Different signed jars need to be passed to the client.

Similar Messages

• Elements 13 will not download, when I attempt to sign in after entering my pass word the instruction block freezes up, turns white and little square blocks turn around ?

  Elements 13 will not download, when I attempt to sign in after entering my pass word the instruction block freezes up, turns white and little square blocks turn around ? Nothing seems to work and yes it is the right password.

  Is the internet working when you are entering your password?  In PSE12 and PSE13, you need to be online first-time when you register/activate your product.  It is made mandatory for reasons I don't know.

• Hello - I have done  a series of edits on premiere cs6 and now need to transfer info to the client overseas so I have to transfer the rushes and would like to know what I need to provide ( list...) regarding the edit done on the CS6 version  - thank you

  hello - I have done  a series of edits on premiere cs6 and now need to transfer info to the client overseas so I have to transfer the rushes and would like to know what I need to provide ( list...) regarding the edit done on the CS6 version  - thank you

  >I have managed to download the footage onto Picture Motion Browser
  Isn't Picture Motion Browser available for Windows only?  If so, why are you posting in an Final Cut Express forum?  My apologies if I'm incorrect.
  -DH

• Errors are not passed to the client database

  Hello,
  We are using Mobile Client 7.1 with MaxDB database.
  We have a problem with the synchronization. We are developing a
  notification handling application. The problematic scenario is as
  follows:
  The existed notification is modified on the client side. Then the
  client performs the synchronization and the changes are passed to the
  backend via DOE. The syncstate field of the NOTIFICATION table is 202
  (during update). BAPI Wrapper returns an error during the update (i.e.
  because the object is locked or some other reason...). The client
  performs the synchronization one more time in order to receive the
  feedback. This synchronization fails and when we check in the trace
  file what is the problem, we see there the content of the error message from the
  backend and the error "Column index 1 was not found". The syncstate field is not changed to 301 or some other value, it still remains 202. The message is stucked and it's not possible to
  do anything with it, only to recover the device.
  What is the problem?
  Thanks in advance,
  Sergey

  Hi,
  Can you please try to regenerate the data object, re-import the model and try to update?
  Thanks and Regards,
  Narayani

• Need a signed JAR that lasts longer than a year

  We need to sign JARs but we can't use the standard Thawte or Verisign root CA. Both of them expire in a year. Since my company does not own the servers on which our application is installed, we can't revisit our customer's servers just because the signed JAR files have expired.
  When I look at the list of Root CAs that Web Start recognizes, I see some personal CAs and and server CAs.
  thawtepersonalfreemailca (Thawte Personal Freemail CA)
  thawtepersonalbasicca (Thawte Personal Basic)
  thawtepersonalpremiumca (Thawte Personal Premium CA)
  thawteserverca (Thawte Server CA)
  cybertrust (GTE CyberTrust Root)
  verisignserverca (Secure Server CA)
  thawtepremiumserverca (Thawte Premium Server CA)
  Has anyone had any success signing JAR files with these? I'm puzzled. I thought that a server certificate could only be used to run a secure (SSL) server. Can you sign JAR files with it?
  Likewise, can I use a 'personal' CA to sign a JAR? Are there any drawbacks in doing so?

  We need to sign JARs but we can't use the standard
  Thawte or Verisign root CA. Both of them expire in a
  year. Since my company does not own the servers on
  which our application is installed, we can't revisit
  our customer's servers just because the signed JAR
  files have expired.You have a misunderstanding here. The expiry date is related to the certificate only, not the jar file signed with it. I.e. you can only sign things with your certificate before the expiry date. After the expiry date, you will not be able to use that certificate anymore for signing. But everything you have signed, while the certificate was valid, will remain valid. Eventhough the certificate will expire, whatever is signed with it remains valid for eternity.
  When I look at the list of Root CAs that Web Start
  recognizes, I see some personal CAs and and server
  CAs.
  thawtepersonalfreemailca (Thawte Personal Freemail
  CA)
  thawtepersonalbasicca (Thawte Personal Basic)
  thawtepersonalpremiumca (Thawte Personal Premium CA)
  thawteserverca (Thawte Server CA)
  cybertrust (GTE CyberTrust Root)
  verisignserverca (Secure Server CA)
  thawtepremiumserverca (Thawte Premium Server CA)
  Has anyone had any success signing JAR files with
  these? I'm puzzled. I thought that a server
  certificate could only be used to run a secure (SSL)
  server. Can you sign JAR files with it?Yes, I have had success with the Thawte Personal Freemail Certificate. As the name suggests, it is free. What is not obvious from the name is that it can also be used to sign jar files. To obtain the certificate is free, however you will want to become a trusted member, which you can only become by being notarized. This will most likely cost you a bit (cost me ca. US$12). Then your certificate will be fully trusted. Here is a writeup on how to use your free Thawte certificate for jar signing: http://www.dallaway.com/acad/webstart/.
  Likewise, can I use a 'personal' CA to sign a JAR? Are
  there any drawbacks in doing so?See above.
  Good luck.
  - Daniel

• Three questions about signed jar file and applet

  I use three signed jar file. Each of them signed by different certificate. First of JARs contain applet class. When I start applet from html page I see message “This applet was signed by…… but Java cannot verify it… Do you trust…?”. All times I press “Yes I trust” and after this questions applet stop to work end exit. If I use only one certificate for signing of three JARs then applet continue to work after question. 1) What should I do to fix this bug? 2) Is it any method to check from applet that user press Trust button? Is it any method to emulate work of SecurityManager to check that Certificate object is trusted (I want do call some method check(Certificate) and if certificate is not trusted I want to see message with question: “Do you want to trust this certificate” and so on)?

  Hello Jarman,
  1. If I have a signed jar file, then as long as the
  certificate is recognised as trusted that applet can
  run as a fully trusted application on the client
  machine. So I should not have to add lines such as
  permission java.lang.RuntimePermission
  "readFileDescriptor", "read" ;
  permission java.lang.RuntimePermission
  "writeFileDescriptor", "write" ;
  to my java.policy file. true/false ?true
  2. If I am running a signed jar file in the Java
  plugin then I do not need to have a verisign or thawte
  certificate (however to allow my certificate to be
  accepted I do have to import it into the cacerts file
  on the client machine). True/false?true
  3. Following on from question 2, if I want to be able
  to run an applet on a client machine, without messing
  around with ANY files on those machines, I need a
  verisign or thawte certificate. True/false?true
  4. (And finally) Apart from a security exception
  saying that I need to add one of the lines like those
  of question 1, is there any way I can get other debug
  information as to why the signed jar file is not being
  recognised as signed?No. This could be a problem of importing your certifcate into the wrong place.
  The information on the following link is a little bit dated but it helped me to successfully install a testcertificate and sign an applet with it.
  http://www.suitable.com/Doc_CodeSigning.shtml

• JNLP: Signed jars but still not trusted

  I have an applet that has signed jars that were signed by the same key, the applet shows the correct warnings on startup and works fine (allows access to the local file system, etc), however there still exists the 'yellow triangle warning' on one of two popups frames that the applet produces (but not the other one).
  The applet does use native code (packaged in a signed jar and referenced in the JNLP). The jars are all signed by the same certificate from a CA. I originally didn't have the JNLP signed (by placing it in the main jar in JNLP-INF/APPLICATION.JNLP) but this didn't help. Also I didn't have the JNLP codebase set to a real URL (and really cant in production because its a solution we deploy to customers servers - its packaged software not hosted) but even after I tested with a codebase to a test server, it still didnt remove the famed yellow triangle. I have all-permissions set in the JNLP.
  So two related questions:
  1) Other than having not having signed jars (or not signed correctly), what other reasons cause the 'yellow triangle'?
  2) The warning only appears on one of the popup Frames. What could be the possible reasons for that? Are there some privileges that show the icon whether the applet is signed or not?
  Note: While changing the client policy setting (showWindowWithoutWarningBanner) works, this cant be a solution.
  From the Java Console:
  ...It goes through all the jars (I only included one for brevity - there are 23 of them). Note it says 'have 1 common certificates'.. which I think indicates everything is signed by the same cert.
  Is there any indication in the console logs I can use to determine why it is not trusted? It looks (to me) that everything is OK, until it says 'istrusted=false'.
  security: Validating cached jar url=http://10.192.252.26/QMDesktop/native.jar ffile=C:\Documents and Settings\bunkowm\Application Data\Sun\Java\Deployment\cache\6.0\34\1df0b62-2c3ce377 com.sun.deploy.cache.CachedJarFile@d964af
  cache: Reading Signers from 995 http://10.192.252.26/QMDesktop/native.jar | C:\Documents and Settings\bunkowm\Application Data\Sun\Java\Deployment\cache\6.0\34\1df0b62-2c3ce377.idx
  security: Have 1 common certificates after processing http://10.192.252.26/QMDesktop/native.jar
  security: Istrusted: null false
  security: Loading certificates from Deployment session certificate store
  security: Loaded certificates from Deployment session certificate store
  security: Validate the certificate chain using CertPath API
  security: Obtain certificate collection in Root CA certificate store
  security: Obtain certificate collection in Root CA certificate store
  security: Start to check whether root CA is replaced
  security: The root CA hasnt been replaced
  security: No timestamping info available
  security: Found jurisdiction list file
  security: No need to checking trusted extension for this certificate
  security: The CRL support is disabled
  security: The OCSP support is disabled
  security: This OCSP End Entity validation is disabled
  security: Checking if certificate is in Deployment denied certificate store
  security: Checking if certificate is in Deployment permanent certificate store
  security: Checking if certificate is in Deployment session certificate store
  security: Mark trusted: null

  Andrew - of course you were correct about the signed cert - I misspoke when the CA signed applet didn't show a warning. (You were also right that I must have checked 'always accept' the certificate on the server I had the CA signed cert on).
  I think you guys are on to something about the privileged actions. It would explain where one popup has the icon and the other doesn't. We have Javascript making calls into the applet and we do use JNI (although I don't think there are any calls back). We do wrap these calls in privileged actions but maybe we missed something. What I've seen before is a security exception is thrown if we don't wrap them - but maybe there are areas where we don't and it doesn't throw an exception or it does and we eat it somehow (and for whatever reason doesn't cause anything noticeable).
  Now that I know it could likely be the applet code and not necessarily a build issue with signing the jars, I have another place to look...
  I'll check it out and let you know what I find.

• How can i add update signed jar file

  I am developing an applet which requires signing to run in a browser.
  I am developing supporting classes. But these class files have to be added
  to the jar. Isnt it??
  But to test the applet i need to load it in the browser each time i modify the class files. So the jar file need to be updated every time. But an
  IOError
  is being displayed when i try to update the signed jar file.
  How can i update signed jar file?? Or is there any othe way to test the signed applet during development??

  How can i update signed jar file?You can't, the signature is there to make sure the content of the jare hasn't been messed
  with.
  Either recreate the jar and re sign it or set up a policy during testing.

• SSL Cert used to sign Jars for distribution via WebStart

  Hi,
  I have an SSL cert (Comodo InstallSSL) for my website and wondered if I can use it to sign jars so, when distributed via webstart, the old "untrusted source" message doesn't get displayed. I've been doing a lot of reading but, to be honest, I can't really find my bearings! I have imported the cert into my keystore but get the message when I try to sign a jar:
  Certificate chain not found for: myalias  myalias must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.I have the following files in relation to my cert:
  xxx.cabundle (this can be imported into keytool easily)
  cert/xxx.crt (looks like a PGP file, cannot be imported (-import) into keytool)
  private/xxx.key
  My questions I suppose are:
  1. Can I use a cert issued for SSL to sign jars for webstart distribution?
  2. If yes to 1; what steps other than importing the cert alone (which generates the message above) do I need to do to achieve this?
  Any help would be appreciated!
  Rich

  Hi,
  yes, the pkcs12 certificate includes the private key, as opposed to pb7 which does not.
  Sent from Cisco Technical Support Android App

• How to sign jar to avoid security warning

  could anybody give advice, how to sign jar file in order to avoid that nasty security warning splash page when starting web start.i sign my jar using jarsigner, but that doesn't work.
  thank you.
  kastis

  i'm using Thwate Free Mail , which is accepted by the web start, but still i get security warning like in this page:
  http://www.dallaway.com/acad/webstart/
  maybe it's better to use security option j2ee-application-client-permissions,i only need access to printer on the client mashine, and ability to open the browser and e-mail.any ideas?
  kastis

• What needs to be installed on a client machine?

  Downloads Documentation Discussion Forums Articles Sample Code Training RSS Resources For
  Oracle Data Provider for .NET FAQ
  About ODP.NET
  I am familiar with SQL Server's .NET data provider, but am new to Oracle. Is it easy to learn to use ODP.NET? (Last Updated: 12/27/04)
  What are the different ways Oracle integrates with Microsoft .NET? (7/22/05)
  Where can I find ODP.NET help and sample code? (12/12/03)
  I have ODP.NET installed, but I can't find the ODP.NET Dynamic Help. Where is it? (4/11/05)
  What are the new features in this version of ODP.NET? (7/22/05)
  How do I make a feature enhancement request for ODP.NET? (12/04/02)
  What features will ODP.NET support in future releases? (12/04/02)
  Configuration and Certification
  Do I need to install ODP.NET on my Oracle database server? (7/22/05)
  Can ODP.NET work with Oracle8, Oracle8i, Oracle9i, and Oracle10g database (DB) servers? Can these DB servers be on Linux or Unix? (7/22/05)
  Can ODP.NET be used with an Oracle8, Oracle8i, or Oracle9i Release 1 client? (11/02/04)
  What do I need to have installed on my client machine to have ODP.NET work? (11/02/04)
  Does ODP.NET support Windows Server 2003, .NET Framework 1.1, and Visual Studio .NET 2003? (11/02/04)
  Common Runtime Issues
  How do I use distributed transactions with ODP.NET? (3/20/03)
  What if I have some applications that require an earlier Oracle client (e.g. using the Microsoft OLE DB Provider for Oracle with Server Explorer)? I want to be able to run both ODP.NET and these other applications from the same machine. (12/12/03)
  I get an error: "Unable to load DLL (OraOps.dll)". How do I fix this? (4/23/04)
  I want to use the Oracle9i Release 2 version of OraMTS with an Oracle8i database. I get a "No error information available: XACT_E_NOENLIST(0x8004D00A)" error when running an application using OraMTS. (12/04/02)
  ODP.NET and Other Oracle Providers for .NET
  Are ODP.NET and Microsoft .NET Framework Data Provider for Oracle the same product? (12/12/03)
  Which .NET data access driver should I use among ODP.NET, Microsoft .NET Framework Data Provider for Oracle, OLE DB .NET, and ODBC .NET? (12/04/02)
  I bundle ODP.NET with an application I've built, which I want to distribute or sell. Does Oracle charge licensing fees for this? (7/16/03)
  Q: I am familiar with SQL Server's .NET data provider, but am new to Oracle. Is it easy to learn to use ODP.NET?
  A: Yes. ODP.NET inherits from all the ADO.NET base classes, which is what SQL Server's .NET data provider, SqlClient, is based upon. The ADO.NET constructors, methods, and properties that you use with SQL Server will be the same with Oracle. For many applications, the only notable differences will be having all objects that were preceded with "Sql", such as SqlConnection, be preceded by "Oracle", such as OracleConnection, and accounting for differences between Oracle and SQL Server database data types, SQL, and stored procedure calls.
  Q: What are the different ways Oracle integrates with Microsoft .NET?
  A: Oracle integrates with .NET in a number of ways. For optimized .NET data access, ODP.NET enables access to all of the Oracle database's advanced features, such as RAC and XML DB, while ensuring the fastest performance from the .NET Framework.
  For .NET development tools that make Oracle easier to use, the Oracle Developer Tools for Visual Studio .NET provide wizards and designers that auto-generate ODP.NET code and can browse and edit schemas and stored procedures. Additionally, it includes a Data Window to modify and view data and context-sensitive help.
  Beginning with Oracle Database 10g Release 2, developers can build and deploy .NET stored procedures for their Oracle database.
  For application integration, web services can facilitate integration between your existing Oracle and .NET applications.
  Q: Where can I find ODP.NET help and sample code?
  A: ODP.NET documentation is available from within Visual Studio .NET using Dynamic Help. Just hit the F1 key when your cursor is on an ODP.NET API and a help page for that API will appear right within Visual Studio .NET.
  Additional ODP.NET documentation is available both locally installed and from the ODP.NET documentation page.
  Sample code can be found both locally as part of the ODP.NET installation (e.g. c:\oracle\<Oracle Home Name>\ODP.NET\samples) and on ODP.NET samples page.
  ODP.NET users can ask questions on the ODP.NET discussion forum.
  Q: I have ODP.NET installed, but I can't find the ODP.NET Dynamic Help. Where is it?
  A: This behavior sometimes occurs when installing new Visual Studio .NET versions over an ODP.NET installation. To enable ODP.NET Dynamic Help, go to Visual Studio .NET Combined Help Collection Manager located in Visual Studio .NET 2002 or Visual Studio .NET 2003. Make sure the box next to the Oracle Data Provider for .NET Help is checked and click on the Update VSCC button. Close Visual Studio .NET and re-open it to enable ODP.NET Dynamic Help.
  Note: Because of security restrictions, you may need to copy and paste the links above to a browser, rather than clicking on them. Once copied to a local browser, if you have a Windows service pack that prevents active content (e.g. Windows XP service pack 2), you will need to allow active content to view the complete page. To do this, click on the yellow bar at the top of the Visual Studio .NET Combined Help Collection Manager page, which indicates active content has been blocked. Select "Allow Blocked Content". A security warning will show up. Click "Yes" and you will be able to view the page in its entirety, including having the option to incorporate the Oracle Data Provider for .NET Help into Visual Studio .NET.
  Q: What are the new features in this version of ODP.NET?
  A:
  ODP.NET 10.2.0.1.0
  Server-side ODP.NET for .NET stored procedures
  RAC client-side connection load balancing and automatic connection cleanup
  Database Change Notification
  LOB and LONG retrieval - faster data retrieval, InitialLOBFetchSize can be up to 2GB, and full LOB functionality when InitialLOBFetchSize > 0 (i.e. GetOracleClob and GetOracleBlob methods are enabled). These same features are now enabled with LONGs with its respective APIs.
  Connection Pool Management - explicitly clear connection pool(s)
  Client Identifier property for supporting application context security, such as with VPD
  Input REF Cursor parameters
  ODP.NET 10.1.0.3.0
  Statement caching
  DeriveParameters - automatic population of stored procedure parameters
  Cancel long running queries
  ADO.Net 1.1 interfaces - HasRows and EnlistDistributedTransaction properties
  LOB and LONG retrieval - Entire LOB and LONG column data can be retrieved even if the select list does not contain a primary key, ROWID, or unique key.
  ODP.NET 10.1.0.2.0
  Grid support
  Schema-based XMLType
  BINARY_FLOAT and BINARY_DOUBLE datatypes
  Multiple Oracle Homes
  ODP.NET 9.2.0.4.01
  Improved XML DB and XMLType support
  PL/SQL associative arrays
  connection pool validation
  InitialLOBFetchSize property to improve LOB retrieval performance
  Q: How do I make a feature enhancement request for ODP.NET?
  A: You can contact Oracle Support or use the ODP.NET discussion forum to make an enhancement request.
  Q: What features will ODP.NET support in future releases?
  A: In general, Oracle does not discuss features in future product releases until the release date nears. We are well aware of enhancement requests made through the ODP.NET discussion forum and Oracle support. We encourage Oracle users to continue to make their requests known. Oracle will do its best to fulfill these requests in future releases.
  Q: Do I need to install ODP.NET on my Oracle database server?
  A: No. You only need to install ODP.NET for running client or middle-tier .NET applications. The exception is if you are using .NET stored procedures in the database server. The server-side ODP.NET provider will automatically be installed with the Oracle Database Extensions for .NET.
  Q: Can ODP.NET work with Oracle8, Oracle8i, Oracle9i, and Oracle10g database (DB) servers? Can these DB servers be on Linux or Unix?
  A: Yes and yes. Oracle clients can support older and newer versions of the Oracle database. Consult the Oracle on Windows FAQ for more information.
  Oracle clients on Windows can work with Oracle database servers on any platform.
  Q: Can ODP.NET be used with an Oracle8, Oracle8i, or Oracle9i Release 1 client?
  A: No. You need to use the Oracle9i Release 2 or higher client.
  Q: What do I need to have installed on my client machine to have ODP.NET work?
  What needs to be on a client machine when running an application compiled with the 10g ODP.NET?
  The FAQ states the following :-
  A: You will require the following:
  Windows 2000, Windows XP Professional, or Windows Server 2003
  Microsoft .NET Framework 1.0 or higher
  Oracle9i Client Release 2 (9.2) or higher
  Oracle Net Services (included with the client)
  Oracle Services for Microsoft Transaction Server, Release 2 (9.2) or higher. This is required for applications using distributed transacations.
  This implies that ODP.NET does NOT need to be installed on a client. However, I cannot find OraOPs9.dll on a machine with Client Release 9.2 installed. Should OraOps?.dll automatically come with a Client installation of 9.2 or higher?
  Also, if an application is built with the 10g ODP.NET, can it be run from a machine with OraOps9.dll?
  I'd be very grateful for anyone who can clear up my confusion.
  Mick

  This implies that ODP.NET does NOT need to be installed on a client. However, I cannot find OraOPs9.dll on a machine with Client Release 9.2 installed. Should OraOps?.dll automatically come with a Client installation of 9.2 or higher?
  ODP.NET needs to be installed on the client. OraOps9.dll is part of ODP.NET, not the Oracle Client.
  Also, if an application is built with the 10g ODP.NET, can it be run from a machine with OraOps9.dll?
  If an application is built with 10g ODP.NET, it can be run with 9.2 ODP.NET as long as you do not use any 10g APIs. The new features in 10g ODP.NET are included in the doc and the ODP.NET FAQ for your reference.

• Passing another sites cookie on to the client?

  We are working with a third party vendor who has a web site
  which our CF server will authenticate to on behalf of the client
  browser using CFHTTP, and then the third party site replies back to
  our CF server with a cookie which we need to pass to the client
  browser. The client can then communicate with the third party site
  once the client has the cookie. Obviously I can use CFCOOKIE to
  create the client side cookie but what's the easiest way to read
  the cookie returned to the CF Server?
  Thanks,
  Steve

  I'm not sure this will work? My understanding the nature of
  cookies is
  that the browser will only return cookies to a domain that
  where created
  by that domain.
  So, even when you get that cookie and write it to the client
  (which can
  be done), the browser will only ever return that cookie when
  the client
  is talking to your server. When they move on to the other
  server, the
  browser will not send the cookie.
  This may be outdated, but I thought that is how it works.
  I am aware there are some way around this, but I have never
  bothered to
  learn how to circumvent the methodology. I think it involves
  frames,
  hidden or otherwise, connected to the remote server. So the
  browser
  then connects to that server, receives the cookies and sets
  them for it.

• Signed jar works differently than unsigned jar - why?

  I'm having a problem with one of my JWS applications (out of six!) -- the application runs fine locally out of the jars. However, when I sign the main jar for running with JWS, it goes into a loop trying to read a property file contained within the main jar. This occurs whether I run it locally or from the JWS server.
  The only difference I can see is that the manifest file is affected, but they both have the same reference to the main class and it's also in the jnlp file.
  Any thoughts?

  I'm having a problem with one of my JWS applications
  (out of six!) -- the application runs fine locally out
  of the jars. However, when I sign the main jar for
  running with JWS, it goes into a loop trying to read a
  property file contained within the main jar.If several jars are involved, I would try to have each one signed. And then test again.
  This
  occurs whether I run it locally or from the JWS
  server.Weird.
  The only difference I can see is that the manifest
  file is affected, but they both have the same
  reference to the main class and it's also in the jnlp
  file.So far I too believed that the signing just causes additional entry lines in the Manifest file, where for each jar entry some cryptographic hash (md5, sha-1, ..) value will be written.
  What happens if you mention the main class as well, in case you test from running from a jar from the command line?
  Regards,
  Marc

• Peculiar issue with signed .jars and Linux (Debian unstable, 2.4.20-custom)

  BACKGROUND:
  I am a developer working on a Java3D application, which is to be deliverable over
  the Web. Delivery as an applet seemed a natural choice, and so I spent a considerable amount of effort learning (I won't say "mastering") the process of
  creating a self-signed .jar containing java3d-<some_version>.exe. I have in fact
  successfully created a fully-fuctional from-scratch JPI/Java3D/myapp install. By
  this I mean that Windows machine with only stock IE installed could hit my URL,
  get the proper JPI installed, followed by the Java3D runtime I'd chosen, as well
  as a third-party DXF loader, and finally (after much clicking of 'Yes', 'Accept',
  'OK', etc.) see my app in a browser window.
  That was on my old, slow, Windows2000 workstation. Now I have a shiny, new
  workstation upon which my employer has graciously allowed me to run Linux. Sadly,
  the re-creation of the self-signed .jar files under a new JDK has not gone smoothly.
  PROBLEM DESCRIPTION:
  When a user attempts to download the self-signed .jar containing the auto-install
  executable for the Java3D runtime, the normal security warning prompts are displayed (one for granting to install the extension, one to accept the "suspect" certificate from me alone). The plugin happily downloads the .jar file, and then
  a NullPointerException is thrown, with a
  stack trace like:
  NPE!
  at java.util.zip.ZipFile.getInputStream (unknown source)
  at java.util.jar.JarFile.getInputStream (unknown source)
  <something>doPrivileged<something>
  etc.
  I apologize for the lack of a full stack trace; I would essentially have to type it in by hand after printing it out on the remote test box; I hope that I've caught the important details above.
  After this, the pure-java signed .jar is downloaded and installed, and then the applet "loads" with the predictable ClassNotFoundException for javax.media.j3d.SceneGroup.
  Downloading and installing the J3D runtime by hand and then re-visiting the URL results in a fully-functional applet.
  I've tried Blackdown Linux JDKs 1.4 and 1.3.1, as well as Sun's JDKs 1.3.1_07 and 1.3.1_05 for the compiling, jar'ing, and jarsigner'ing of these files, all with the same result. At each new JDK, I re-did the HTML conversion so that he appropriate
  JPI version was required on the client. I did complete uninstallations of all client JPI instances (including Web Start for 1.4.1_x, as well as cleaning the registry on the client).
  When this strategy worked, it was on Sun JDK 1.3.1_05 for Windows runnning on Windows2000, unknown service pack.
  DESIRED BEHAVIOR:
  I would like my clients to be able to go from stock Windows2K/IE (this being an intranet without any other options) to some JPI version running the J3D extension, with only the need to click 'OK', 'Accept', 'Grant This Session', etc. a bunch of times on the part of the user. I want this to happen without my having to resurrect my decrepit old Compaq Deskpro just to play the role of "build host" for my
  Java3D and loader .jar files, if at all possible.
  FILES:
  Here's what gets merged into the "main" applet's mainfest at creation time:
  Manifest-Version: 1.0
  Extension-List: java3d DxfLoader
  java3d-Extension-Name: javax.media.j3d
  java3d-Implementation-Vendor-Id: com.sun
  java3d-Implementation-Version: 1.3
  java3d-Specification-Title: Java 3D API Specification
  java3d-Specification-Version: 1.3
  java3d-Specification-Vendor: Sun Microsystems, Inc
  java3d-Implementation-URL: http://10.1.1.1/heartcad/lib/java3d.jar
  DxfLoader-Extension-Name: eupla.dxfloader
  DxfLoader-Implementation-Title: Eupla DXFLoader
  DXFLoader-Implementation-URL: http://10.1.1.1/heartcad/lib/DxfLoader.jar
  And into the manifest for the J3D .jar:
  Manifest-Version: 1.0
  Implementation-Version: 1.3
  Specification-Version: 1.3
  Extension-Installation: "java3d-1_3-windows-i586-directx-rt.exe"
  Extension-Name: javax.media.j3d
  Implementation-Vendor-Id: com.sun
  Implementation-Vendor: Sun Microsystems, Inc
  Specification-Vendor: Sun Microsystems, Inc

  I have seen that bug, and the problem I'm having seems to be different than it. The extension installer is in the first extension .jar my applet asks for, and it
  never works automatically, regardless of how many times the applet is loaded.
  The second .jar, which doesn't have to run any installer, always works fine, but the first one will never work (a manual install of the Java3D runtime is required). This seems to not be the behavior described in the bug.
  I will continue to search for an answer to this problem, and of course if I should find anything I'll post it here.

• Different signded jar in the same web start app

  Hi there
  I have a web start application that use an external security provider. The jar file of the security provider is signed (otherwise it don't run under jdk 1.4.1) and the jar with my application is also signed with other signature, because i need full rights on the client. It is not possible to start the application, because webstart not allows to start the app with jars signed from different certificates.
  Anyone have an idea how this problem can be fixed?

  I'm pretty sure this has been answered here before, so you may want to do a search to get a more complete answer. Basically, you need to sign the other JAR files with different certificates in a separate resource extension jnlp file, something like:
  <extension name="Java Help" href="help.jnlp"/>
  and then list the other jars in that file, something like:
  <?xml encoding="UTF-8"?>
  <jnlp spec="1.0+" href="help.jnlp">
  <information>
  <title>JavaHelp</title>
  <vendor>Sun Microsystems, Inc </vendor>
  </information>
  <resources>
  <jar href="jh.jar" />
  </resources>
  <security>
  <all-permissions />
  </security>
  <component-desc/>
  </jnlp>