesting depth of embedded objects within an entity; however, there is a practical limit. When an entity is marshalled, each level of nesting is implemented internally via recursive method calls. If the nesting depth is large enough, a StackOverflowError can occur. In practice, this has been observed with a nesting depth of 12,000, using the default Java stack size. This restriction on the nesting depth of embedded objects does not apply to cyclic references, since these are handled specially as described below.
  Self referencing is possible.
  Object Graphs
  When an entity instance is stored, the graph of objects referenced via its fields is stored and retrieved as a graph. In other words, if a single instance is referenced by two or more fields when the entity is stored, the same will be true when the entity is retrieved. When a reference to a particular object is stored as a member field inside that object or one of its embedded objects, this is called a cyclic reference. Because multiple references to a single object are stored as such, cycles are also represented correctly and do not cause infinite recursion or infinite processing loops. If an entity containing a cyclic reference is stored, the cyclic reference will be present when the entity is retrieved.
  My question:
  In the above first highlighted section says to store a referenced/embedded object it needs be marked with @Persistent and not with @Entity annotation. That rules out storage of cyclic referencing object since the main object would have been already marked with @Entity annotation. The second section indicates having support for cyclic references.
  So, Is it possible to store cyclic referencing objects in BDB? if yes, how it should be done?
  Thanks,
  Bibhu
  Edited by: user12848956 on Jan 20, 2011 7:19 AM

• JAR resources in JNLP file are not signed by same certificate

  I am running my application under Java Web Start with different jars signed. I following the advances use multiple JAR files in JNLP files below.
  But i message error "+*JAR resources in JNLP file are not signed by same certificate*+" is posted still.
  Could you please help me to solve it?
  Thanks
  Best Regards,
  Tuan Pham
  index.jnlp_
  +<?xml version="1.0" encoding="utf-8"?>+
  +<jnlp spec="1.0+" codebase="http://localhost:8080/quotationsys" href="index.jnlp">
  +<information>+
  +<title>File Viewer</title>+
  +<vendor>IBM developerWorks</vendor>+
  +<homepage href="index.html"/>+
  +<description>File Viewer</description>+
  +<description kind="short">File Viewer</description>+
  +</information>+
  +<security>+
  +<all-permissions/>+
  +</security>+
  +<resources>+
  +<j2se version="1.5.0_*" />+
  +<jar href="quotationsys.jar"/>+
  +<nativelib href="swt-lib.jar"/>+
  +<jar href="swt.jar"/>+
  +<extension href="extlib.jnlp"/>+
  +</resources>+
  +<application-desc main-class="layout.MainMenu"/>+
  +</jnlp>+
  extlib.jnlp_
  +<?xml version="1.0" encoding="utf-8"?>+
  +<jnlp spec="1.0+" codebase="http://localhost:8080/quotationsys" href="index.jnlp">
  +<information>+
  +<title>File Viewer</title>+
  +<vendor>IBM developerWorks</vendor>+
  +<homepage href="index.html"/>+
  +<description>File Viewer</description>+
  +<description kind="short">File Viewer</description>+
  +</information>+
  +<security>+
  +<all-permissions/>+
  +</security>+
  +<resources>+
  <jar href="cvom.jar"/>           
  <jar href="CrystalReportsRuntime.jar"/>
  <jar href="CrystalCommon2.jar"/>
  <jar href="DatabaseConnectors.jar"/>
  <jar href="JDBInterface.jar"/>
  <jar href="keycodeDecoder.jar"/>
  <jar href="pfjgraphics.jar"/>
  <jar href="QueryBuilder.jar"/>
  <jar href="commons-collections-3.1.jar"/>
  <jar href="commons-configuration-1.2.jar"/>
  <jar href="commons-lang-2.1.jar"/>
  <jar href="commons-logging.jar"/>
  <jar href="com.ibm.icu_3.8.1.v20080530.jar"/>
  <jar href="log4j.jar"/>
  <jar href="xpp3.jar"/>
  <jar href="jai_imageio.jar"/>
  <jar href="logging.jar"/>
  <jar href="com.azalea.ufl.barcode.1.0.jar"/>
  +</resources>+
  +<component-desc/>+
  +</jnlp>+
  Edited by: pttuan on Apr 13, 2009 1:55 AM

  Are all of the jars in extlib.jnlp signed by the same cert? I think that the extension mechanism lets you get around having all of the jars for an overall app have the same signer, but I think it's still required that all of the jars within a given jnlp file have to have the same signer. So for you, all the jars in index.jnlp have to be signed by "cert A" and all the jars in extlib.jnlp have to be signed by "cert B". If that's not the case, you may need to split it up into multiple extensions.

• Web Start : JAR resources in JNLP file are not signed by same certificate

  What does this error mean exactly?
  All the jars in this JNLP file are signed by the same certificate it's just that some of them are also signed by another certificate.
  According to this closed/fixed bug : http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4928787
  Web Start should not be rejecting jars due to multiple signers???
  Is this a regression in 1.6? or was this never actually fixed?
  I can make this work by not signing these 'presigned' jars and putting them into extension JNLP files but this is less than desirable.
  Some reasons for not using the extension JNLP:
  -- Avoid this bug (which is also marked closed but not fixed) --> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6566071
  -- I would like to sign all the jars I deliver with my own certificate.
  -- I would also like to give my clients the ability so sign the jars themselves (their own certificate) after they certify the application for distribution throughout their organization.

  Thanks for responding.
  Here is an example that will show the problem. If you want to try yourself:
  NanoHTTPD.java is from here -> [http://elonen.iki.fi/code/nanohttpd/|http://elonen.iki.fi/code/nanohttpd/]
  C:\test>java -version
  java version "1.6.0_03"
  Java(TM) SE Runtime Environment (build 1.6.0_03-b05)
  Java HotSpot(TM) Client VM (build 1.6.0_03-b05, mixed mode)
  C:\test>dir
  Volume in drive C has no label.
  Volume Serial Number is CCC7-E05D
  Directory of C:\test
  04/10/2008  12:34 PM    <DIR>          .
  04/10/2008  12:34 PM    <DIR>          ..
  04/10/2008  11:04 AM               130 hello.java
  04/10/2008  11:30 AM               500 hello.jnlp
  04/10/2008  11:06 AM                89 hellohelper.java
  04/10/2008  09:52 AM            20,547 NanoHTTPD.java
                 4 File(s)         21,266 bytes
                 2 Dir(s)  26,292,060,160 bytes free
  C:\test>type hello.java
  public class hello
  public static void main(String[] args)
  System.out.printf("Hello %s\n",hellohelper.getString());
  C:\test>type hellohelper.java
  public class hellohelper
  public static String getString()
  return "World";
  C:\test>type hello.jnlp
  <?xml version="1.0" encoding="utf-8"?>
  <jnlp spec="1.0+" codebase="http://localhost/" href="" >
      <information>
          <title>hello</title>
          <vendor>hello</vendor>
          <description>hello</description>
      </information>
      <security>
          <all-permissions/>
      </security>
      <resources>
          <j2se version="1.6" />
          <jar href="hello.jar"/>
          <jar href="hellohelper.jar"/>
      </resources>
      <application-desc main-class="hello"/>
  </jnlp>
  C:\test>javac *.java
  Note: NanoHTTPD.java uses or overrides a deprecated API.
  Note: Recompile with -Xlint:deprecation for details.
  Note: NanoHTTPD.java uses unchecked or unsafe operations.
  Note: Recompile with -Xlint:unchecked for details.
  C:\test>jar cvf hello.jar hello.class
  added manifest
  adding: hello.class(in = 524) (out= 332)(deflated 36%)
  C:\test>jar cvf hellohelper.jar hellohelper.class
  added manifest
  adding: hellohelper.class(in = 283) (out= 212)(deflated 25%)
  C:\test>keytool.exe -genkey -alias hello1 -keystore hello1keys.jks -dname cn=hello1 -storepass hello1 -keypass hello1
  C:\test>keytool.exe -genkey -alias hello2 -keystore hello2keys.jks -dname cn=hello2 -storepass hello2 -keypass hello2
  C:\test>jarsigner -keystore hello1keys.jks -keypass hello1 -storepass hello1 hellohelper.jar hello1
  Warning:
  The signer certificate will expire within six months.
  C:\test>jarsigner -keystore hello1keys.jks -keypass hello1 -storepass hello1 hello.jar hello1
  Warning:
  The signer certificate will expire within six months.
  C:\test>start java -cp . NanoHTTPD
  C:\test>javaws hello.jnlpAt this point click accept to trust the code and the program runs. Here is the console output:
  Java Web Start 1.6.0_03
  Using JRE version 1.6.0_03 Java HotSpot(TM) Client VM
  User home directory = C:\Documents and Settings\4381
  c:   clear console window
  f:   finalize objects on finalization queue
  g:   garbage collect
  h:   display this help message
  m:   print memory usage
  o:   trigger logging
  p:   reload proxy configuration
  q:   hide console
  r:   reload policy configuration
  s:   dump system and deployment properties
  t:   dump thread list
  v:   dump thread stack
  0-5: set trace level to <n>
  Hello WorldNow for second signature, and run again:
  C:\test>jarsigner -keystore hello2keys.jks -keypass hello2 -storepass hello2 hellohelper.jar hello2
  Warning:
  The signer certificate will expire within six months.
  C:\test>javaws hello.jnlpThis time it fails. Console output:
  Java Web Start 1.6.0_03
  Using JRE version 1.6.0_03 Java HotSpot(TM) Client VM
  User home directory = C:\Documents and Settings\4381
  c:   clear console window
  f:   finalize objects on finalization queue
  g:   garbage collect
  h:   display this help message
  m:   print memory usage
  o:   trigger logging
  p:   reload proxy configuration
  q:   hide console
  r:   reload policy configuration
  s:   dump system and deployment properties
  t:   dump thread list
  v:   dump thread stack
  0-5: set trace level to <n>
  #### Java Web Start Error:
  #### JAR resources in JNLP file are not signed by same certificateTo verify jars:
  C:\test>jarsigner -verify -verbose -certs hello.jar
           135 Thu Apr 10 12:39:26 CDT 2008 META-INF/MANIFEST.MF
           256 Thu Apr 10 12:39:26 CDT 2008 META-INF/HELLO1.SF
           770 Thu Apr 10 12:39:26 CDT 2008 META-INF/HELLO1.DSA
             0 Thu Apr 10 12:37:36 CDT 2008 META-INF/
  sm       524 Thu Apr 10 12:37:04 CDT 2008 hello.class
        X.509, CN=hello1
        [certificate will expire on 7/9/08 12:38 PM]
    s = signature was verified
    m = entry is listed in manifest
    k = at least one certificate was found in keystore
    i = at least one certificate was found in identity scope
  jar verified.
  Warning:
  This jar contains entries whose signer certificate will expire within six months.
  C:\test>jarsigner -verify -verbose -certs hellohelper.jar
           141 Thu Apr 10 12:38:56 CDT 2008 META-INF/MANIFEST.MF
           262 Thu Apr 10 12:41:30 CDT 2008 META-INF/HELLO2.SF
           770 Thu Apr 10 12:41:30 CDT 2008 META-INF/HELLO2.DSA
           262 Thu Apr 10 12:38:56 CDT 2008 META-INF/HELLO1.SF
           770 Thu Apr 10 12:38:56 CDT 2008 META-INF/HELLO1.DSA
             0 Thu Apr 10 12:37:44 CDT 2008 META-INF/
  sm       283 Thu Apr 10 12:37:04 CDT 2008 hellohelper.class
        X.509, CN=hello2
        [certificate will expire on 7/9/08 12:38 PM]
        X.509, CN=hello1
        [certificate will expire on 7/9/08 12:38 PM]
    s = signature was verified
    m = entry is listed in manifest
    k = at least one certificate was found in keystore
    i = at least one certificate was found in identity scope
  jar verified.
  Warning:
  This jar contains entries whose signer certificate will expire within six months.Why does javaws say: "JAR resources in JNLP file are not signed by same certificate" when clearly they are both signed by the same certificate (the one aliased by CN=hello1)?

• Error: JAR-Ressources in JNLP-File are not signed from the same Certificate

  I have two handfull jars, all signed in batch with the same
  Certificate. When i start my App with Webstart it tells me:
  Your JAR-Ressources in JNLP-File are not signed from the same Certificate.
  "JAR-Ressourcen in JNLP-Datei sind nicht von demselben Zertifikat signiert"
  Well im shure that i signed all my jars with the same Certificate.
  What can i do to solve this problem ???

  I get the same error.
  Strangely exactly every second time it works and every second time I execute the JNLP I get the following error:
  network: Cache-Eintrag nicht gefunden [url: http://localhost:8080/fibo/lib/js_15R41.jar, Version: null]
  network: Verbindung von socket://127.0.0.1:3621 mit Proxy=DIRECT wird hergestellt
  #### Java Web Start Error:
  #### JAR-Ressourcen in JNLP-Datei sind nicht von demselben Zertifikat signiertCan this have something to do with browser caching? So that every 2nd time it tries to access the cache, fails. And than ignores the cache and works?
  Any ideas?
  Cheers,
  Rio

• Frequent - "JAR resources in JNLP file are not signed by same certificate"

  Hi Experts,
  I am not able to open ESR and ID. I am facing "JAR resources in JNLP file are not signed by same certificate" issue. I have gone through SDN forums and solved this issue by deleting the javaws cache and clicking on Restore Archives and Generate New Signature button in the Administrator -> "Java Web Start Administration".
  But my issue is...I have to do this every time when I log into the system. I am using J2SE Development Kit 5.0 and J2SE Runtime Environment Kit 5.0.
  Also it is taking around 5 minutes to open ESR.
  Thanks,
  Phani Akella.

  Hi,
  I have downloaded Jdk6.0 and jre 6.0 and installed it in my system. I am not able to start java webstart using the command javaws in cmd. Any suggestions?  I have un-installed jdk 6.0 and installed jdk and jre 5.0. Now I am facing below issues.
  I am able to log into ID but not ESR. Screenshot shows only 9112 kb of files are downloaded for ESR.
  [ESR Issues|http://www.flickr.com/photos/49754947@N07/?s]

• Java.lang.SecurityException: The provider SunJCE may not be signed by a tru

  Hi All,
  I am trying to implement AES using SunJCE,
  I am running it with j2sdk1.4.2_09
  from Eclipse 3.1
  the jar file is as is and was not tampered with, tried with bouncy castle and still get the same error, is it to do with eclipse, if yes suggest work around
  Here is the code
  import javax.crypto.Cipher;
  public class PrecedenceTest
  public static void main(
  String[] args)
  throws Exception
  Cipher cipher = Cipher.getInstance("AES", "SunJCE");
  System.out.println(cipher.getProvider());
  Please advice me as to what is wrong
  Thanks in advance
  slogger

  This is a FAQ here.
  http://forum.java.sun.com/thread.jspa?forumID=9&threadID=611770

• Jurisdiction Policy Files

  I am implementing a simple cipherstream for commmunication between server and client for a building automation protocol called BACnet. My code compiles but when I attempt to run it I get the following error:
  Exception in thread "main" java.lang.ExceptionInInitializtoinError
  at javax.crypto.SecretKeyFactory.getInstance(DashoA6275)
  at sen.CommMod.main(CommMod.java:30)
  Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
  at javax.crypto.SunJCE_b.<<clinit>(DashoA6275)
  ...2 more
  Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
  at javax.crypto.SunJCE_b.a(DashoA6275)
  at javax.crypto.SunJCE_b.f(DashoA6275)
  at javax.crypto.SunJCE_b.e(DashoA6275)
  at javax.crypto.SunJCE_b.run(DashoA6275)
  at java.security.AccessController.doPriveleged(Native Metthod)
  ... 3 more
  sen is the name of the package and CommMod is the name of my class file. I have edited the java.security file to include SunJCE as a security provider and Sun is listed as the first provider as per the known bugs for the JCE.
  Is there anyway to get my policy files signed by a trusted signer or can I get policy files that will work that are already signed?

  Why is there no reply to this problem from Sun?
  I am also getting the same problem with JDK1.4.2_04 and JCE 1.2.2
  Are the jars that are provided with the JCE 1.2.2 not correctlly signed?

• Jurisdiction policy files not in standard directory

  Hi!
  I'm using cryptix in a class that encrypts emails with PGP.
  Everything works fine on my machine, as I have patched the jurisdiction policy files in $JAVA_HOME\jre\lib\security.
  Unfortunately I haven't got write-access to $JAVA_HOME on the customers machine.
  The jurisdiction policy files are located in a directory where the application runs.
  Now I need a possibility to run my application and passing a parameter that causes JVM to load the jurisdiction policy files from my directory instead of loading the ones installed in the $JAVA_HOME\jre\lib\security directory.
  Any hint is welcome!
  thanks in advance!
  Oli

  Hi!
  I'm using cryptix in a class that encrypts emails with
  PGP.
  Everything works fine on my machine, as I have patched
  the jurisdiction policy files in
  $JAVA_HOME\jre\lib\security.
  Unfortunately I haven't got write-access to $JAVA_HOME
  on the customers machine.
  The jurisdiction policy files are located in a
  directory where the application runs.
  Now I need a possibility to run my application and
  passing a parameter that causes JVM to load the
  jurisdiction policy files from my directory instead of
  loading the ones installed in the
  $JAVA_HOME\jre\lib\security directory.
  Any hint is welcome!
  thanks in advance!
  OliHmm, nobody ever encountered that problem?
  A 'is not possible' or 'does not work' would be adequate statement.
  So, I could convince my boss that it is just not possible... ;)
  thanks.
  Oli

• Java.lang.SecurityException when loading javax.activation.MimeType

  Hi all,
  I'm having this problem when trying to call a WebService in my Server;
  java.lang.SecurityException: class "javax.activation.MimeType"'s signer information does not match signer information of other classes in the same package     
  at java.lang.ClassLoader.checkCerts(ClassLoader.java(Compiled Code))
  at java.lang.ClassLoader.defineClass(ClassLoader.java(Compiled Code))
  at java.security.SecureClassLoader.defineClass(SecureClassLoader.java(Compiled Code))
  at java.net.URLClassLoader.defineClass(URLClassLoader.java(Compiled Code))
  at java.net.URLClassLoader.access$500(URLClassLoader.java(Inlined Compiled Code))
  at java.net.URLClassLoader$ClassFinder.run(URLClassLoader.java(Compiled Code))
  at java.security.AccessController.doPrivileged1(Native Method)
  at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code))
  at java.net.URLClassLoader.findClass(URLClassLoader.java(Compiled Code))
  at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
  at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
  at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java(Compiled Code))
  at java.lang.ClassLoader.loadClass(ClassLoader.java(Compiled Code))
  at org.apache.soap.rpc.SOAPContext.addBodyPart(SOAPContext.java:344)
  at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:403)
  at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:442)
  at org.apache.soap.rpc.SOAPContext.setRootPart(SOAPContext.java:417)
  at org.apache.soap.transport.TransportMessage.save(TransportMessage.java:351)
  at oracle.soap.transport.http.OracleSOAPHTTPConnection.send(OracleSOAPHTTPConnection.java:713)
  at org.apache.soap.rpc.Call.invoke(Call.java:261)
  It seems to work in my local machine (running on JDeveloper10G embedded server), but i cannot make it work in production server (version 10.1.2.0.2) ...
  Any idea of what is going wrong? I know what the error means, but i don't know why it is raising.

  I've tried the webservice standalone (without a servlet frontend) and it seems to work, so i'll post this in the servlets forum.
  Thanks.

• Getting java.lang.SecurityException while sending mail

  While i trying to send mail through web browser i am getting following error.But by calling same function in main method of my Mailer.java class its successful. Will anybody suggest me what am i miss .I m using Tomcat & i already put activation.jar and mail.jar in classpath.
  "java.lang.SecurityException: class "javax.mail.Address";'s signer information does not match signer information of other classes in the same package"
  Regards
  Riaz
  Edited by: Riaz_Ansari on May 2, 2008 12:44 AM

  You've probably got more than one version of the javax.mail.* classes in your CLASSPATH.
  Look for multiple copies of mail.jar, or perhaps a j2ee.jar or javaee.jar that duplicates those
  classes.

• Java: Where are JCE Unlimited Strength Jurisdiction Policy Files for Java for Mac OS X 10.7?

  I need to install the JCE Unlimited Strength Jurisdiction Policy Files for Java 1.6 under Mac OS X 10.7.  I know where to get then from the Sun/Oracle Java download site, but want to make sure that these will work on the Mac.  Or, are there Mac specific versions somewhere?

  There's a  jce.jar file in /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/, so it appears that they're already in place, but that's just a WAG.

• Jaas sample progrma in weblogic 6.1 giving the following error java.lang.SecurityException: attempting to add an object which is not an instance of java.security.Principal to a Subjec

  jaas sample progrma in weblogic 6.1 giving the following error java.lang.SecurityException:
  attempting to add an object which is not an instance of java.security.Principal
  to a Subjec
  on runnig the program during the call of method Authenticate.authenticate(env,
  subject); giving following exceptions Error: Login Exception on authenticate,
  java.lang.SecurityException: attempting to add an object which is not an instance
  of java.security.Principal to a Subjec t's Principal Set Authentication Failed:
  Unexpected Exception, javax.security.auth.login.LoginExce ption: java.lang.SecurityException:
  attempting to add an object which is not an instance of java.security.Principal
  to a Subject's Principal Set javax.security.auth.login.LoginException: javax.security.auth.login.LoginExcepti
  on: java.lang.SecurityException: attempting to add an object which is not an ins
  tance of java.security.Principal to a Subject's Principal Set at examples.security.jaas.SampleLoginModule.login(SampleLoginModule.java
  :192) at java.lang.reflect.Method.invoke(Native Method) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:595)
  at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1 25) at
  javax.security.auth.login.LoginContext$3.run(LoginContext.java:531) at java.security.AccessController.doPrivileged(Native
  Method) at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java
  :528) at javax.security.auth.login.LoginContext.login(LoginContext.java:449) at
  examples.security.jaas.SampleClient.main(SampleClient.java:96)
  1)what is the reason for this problem
  2)in weblogic document they told to edit server.policy file in webligic\lib folder
  a)what the modification is needed in this file..?

  Hi jerry
  i already got that problem solved by removing jaas.jar file
  from class path.
  i don'nt how it is working with out in classpath...?
  Jerry <[email protected]> wrote:
  Hi Nivas,
  I think that the problem you are seeing has something to do with the
  placement of jaas.jar in your classpath
  On WebLogic server, put jaas.jar in the classpath after weblogic.jar.
  I would bet that you have it placed before weblogic.jar right now.
  I don't think the exception that you're seeing right now has anything
  to do with your weblogic.policy file right now, so I think it is
  safe to not worry about it right now.
  Hope this helps,
  Joe Jerry