Jar file certificate expiration

We are currently using JavaHelp in our product and have noticed the certificate on the jhall.jar file has recently expired. We would rather not deliver our product such that it will immediately inform our users that a certificate has expired when they access JavaHelp. I have submitted a bug report about this and have noticed similar reports in previous years. Does anybody know if Sun delivers re-signed jar files or waits until a newer version of JavaHelp is available? Also is it legal to wrap the jhall.jar under the signature for our product (which does prevent the expiration message, we tested it)? I was just wondering if anybody else has had this problem (or has it now).
Thanks in advance for any help on this.
Jim

While it might seem handy to resign it with your own certificate it is certainly not smart to do so. The Java version that is shipped with MacOSX will refuse to start your application as it sees two certificates. Also the certificate was valid at the time of signing the JAR files, so it doesn't really matter that it expired now. All that matters is that it was valid when it was signed.

Similar Messages

How to read a certificate included in a jar-file???

Hello,
I have an application who connects via SSL to a JBoss server. Therefore I need a certificate on the client machine.
Can I include a selfsigned certificate in the jar file which can be downloaded with webstart???
If that's possible where can I find the certificate??? For now on my machine I use
System.setProperty("javax.net.ssl.trustStore","c:/Program Files/.../certificate.truststore");
I suppose I have to change the path, but I have no idee to where???
Thanks anyway
Bart

Write out the trust store to a file in the temp directory on the client machine when your application starts and instruct the java.net classes to use it by setting the system property just like you described.
note.. I'm just guessing here
-Spinoza

How to sign multiple jar files using the same certificate..?

hi,
I want to run my application using Java Web Start.. i am using around 16 different jar files out of which around 13 are 3rd party component jars. I want to sign these jars using the same certifcate..., i am using the follwing code to sign the jars:
(for the jar file ischeduler.jar)
keytool -genkey -alias signFiles91 -keystore dtss -keypass dtss1351 -dname "cn=dtss" -storepass decisioncraft
jarsigner -keystore dtss -storepass decisioncraft -keypass dtss1351 -signedjar signedischeduler.jar ischeduler.jar signFiles91
keytool -export -keystore dtss -storepass decisioncraft -alias signFiles91 -file ischeduler.cer
keytool -import -alias DCA2 -file ischeduler.cer -keystore Impischeduler -storepass ischeduler
(for the jar file ischedulerclient.jar)
keytool -genkey -alias signFiles92 -keystore dtss -keypass dtss1351 -dname "cn=dtss" -storepass decisioncraft
jarsigner -keystore dtss -storepass decisioncraft -keypass dtss1351 -signedjar signedischedulerclient.jar ischedulerclient.jar signFiles92
keytool -export -keystore dtss -storepass decisioncraft -alias signFiles92 -file ischeduler.cer
keytool -import -alias DCA3 -file ischeduler.cer -keystore Impischeduler -storepass ischeduler
but when i use the above signed jars in my application i get an error saying:
"jars not signed by the same certificate"
can someone plz tel me wher is the error....thanx
andy

Well for mulitple signing of jar files you can use ANT tool. Its easier and faster.
Regarding the present problem -- hmm.. well it looks like you are using 2 different alias names for signing the jar file. Try using the same alias name and that might solve your problem.
regards
Saby

Custom certificates for JAR file signing

Hi,
Can anyone please let me know how to check that we have custom certificates for JAR file signing set up in our instance
Thanks,
Praveen

It depends on the version of your $ADJVAPRG. See the referenced note.
How to use,create and /or update Digital Certificates for Jinitiator in 11i Applications
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=365735.1

Basic: No certificate info, this is unsigned JAR file.

A log can be found below with the results while running my application. The loader just can't seem to find the Httpclient on the server or something to that extent. All searches made per this error message on the Internet have failed to yield any results that would afford me a solution to my problem. Any assistance that you can afford to me would be greatly appreciated! Thank you very much! Eric.
basic: Referencing classloader: sun.plugin.ClassLoaderInfo@1bca5f1, refcount=1
basic: Added progress listener: sun.plugin.util.GrayBoxPainter@6f7ce9
basic: Loading applet ...
basic: Initializing applet ...
basic: Starting applet ...
network: Preloading file all-client-jars.jar
basic: Loading http://172.21.165.19:7582/Paragon/all-client-jars.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file spring-client.jar
basic: Loading http://172.21.165.19:7582/Paragon/spring-client.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file J2TablePrinter.jar
basic: Loading http://172.21.165.19:7582/Paragon/J2TablePrinter.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file Quartz.jar
basic: Loading http://172.21.165.19:7582/Paragon/Quartz.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file jhall.jar

Network Calls Increases please help
basic: Referencing classloader: sun.plugin.ClassLoaderInfo@1bca5f1, refcount=1
basic: Added progress listener: sun.plugin.util.GrayBoxPainter@6f7ce9
basic: Loading applet ...
basic: Initializing applet ...
basic: Starting applet ...
network: Preloading file all-client-jars.jar
basic: Loading http://172.21.165.19:7582/Paragon/all-client-jars.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file spring-client.jar
basic: Loading http://172.21.165.19:7582/Paragon/spring-client.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file J2TablePrinter.jar
basic: Loading http://172.21.165.19:7582/Paragon/J2TablePrinter.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file Quartz.jar
basic: Loading http://172.21.165.19:7582/Paragon/Quartz.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file jhall.jar
basic: Loading http://172.21.165.19:7582/Paragon/jhall.jar from cache
basic: Reading cached JAR file from JRE 1.5 release
basic: Certificates for http://172.21.165.19:7582/Paragon/jhall.jar is read from JAR cache
network: Preloading file jnet.jar
basic: Loading http://172.21.165.19:7582/Paragon/jnet.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file jsse.jar
basic: Loading http://172.21.165.19:7582/Paragon/jsse.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file QzCPExtn.jar
basic: Loading http://172.21.165.19:7582/Paragon/QzCPExtn.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file QzPLMExtn.jar
basic: Loading http://172.21.165.19:7582/Paragon/QzPLMExtn.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file QzQZExtn.jar
basic: Loading http://172.21.165.19:7582/Paragon/QzQZExtn.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file QzRPExtn.jar
basic: Loading http://172.21.165.19:7582/Paragon/QzRPExtn.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file QzCADExtn.jar
basic: Loading http://172.21.165.19:7582/Paragon/QzCADExtn.jar from cache
basic: No certificate info, this is unsigned JAR file.
QzRP.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file QzTP.jar
basic: Loading http://172.21.165.19:7582/Paragon/QzTP.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file QzCB.jar
basic: Loading http://172.21.165.19:7582/Paragon/QzCB.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Preloading file QzLM.jar
basic: Loading http://172.21.165.19:7582/Paragon/QzLM.jar from cache
basic: No certificate info, this is unsigned JAR file.
network: Connecting http://172.21.165.19:7582/Paragon/commons-logging.properties with proxy=DIRECT
network: Connecting http://172.21.165.19:7582/Paragon/commons-logging.properties with cookie "PARASESSION=7d1SJkVYhQJy2YJB4kQWLZ3BJBF2kpLnTv4DNMBn1thTyQ2chlZC!-1044230083"
network: Connecting http://172.21.165.19:7582/Paragon/META-INF/services/org.apache.commons.logging.LogFactory with proxy=DIRECT
network: Connecting http://172.21.165.19:7582/Paragon/META-INF/services/org.apache.commons.logging.LogFactory with cookie "PARASESSION=7d1SJkVYhQJy2YJB4kQWLZ3BJBF2kpLnTv4DNMBn1thTyQ2chlZC!-1044230083"
network: Connecting http://172.21.165.19:7582/Paragon/log4j.xml with proxy=DIRECT
network: Connecting http://172.21.165.19:7582/Paragon/log4j.xml with cookie "PARASESSION=7d1SJkVYhQJy2YJB4kQWLZ3BJBF2kpLnTv4DNMBn1thTyQ2chlZC!-1044230083"
network: Connecting http://172.21.165.19:7582/Paragon/log4j.xml with proxy=DIRECT
network: Connecting http://172.21.165.19:7582/Paragon/log4j.xml with cookie "PARASESSION=7d1SJkVYhQJy2YJB4kQWLZ3BJBF2kpLnTv4DNMBn1thTyQ2chlZC!-1044230083"
network: Connecting http://172.21.165.19:7582/Paragon/org/apache/log4j/PatternLayoutBeanInfo.class with proxy=DIRECT
network: Connecting http://172.21.165.19:7582/Paragon/org/apache/log4j/PatternLayoutBeanInfo.class with cookie "PARASESSION=7d1SJkVYhQJy2YJB4kQWLZ3BJBF2kpLnTv4DNMBn1thTyQ2chlZC!-1044230083"
network: Connecting http://172.21.165.19:7582/Paragon/org/apache/log4j/PatternLayoutBeanInfo.class with proxy=DIRECT
network: Connecting http://172.21.165.19:7582/Paragon/org/apache/log4j/PatternLayoutBeanInfo.class with cookie "PARASESSION=7d1SJkVYhQJy2YJB4kQWLZ3BJBF2kpLnTv4DNMBn1thTyQ2chlZC!-1044230083"
network: Connecting http://172.21.165.19:7582/Paragon/org/apache/log4j/LayoutBeanInfo.class with proxy=DIRECT
network: Connecting http://172.21.165.19:7582/Paragon/org/apache/log4j/LayoutBeanInfo.class with cookie "PARASESSION=7d1SJkVYhQJy2YJB4kQWLZ3BJBF2kpLnTv4DNMBn1thTyQ2chlZC!-1044230083"

Validating signing certificate of a JAR file (with Jarsigner?)

Hi!
As far as I understand, Jarsigner's signature verification confines itself to checking the jar file's integrity, but doesn't check for whether the signing cert is trusted. Am I right in this one?
If so, how can I do this?
Thanks
Rice Bauer

But doesn't this provide that the Jar file's code is already running?Loaded. Not running. Load any class from the JAR, via a URLClassLoader, then you can verify the certificate. Then throw the class and the loader away.

JAR files will be expiring soon

Any word on the service release to fix the pending expiration of the signed JAR files? I opened a service issue and you guys submitted a bug report. Since then there hasnt been a notice of a pending release or anything. This issue at hand is everyone using 4.2 will be getting a pop-up about Java not being trusted soon.
Can someone speak to this pending problem?
Thanks
Courtney Shoell

Hi,
If all your music is in your itunes library on your computer, you will not lose that music.
If you do not have the music on your computer and stream the music you will lose all your music except for previous itunes purchases. Likewise you will no longer have access to match music.
Jim

Problem using a jar file : java.lang.ClassNotFoundException: ApiConn

Hi everyone.
i am running a form that use a bean_area to call a jar.
but i am getting this error, thanks in advnce for any tip.
Java Plug-in 1.6.0_33
Using JRE version 1.6.0_33-b05 Java HotSpot(TM) Client VM
User home directory = C:\Users\user1
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
java.lang.ClassNotFoundException: ApiConn
     at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
     at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
     at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
     at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
     at java.lang.ClassLoader.loadClass(Unknown Source)
     at java.lang.Class.forName0(Native Method)
     at java.lang.Class.forName(Unknown Source)
     at oracle.forms.handler.UICommon.instantiate(Unknown Source)
     at oracle.forms.handler.UICommon.onCreate(Unknown Source)
     at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
     at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
     at oracle.forms.engine.Runform.processMessage(Unknown Source)
     at oracle.forms.engine.Runform.processSet(Unknown Source)
     at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
     at oracle.forms.engine.Runform.onMessage(Unknown Source)
     at oracle.forms.engine.Runform.processEventEnd(Unknown Source)
     at oracle.ewt.lwAWT.LWComponent.redispatchEvent(Unknown Source)
     at oracle.ewt.lwAWT.LWComponent.processEvent(Unknown Source)
     at java.awt.Component.dispatchEventImpl(Unknown Source)
     at java.awt.Container.dispatchEventImpl(Unknown Source)
     at java.awt.Component.dispatchEvent(Unknown Source)
     at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
     at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
     at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
     at java.awt.Container.dispatchEventImpl(Unknown Source)
     at java.awt.Component.dispatchEvent(Unknown Source)
     at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
     at java.awt.EventQueue.access$000(Unknown Source)
     at java.awt.EventQueue$1.run(Unknown Source)
     at java.awt.EventQueue$1.run(Unknown Source)
     at java.security.AccessController.doPrivileged(Native Method)
     at java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
     at java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
     at java.awt.EventQueue$2.run(Unknown Source)
     at java.awt.EventQueue$2.run(Unknown Source)
     at java.security.AccessController.doPrivileged(Native Method)
     at java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
     at java.awt.EventQueue.dispatchEvent(Unknown Source)
     at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
     at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
     at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
     at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
     at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
     at java.awt.EventDispatchThread.run(Unknown Source)
Dumping class loader cache...
Live entry: key=http://192.168.10.100:7778/forms/java/,frmall.jar,siberia_jpg.jar,ApiConn.jar,Hasher.jar,ReadCommand.jar,WriteCommand.jar,libAPI.jar, refCount=1, threadGroup=sun.plugin2.applet.Applet2ThreadGroup[name=http://192.168.10.100:7778/forms/java/-threadGroup,maxpri=4]
Done.
in my form i have created a bean_area and used as implementation class :ApiConn
in my formsweb.cfg i used this configuration: archive=frmall.jar,siberia_jpg.jar,ApiConn.jar,Hasher.jar,ReadCommand.jar,WriteCommand.jar,libAPI.jar
in my forms/java i have placed my jar files listed in the frmall.jar
i guess i am missing something but i dont know what it is.
here is my ApiConn.java from wich i generate my jar file:
package libAPI;
* This contains connection. Everything should be here,
* should operate with this class only
import java.io.*;
import java.net.*;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.logging.Level;
import java.util.logging.Logger;
* @author janisk
public class ApiConn extends Thread {
private Socket sock = null;
private DataOutputStream out = null;
private DataInputStream in = null;
private String ipAddress;
private int ipPort;
private boolean connected = false;
private String message = "Not connected";
private ReadCommand readCommand = null;
private WriteCommand writeCommand = null;
private Thread listener = null;
LinkedBlockingQueue queue = new LinkedBlockingQueue(40);
* Constructor of the connection class
* @param ipAddress - IP address of the router you want to conenct to
* @param ipPort - port used for connection, ROS default is 8728
public ApiConn(String ipAddress, int ipPort) {
this.ipAddress = ipAddress;
this.ipPort = ipPort;
this.setName("settings");
* State of connection
* @return - if connection is established to router it returns true.
public boolean isConnected() {
return connected;
public void disconnect() throws IOException{
listener.interrupt();
sock.close();
private void listen() {
if (this.isConnected()) {
if (readCommand == null) {
readCommand = new ReadCommand(in, queue);
listener = new Thread(readCommand);
listener.setDaemon(true);
listener.setName("listener");
listener.start();
* to get IP address of the connection. Reads data from socket created.
* @return InetAddress
public InetAddress getIpAddress() {
return sock == null ? null : sock.getInetAddress();
* returns ip address that socket is asociated with.
* @return InetAddress
public InetAddress getLocalIpAddress() {
return sock == null ? null : sock.getLocalAddress();
* Socket remote port number
* @return
public int getPort() {
return sock == null ? null : sock.getPort();
* return local prot used by socket
* @return
public int getLocalPort() {
return sock == null ? null : sock.getLocalPort();
* Returns status message set up bu class.
* @return
public String getMessage() {
return message;
* sets and exectues command (sends it to RouterOS host connected)
* @param s - command will be sent to RouterOS for example "/ip/address/print\n=follow="
* @return
public String sendCommand(String s) {
return writeCommand.setCommand(s).runCommand();
* exeecutes already set command.
* @return returns status of the command sent
public String runCommand() {
return writeCommand.runCommand();
* Tries to fech data that is repllied to commands sent. It will wait till it can return something.
* @return returns data sent by RouterOS
* @throws java.lang.InterruptedException
public String getData() throws InterruptedException {
String s = (String) queue.take();
return s;
* returns command that is set at this moment. And will be exectued if runCommand is exectued.
* @return
public String getCommand() {
return writeCommand.getCommand();
* set up method that will log you in
* @param name - username of the user on the router
* @param password - password for the user
* @return
public String login(String name, char[] password) {
this.sendCommand("/login");
String s = "a";
try {
s = this.getData();
} catch (InterruptedException ex) {
Logger.getLogger(ApiConn.class.getName()).log(Level.SEVERE, null, ex);
return "failed read #1";
if (!s.contains("!trap") && s.length() > 4) {
String[] tmp = s.trim().split("\n");
if (tmp.length > 1) {
tmp = tmp[1].split("=ret=");
s = "";
String transition = tmp[tmp.length - 1];
String chal = "";
chal = Hasher.hexStrToStr("00") + new String(password) + Hasher.hexStrToStr(transition);
chal = Hasher.hashMD5(chal);
String m = "/login\n=name=" + name + "\n=response=00" + chal;
s = this.sendCommand(m);
try {
s = this.getData();
} catch (InterruptedException ex) {
Logger.getLogger(ApiConn.class.getName()).log(Level.SEVERE, null, ex);
return "failed read #2";
if (s.contains("!done")) {
if (!s.contains("!trap")) {
return "Login successful";
return "Login failed";
@Override
public void run() {
try {
InetAddress ia = InetAddress.getByName(ipAddress);
if (ia.isReachable(1000)) {
sock = new Socket(ipAddress, ipPort);
in = new DataInputStream(sock.getInputStream());
out = new DataOutputStream(sock.getOutputStream());
connected = true;
readCommand = new ReadCommand(in, queue);
writeCommand = new WriteCommand(out);
this.listen();
message = "Connected";
} else {
message = "Not reachable";
} catch (UnknownHostException ex) {
connected = false;
message = ex.getMessage();
ex.printStackTrace();
} catch (IOException ex) {
connected = false;
message = ex.getMessage();
ex.printStackTrace();
}

I need your help again, i think this is a minor thing.
i have compiled the class file that i needed and i signed it too. but now it is giving me a new error and need your tip.
here is the java console loyout and my java file ((i think here is the problem in java file, something must be missing)).
thanks in advance for any help.
Java Plug-in 10.17.2.02
Using JRE version 1.7.0_17-b02 Java HotSpot(TM) Client VM
User home directory = C:\Users\Administrator
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
network: Connecting http://192.168.10.100:7778/forms/lservlet;jsessionid=c0a80a6430d6e191eded93774f2f8d1bed73056e66ef.e3mObhiMbxeKe34PahiKbx4Nbh90n6jAmljGr5XDqQLvpAe with proxy=DIRECT
security: Validate the certificate chain using CertPath API
security: The certificate hasnt been expired, no need to check timestamping info
security: Cannot find jurisdiction list file
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
basic: updateValidationResultsForApplet update
cache: Mark prevalidated: http://192.168.10.100:7778/forms/java/ApiConn.jar true tm=1363335797289 cert=1371107987000
basic: Plugin2ClassLoader.getPermissions CeilingPolicy allPerms
java.lang.InstantiationException: oracle.forms.siberia.ApiConn
     at java.lang.Class.newInstance0(Unknown Source)
     at java.lang.Class.newInstance(Unknown Source)
     at oracle.forms.handler.UICommon.instantiate(Unknown Source)
     at oracle.forms.handler.UICommon.onCreate(Unknown Source)
     at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
     at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
     at oracle.forms.engine.Runform.processMessage(Unknown Source)
     at oracle.forms.engine.Runform.processSet(Unknown Source)
     at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
     at oracle.forms.engine.Runform.onMessage(Unknown Source)
     at oracle.forms.engine.Runform.processEventEnd(Unknown Source)
     at oracle.ewt.lwAWT.LWComponent.redispatchEvent(Unknown Source)
     at oracle.ewt.lwAWT.LWComponent.processEvent(Unknown Source)
     at java.awt.Component.dispatchEventImpl(Unknown Source)
     at java.awt.Container.dispatchEventImpl(Unknown Source)
     at java.awt.Component.dispatchEvent(Unknown Source)
     at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
     at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
     at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
     at java.awt.Container.dispatchEventImpl(Unknown Source)
     at java.awt.Component.dispatchEvent(Unknown Source)
     at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
     at java.awt.EventQueue.access$200(Unknown Source)
     at java.awt.EventQueue$3.run(Unknown Source)
     at java.awt.EventQueue$3.run(Unknown Source)
     at java.security.AccessController.doPrivileged(Native Method)
     at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
     at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
     at java.awt.EventQueue$4.run(Unknown Source)
     at java.awt.EventQueue$4.run(Unknown Source)
     at java.security.AccessController.doPrivileged(Native Method)
     at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
     at java.awt.EventQueue.dispatchEvent(Unknown Source)
     at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
     at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
     at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
     at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
     at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
     at java.awt.EventDispatchThread.run(Unknown Source)
network: Connecting http://192.168.10.100:7778/forms/lservlet;jsessionid=c0a80a6430d6e191eded93774f2f8d1bed73056e66ef.e3mObhiMbxeKe34PahiKbx4Nbh90n6jAmljGr5XDqQLvpAe with proxy=DIRECT
Exception in thread "Forms-DialogThread2" java.lang.NullPointerException
     at oracle.forms.handler.JavaContainer.onDestroy(Unknown Source)
     at oracle.forms.engine.Runform.destroyHandlers(Unknown Source)
     at oracle.forms.handler.DialogThread.doAlert(Unknown Source)
     at oracle.forms.handler.DialogThread.run(Unknown Source)
     at java.lang.Thread.run(Unknown Source)
Dumping class loader cache...
Live entry: key=http://192.168.10.100:7778/forms/java/,frmall.jar,siberia_jpg.jar,ApiConn.jar,ConcealTextField.jar, refCount=1, threadGroup=sun.plugin2.applet.Applet2ThreadGroup[name=http://192.168.10.100:7778/forms/java/-threadGroup,maxpri=4]
Done.
here is my java file
* To change this template, choose Tools | Templates
* and open the template in the editor.
package oracle.forms.siberia;
* This contains connection. Everything should be here,
* should operate with this class only
import java.io.*;
import java.net.*;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.logging.Level;
import java.util.logging.Logger;
import oracle.forms.*;
* @author janisk
public class ApiConn extends Thread {
private Socket sock = null;
private DataOutputStream out = null;
private DataInputStream in = null;
private String ipAddress;
private int ipPort;
private boolean connected = false;
private String message = "Not connected";
private ReadCommand readCommand = null;
private WriteCommand writeCommand = null;
private Thread listener = null;
LinkedBlockingQueue queue = new LinkedBlockingQueue(40);
* Constructor of the connection class
* @param ipAddress - IP address of the router you want to conenct to
* @param ipPort - port used for connection, ROS default is 8728
public ApiConn(String ipAddress, int ipPort) {
this.ipAddress = ipAddress;
this.ipPort = ipPort;
this.setName("settings");
* State of connection
* @return - if connection is established to router it returns true.
public boolean isConnected() {
return connected;
public void disconnect() throws IOException{
listener.interrupt();
sock.close();
private void listen() {
if (this.isConnected()) {
if (readCommand == null) {
readCommand = new ReadCommand(in, queue);
listener = new Thread(readCommand);
listener.setDaemon(true);
listener.setName("listener");
listener.start();
* to get IP address of the connection. Reads data from socket created.
* @return InetAddress
public InetAddress getIpAddress() {
return sock == null ? null : sock.getInetAddress();
* returns ip address that socket is asociated with.
* @return InetAddress
public InetAddress getLocalIpAddress() {
return sock == null ? null : sock.getLocalAddress();
* Socket remote port number
* @return
public int getPort() {
return sock == null ? null : sock.getPort();
* return local prot used by socket
* @return
public int getLocalPort() {
return sock == null ? null : sock.getLocalPort();
* Returns status message set up bu class.
* @return
public String getMessage() {
return message;
* sets and exectues command (sends it to RouterOS host connected)
* @param s - command will be sent to RouterOS for example "/ip/address/print\n=follow="
* @return
public String sendCommand(String s) {
return writeCommand.setCommand(s).runCommand();
* exeecutes already set command.
* @return returns status of the command sent
public String runCommand() {
return writeCommand.runCommand();
* Tries to fech data that is repllied to commands sent. It will wait till it can return something.
* @return returns data sent by RouterOS
* @throws java.lang.InterruptedException
public String getData() throws InterruptedException {
String s = (String) queue.take();
return s;
* returns command that is set at this moment. And will be exectued if runCommand is exectued.
* @return
public String getCommand() {
return writeCommand.getCommand();
* set up method that will log you in
* @param name - username of the user on the router
* @param password - password for the user
* @return
public String login(String name, char[] password) {
this.sendCommand("/login");
String s = "a";
try {
s = this.getData();
} catch (InterruptedException ex) {
Logger.getLogger(ApiConn.class.getName()).log(Level.SEVERE, null, ex);
return "failed read #1";
if (!s.contains("!trap") && s.length() > 4) {
String[] tmp = s.trim().split("\n");
if (tmp.length > 1) {
tmp = tmp[1].split("=ret=");
s = "";
String transition = tmp[tmp.length - 1];
String chal = "";
chal = Hasher.hexStrToStr("00") + new String(password) + Hasher.hexStrToStr(transition);
chal = Hasher.hashMD5(chal);
String m = "/login\n=name=" + name + "\n=response=00" + chal;
s = this.sendCommand(m);
try {
s = this.getData();
} catch (InterruptedException ex) {
Logger.getLogger(ApiConn.class.getName()).log(Level.SEVERE, null, ex);
return "failed read #2";
if (s.contains("!done")) {
if (!s.contains("!trap")) {
return "Login successful";
return "Login failed";
@Override
public void run() {
try {
InetAddress ia = InetAddress.getByName(ipAddress);
if (ia.isReachable(1000)) {
sock = new Socket(ipAddress, ipPort);
in = new DataInputStream(sock.getInputStream());
out = new DataOutputStream(sock.getOutputStream());
connected = true;
readCommand = new ReadCommand(in, queue);
writeCommand = new WriteCommand(out);
this.listen();
message = "Connected";
} else {
message = "Not reachable";
} catch (UnknownHostException ex) {
connected = false;
message = ex.getMessage();
ex.printStackTrace();
} catch (IOException ex) {
connected = false;
message = ex.getMessage();
ex.printStackTrace();
}

Deployment Rule Set Centrally Managed location of .jar file?

Hello,
We are currently looking at implementing the Deployment Rule Set in our company and I was wondering if there is a way to centrally manage the Deployment Rule Set?
Having to keep up with deploying the jar file for every change and expiring certificates isn't ideal
Thanks!

And your OS doesn't have a file search feature, which might have given you the answer faster than waiting for a response on these columns?
db

Sign a JAR file & PKI card

Can I use the certificates from my PKI card to sign a JAR file? The certificates are X.509 standard compliant.
Many thanks!

On a more serious helpful note... :) Jack up this value in the sign_webutil.bat file... Its defaulted to 360.. I set mine to 5000. Not sure how high it will go...
REM
REM Number of days before this certificate expires
REM
SET VALIDDAYS=5000
REM
REM Signing script starts here...
REM
Message was edited by:
Mark Reichman

Problem Signing midlet .jar file.

Hi,
Step - 1 :
======
- I have created a keystore first like.
- c:> keytool -genkey -alias <alias> -keystore c:/abcd.sks -keyalg RSA*
o/p : So it created a keystore.
Step - 2:
======
- I imported my certificate from Verisign into the keystore..
- keytool -import -alias <alias> -keystore c:/abcd.sks -file <CompanyCert.cer>
o/p : The certificate imported successfully.
Problem :
=======
Problem occurs at the time of signing the jar file with jarsigner
jarsigner Myjar.jar <alias>
o/p :Jar is signed and It says, "your certificate will expire in six months". But our certificate has an expiry in 2011.
Also when the jar file installed in the mobile, it occurs as an invalid application.

The following may help you..
JavaJar(written by java) can compress and decompress jar,war, ear and.zip...
it can deal with manifest file and executable .jar file .specially.
may download from http://www.qwerks.com/download/4114/JavaJar.zip
the tool is very verygood tool.
but the homepage(www.pivotonic.com) of JavaJar cannot be accessed.
it is funny.
good lucky.

Adogjf Unable to generate jar files under JAVA_TOP error while patching

Hi,
I'm upgrading my version of Java from 1.3.1_19 to 1.5.0_17. I downloaded the jdk-1_5_0_17-linux-i586.bin file and unpackaged it to /u0/<SID>/<SID>db/10.2.0. It unpackaged it to a new directory jdk1.5.0_17 (/u0/<SID>/<SID>db/10.2.0/jdk1.5.0_17), whereas the old version is in a directory jdk (/u0/<SID>/<SID>db/10.2.0/jdk).
Having done that I had to run an interoperability patch (4372996). Upon running this patch I received an error at the end:
adogjf() Unable to generate jar files under JAVA_TOP
There were no other errors.
I think the problem has to do with where my new java version is located but I'm not sure. I'm thinking that it's still looking under the old JAVA_TOP (/u0/<SID>/<SID>db/10.2.0/jdk) when I want it to look under the new JAVA_TOP (/u0/<SID>/<SID>db/10.2.0/jdk1.5.0_17). So, should I move the contents from the new directory (jdk1.5.0_17) to the old directory (jdk) or is there a way to 'point' it to the new JAVA_TOP.
Please let me know if I'm totally off base and there's another solution. We're currently on EBS 11.5.10.2, DB 10.2.0.4 and RHEL 4 Update 5.
Thanks,
Lia.

Here you go. Hope this helps you to help me :-). Thanks.
+
** Generating the product JAR files...
STRT_TASK: [Generate JAR files] [] [Fri Mar 27 2009 09:20:32]
STRT_TASK: [Generate JAR files under JAVA_TOP] [] [Fri Mar 27 2009 09:20:32]
Signing product JAR files in JAVA_TOP -
/u0/mary/marycomn/java
using entity Customer and certificate 1.
Calling /u0/mary/marycomn/util/jre/1.1.8/bin/jre ...
Successfully created javaVersionFile.
Generating product JAR files in JAVA_TOP -
/u0/mary/marycomn/java with command:
adjava -mx512m -nojit oracle.apps.ad.jri.adjmx @/u0/mary/maryappl/admin/mary/out/genjars.cmd
Reading product information from file...
Reading language and territory information from file...
Reading language information from applUS.txt ...
Temporarily resetting CLASSPATH to:
"/u0/mary/maryappl/ad/11.5.0/java/adjri.zip:/u0/mary/marycomn/util/jre/1.1.8/lib/rt.jar:/u0/mary/marycomn/util/jre/1.1.8/lib/i18n.jar:/u0/mary/marycomn/util/jre/1.1.8/lib/tools.jar:/u0/mary/marycomn/java/appsborg.zip:/u0/mary/marycomn/java/apps.zip:/u0/mary/maryora/8.0.6/forms60/java:/u0/mary/marycomn/java"
Calling /u0/mary/marycomn/util/jre/1.1.8/bin/jre ...
The JDK version is 1.1.8
Validating the files/directories specified for -areas option
Validating the files/directories specified for -outputSpec option
Validating the directory specified for -lstDir option
About to Analyze the input areas : Fri Mar 27 2009 09:20:36
WARNING: Will not load stale resource unit META-INF/services/javax.xml.parsers
WARNING: Will not load stale resource unit META-INF/services/javax.xml.transform
Done Analyzing the input areas : Fri Mar 27 2009 09:20:43
About to Analyze/Generate jar files : Fri Mar 27 2009 09:20:43
About to Analyze fndnetcharts.jar : Fri Mar 27 2009 09:20:43
Up-to-date : fndnetcharts.jar
Done Analyzing fndnetcharts.jar : Fri Mar 27 2009 09:20:44
About to Analyze fndtdg.jar : Fri Mar 27 2009 09:20:44
Up-to-date : fndtdg.jar
Done Analyzing fndtdg.jar : Fri Mar 27 2009 09:20:44
About to Analyze fndjgl.jar : Fri Mar 27 2009 09:20:44
Up-to-date : fndjgl.jar
Done Analyzing fndjgl.jar : Fri Mar 27 2009 09:20:45
About to Analyze fndjle.jar : Fri Mar 27 2009 09:20:45
Up-to-date : fndjle.jar
Done Analyzing fndjle.jar : Fri Mar 27 2009 09:20:47
About to Analyze fndlrucache.jar : Fri Mar 27 2009 09:20:47
Up-to-date : fndlrucache.jar
Done Analyzing fndlrucache.jar : Fri Mar 27 2009 09:20:47
About to Analyze fndgantt.jar : Fri Mar 27 2009 09:20:47
Up-to-date : fndgantt.jar
Done Analyzing fndgantt.jar : Fri Mar 27 2009 09:20:47
About to Analyze fndpromise.jar : Fri Mar 27 2009 09:20:47
Up-to-date : fndpromise.jar
Done Analyzing fndpromise.jar : Fri Mar 27 2009 09:20:48
About to Analyze fndforms.jar : Fri Mar 27 2009 09:20:48
About to Generate fndforms.jar : Fri Mar 27 2009 09:20:49
Done Generating fndforms.jar : Fri Mar 27 2009 09:20:50
About to Sign fndforms.jar : Fri Mar 27 2009 09:20:50
ERROR: Javakey subcommand exited with status 1
Javakey standard output:
Adding entry: META-INF/MANIFEST.MF
Copyright (c) 2002 Oracle Corporation
Redwood Shores, California, USA
AD Java Key Generation
Version 11.5.0
NOTE: You may not use this utility for custom development
unless you have written permission from Oracle Corporation.
Javakey error output:
Reading product information from file...
Reading language and territory information from file...
Reading language information from applUS.txt ...
Successfully created javaVersionFile.
Customer not found in database.
java key error:
adjava -ms128m -mx256m sun.security.provider.Main -gs /u0/mary/marycomn/java/oracle/apps/fnd/jar/fndforms.jar.tmp /u0/mary/marycomn/java/oracle/apps/fnd/jar/fndforms.jar.uns
The above Java program failed with error code 1.
Done Analyzing/Generating jar files : Fri Mar 27 2009 09:20:51
AD Run Java Command is complete.
Copyright (c) 2002 Oracle Corporation
Redwood Shores, California, USA
AD Java
Version 11.5.0
NOTE: You may not use this utility for custom development
unless you have written permission from Oracle Corporation.
Failed to generate product JAR files in JAVA_TOP -
/u0/mary/marycomn/java.
adogjf() Unable to generate jar files under JAVA_TOP
AutoPatch error:
Failed to generate the product JAR files
You should check the file
/u0/mary/maryappl/admin/mary/log/4372996.log
for errors.
+

Problems with signed JAR files in JWS/JRE6 environment.

Hello All,
I'm encountering a problem running our desktop application as a Java Web Start deployment in a JRE 6 environment. There were never any problems when running the same application as a JWS deployment in JRE 1.4, or 5, environments. There are also currently no problems in a JRE 6 environment when running the application as a standard desktop application.
The problem which I am having has nothing to do with launching the application. But for good measure, I verified the JNLP file with JaNeLA. A couple things we out of order, which I addressed to make JaNeLA happy, but my problem still persists. Here is my JNLP file (anonymized to protect the innocent):
TS: 2010-10-18 17:04:46
<?xml version="1.0" encoding="UTF-8"?>
<jnlp codebase="$$codebase" href="$$name">
     <information>
          <title>Acme Desktop</title>
          <vendor>Acme Corporation</vendor>
          <homepage href="http://www.acme.com/"/>
          <description>Acme Client for Acme Server</description>
          <description kind="tooltip">Acme Client for Acme Server</description>
          <icon href="desktop.gif"/>
          <offline-allowed/>
     </information>
     <security>
          <all-permissions/>
     </security>
     <resources>
          <j2se version="1.5+"/>
          <jar href="acmedesktop.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/antlr-2.7.2.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/backport-util-concurrent.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/commons-codec-1.3.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/commons-httpclient.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/commons-logging.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/acmeapi.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/HelpJavaDT.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/HelpJavaDT_es.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/jacorb.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/Multivalent.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/slf4j-api-1.5.6.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/slf4j-jdk14-1.5.6.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/snow.jar" download="lazy" version="8.00.01.00+"/>
          <jar href="lib/AcmeTMClient.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/xercesImpl.jar" download="eager" version="8.00.01.00+"/>
          <jar href="lib/xml-apis.jar" download="eager" version="8.00.01.00+"/>
          <extension name="installer" href="desktopInstaller.jnlp" />
          <extension name="Java Help" href="help.jnlp"/>
          <property name="java.library.path" value="./lib"/>
          <property name="admin" value="false"/>
          <property name="webstart" value="true"/>
          
     </resources>
     <resources os="Windows">
          <nativelib href="lib/jniWin32.jar" version="8.00.01.00+"/>
     </resources>
     <application-desc main-class="desktop"/>
</jnlp>-----
When running as a JWS deployment, on JRE 6, the application will be functioning normally for a little while, and then suddenly the following exception is thrown, and the current operation fails because the class in question cannot be accessed:
java.lang.SecurityException: class "acmeapi.communication.CDocImpl"'s signer information does not match signer information of other classes in the same package
     at java.lang.ClassLoader.checkCerts(ClassLoader.java:807)
     at java.lang.ClassLoader.preDefineClass(ClassLoader.java:488)
     at java.lang.ClassLoader.defineClassCond(ClassLoader.java:626)
     at java.lang.ClassLoader.defineClass(ClassLoader.java:616)
     at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141)
     at java.net.URLClassLoader.defineClass(URLClassLoader.java:283)
     at java.net.URLClassLoader.access$000(URLClassLoader.java:58)
     at java.net.URLClassLoader$1.run(URLClassLoader.java:197)
     at java.security.AccessController.doPrivileged(Native Method)
     at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
     at com.sun.jnlp.JNLPClassLoader.findClass(JNLPClassLoader.java:288)
     at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
     at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
     at acmeapi.common.CDoc.getAnnotationsInfo(CDoc.java:493)
     at acmedesktop.communication.CCommunicationManager.privateGetAnnotations(CCommunicationManager.java:1976)
     at acmedesktop.communication.CCommunicationManager.getAnnotations(CCommunicationManager.java:1828)
     at acmedesktop.annotations.CViewAnnotations.getAnnotations(CViewAnnotations.java:826)
     at acmedesktop.annotations.CViewAnnotations.createView(CViewAnnotations.java:583)
     at acmedesktop.annotations.CViewAnnotations.setData(CViewAnnotations.java:736)
     at acmedesktop.annotations.CViewAnnotations.init(CViewAnnotations.java:205)
     at acmedesktop.hitspanel.CHitsPanel.viewAnnotations(CHitsPanel.java:281)
     at acmedesktop.hitspanel.CHitsTab$3.mousePressed(CHitsTab.java:316)
     at java.awt.AWTEventMulticaster.mousePressed(AWTEventMulticaster.java:263)
     at java.awt.Component.processMouseEvent(Component.java:6260)
     at javax.swing.JComponent.processMouseEvent(JComponent.java:3267)
     at java.awt.Component.processEvent(Component.java:6028)
     at java.awt.Container.processEvent(Container.java:2041)
     at java.awt.Component.dispatchEventImpl(Component.java:4630)
     at java.awt.Container.dispatchEventImpl(Container.java:2099)
     at java.awt.Component.dispatchEvent(Component.java:4460)
     at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4574)
     at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4235)
     at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4168)
     at java.awt.Container.dispatchEventImpl(Container.java:2085)
     at java.awt.Window.dispatchEventImpl(Window.java:2478)
     at java.awt.Component.dispatchEvent(Component.java:4460)
     at java.awt.EventQueue.dispatchEvent(EventQueue.java:599)
     at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:269)
     at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:184)
     at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:174)
     at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)
     at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)
     at java.awt.EventDispatchThread.run(EventDispatchThread.java:122)-----
The classes of our desktop product are contained within the 'acmedesktop' and 'acmeapi' packages. It requires access to the hard drive of the workstation, and therefore, all jar files included with the application are signed using the following ANT task when compiled:
<signjar keystore="resources/codesigning/keystore.pfx" storetype="pkcs12" storepass="myPassword" alias="myAlias">
     <fileset dir="${jws_dist}/app" includes="*.jar"/>
     <fileset dir="${jws_dist}/app/lib" includes="*.jar" excludes="jhall__V${dt_version}.jar"/>
</signjar>-----
Therefore, all classes, within all jar files, are signed with the same certificate (with the exception of the JavaHelp libraries, which are already signed by Sun - but the class in question attempting to be loaded here is not contained within the JavaHelp jar file anyway). So, the point being, that the exception message stating that the "signer information of the acmeapi.communication.CDocImpl class doesn't match the signer information of other classes in the same package", is simply not correct. All classes within that jar file were signed using the same certificate.
I downloaded the JRE 6 source from dev.java.net and picked through this issue with a debugger. The ClassLoader.checkCerts() method compares the certificate used to sign the current class which is attempting to be loaded, with the certificates which signed all other previously loaded classes within the same package. If they don't match, the exception above is thrown. What is causing the issue is when the checkCerts() method attempts to get the certificates which signed the currently loading class, null is returned. And obviously, comparing null, with an array of the certificates which signed the previously loaded classes, isn't going to match; therefore this exception is thrown.
The checkCerts() method gets the certificates of the currently loading class by calling the java.security.CodeSource.getCertificates() method. Tracing deeper in the debugger, the CodeSource object ultimately gets the certificates from the 'signersRef' member variable of the com.sun.deploy.cache.CachedJarFile class. signerRef is a SoftReference object and can therefore be garbage collected at some point. If it has already been garbage collected, the CachedJarFile class will attempt to retrieve it again from the loaded cache entry by calling com.sun.deploy.cache.MemoryCache.getLoadedResource().
The MemoryCache class maintains the cache entries to the jar files as MemoryCache.CachedResourceReference objects, which subclass WeakReference, and therefore these objects can be garbage collected as well. If the cache entries have also been garbage collected, this leaves the CachedJarFile class with no ability to repopulate the CachedJarFile.signerRef object. Therefore it is completely out of luck getting the certificates which signed the currently loading class, which ultimately causes the above exception.
When the com.sun.deploy.cache.Cache class attempts to retrieve a cache entry using its getCacheEntry() method, it will attempt to get the entry from the MemoryCache class, if null is returned, it will recreate the cache entry and add it back to the MemoryCache. In contrast, when the CachedJarFile class attempts to get a cache entry from the MemoryCache class, if null is returned, it just gives up.
(from com.sun.deploy.cache.CachedJarFile:244)
private CacheEntry getCacheEntry() {
     /* if it was not created by Cache do not search for entry */
     if (resourceURL == null)
          return null;
     CacheEntry ce = (CacheEntry) MemoryCache.getLoadedResource(resourceURL);
     if (ce == null) {
          //This should not happen because CacheEntry should not get collected
          // before CachedJarFile is collected.
          Trace.println("Missing CacheEntry for " + resourceURL + "\n" + ce,
               TraceLevel.CACHE);
     return ce;
When debugging, code execution falls within the code block with the comment stating "This should not happen...", but it is happening in my case.
On an interesting side note, using the jvisualvm.exe tool included with JDK 6, I was able to tell that it seems as though these objects are collected the first time that the JVM allocates more heap space, and then the issue will occur. If I set the initial heap size very large (using -Xms) this issue won't occur at all. But that is kind of a bad solution which I would rather not do, but it is interesting to note for the sake of troubleshooting this issue. The max heap size (-Xmx) is plenty big enough, so the issue is not that we are running out of memory here.
Does anyone have any insight as to what could be causing this? I've searched, and found a couple threads with similar problems but with no clear solutions. It is not just one workstation either, it happens everywhere I deploy the app as a Java Web Start application in a JRE 6 environment. I have been using version 1.6.0_18 on XP, but it seems to happen on any update version of 1.6. Is the fact that the CachedJarFile class doesn't attempt to reload the resource when it can't retrieve it from MemoryCache a bug? I've dug as deep as I can on this and I'm at wits end, does anybody have any ideas?
Thank you
Jake
Edited by: jkc532 on Nov 12, 2010 10:35 AM

jkc532 wrote:
.. Is the fact that the CachedJarFile class doesn't attempt to reload the resource when it can't retrieve it from MemoryCache a bug? From your comprehensive investigation and report, it seems so to me.
..I've dug as deep as I can on this and I'm at wits end, does anybody have any ideas?Just after read the summary I was tired, so I have some understanding of the effort you have already invested in this (the 'wits' you have already spent). I think you should raise a bug report and seek Oracle's response.

How to include .jar files in coldfusion code

To Integrate our cfm code with paypal jar files we do the
following steps with our local coldfusion server ,and to run and
integrate the paypal Java SDK jar files, I think we need to do the
same process on the server, can you suggest any thing to do the
following setting for my domain on the server, without setting the
class path in coldfusion administrator.
The ColdFusion application server must be configured to know
the location of the PayPal JAR
files, and your ColdFusion Markup (CFM) pages must be
configured with the absolute path to
the PayPal API certificate for the PayPal API user on whose
behalf the calls are made.
1. Install the PayPal Java SDK “Installing the
SDK”.
2. Copy a subset of the Java SDK JAR files to a location
accessible by the ColdFusion
application server. The JAR files are in SDK_root\lib and
their exact names are as
follows:
– bcmail-jdk14-128.jar
– bcprov-jdk14-128.jar
– paypal_base.jar
– paypal_stubs.jar
sax2.jar
– xerces.jar
– xpp3-1.1.3.4d_b4_min.jar
– xstream.jar-1.1.3.jar
3. With the ColdFusion Application Server Administrator, add
the absolute path of the
location you determined in Step 2 to the Java and JVM
CLASSPATH environment variable.
4. Restart the ColdFusion Application Server.
Suggest me how to include .jar files without setting
classpath.

> Suggest me how to include .jar files without setting
classpath.
Copy them to {CF_HOME}\lib, where {CF_HOME} is, for example,
C:\CFusionMX7. Restart Coldfusion.

Is it possible to digitally sign a jar file that will be used to install CF in WebSphere?

I am currently working for a contractor for the DoD. We are maintaining a project that uses CF installed as an application through WebSphere. We are currently going through a security checklist and being asked to provide evidence that the CF application has a digital signature. From what we can gather they are looking to see that the jar file installed into WebSphere is digitally signed. We have reached out to IBM, and have received a response that digital signatures are recognized by WebSphere.
Unfortunately, it seems that those that are looking for the evidence do not know much more than what the checklist requirement states. They cannot provide more details or expand on what they need. Any assistance or advice in this matter would be appreciated.
Thanks,

Masterkeedu wrote: !! It worked.
Congratulations. :-)
Masterkeedu wrote: So it's not certified, but is signed.
So as I understand this, it means the end-user has no way to know it was me that truly signed it. But relies on their common sense I suppose.
That is correct. The CA has verified, and is certifying, that you are who you claim to be. If you or I use a 'self signed' certificate, it does not carry the same level of trust. As you might understand already, the dialogs are different between the two certificate types, and some users cannot accept trusted code from an unverified (self-signed) certificate.
I have been meaning to write a page on the differences between the two certificates. It is well worth looking into getting a cert. from a CA.
There was a stage when one of the major CAs were offering 'freemail' certificates that came emblazoned not with your name, but 'free mail' itself. I did not like them because of that, and continue to use a self-signed certificate.

Jar file certificate expiration

Similar Messages

Maybe you are looking for