Specifiy certificate in jnlp, so mutliple signed jars aren't a problem
Is it possible to specify my certificate in the jnlp?
Webstart can ask the user the accept that one, while some of my jars are actually signed by other certificates too.
I have several 3th party jars that I sign but that are already signed, for example acegi-security, ... It's hard to unsign them automatically and it doesn't feel right to have to unsign them (it's like being signed is a bad thing).
PS: I am using maven2 and it's webstart plugin to generate my jnlp which works perfectly with non-signed dependend jars.
Problem is I have about 30 dependencies, of which a couple are already signed.
I don't want my user to have to click through 20 certificates.
Similar Messages
-
Multiple jnlp's for signed jars
Hi,
I'm trying to solve the issue where you have several different certificates trying to sign the jars ... I've found out that you can just add extentions to your main jnlp and add the jars there.
Problem: I have loads of jars, all with different certificates.
At the moment I just generate my jnlp by usign a template, and entering $dependencies to list all jars in the file. That didn't work (JAR resources in JNLP file are not signed by same certificate), so I added my main jar in the main jnlp, and all the other jars in the extended jnlp, which is not working. Probably because (correct me if I'm wrong) I have to split every jar with another certificate into another jnlp ?
Is there any way I can split up the signed jars without having to add them manually in the jnlp file ?
Edited by: ReggieBE on May 16, 2008 1:17 AMOh, and I'm using webstart-maven-plugin from mojo.codehouse.org ;)
-
JNLP: Signed jars but still not trusted
I have an applet that has signed jars that were signed by the same key, the applet shows the correct warnings on startup and works fine (allows access to the local file system, etc), however there still exists the 'yellow triangle warning' on one of two popups frames that the applet produces (but not the other one).
The applet does use native code (packaged in a signed jar and referenced in the JNLP). The jars are all signed by the same certificate from a CA. I originally didn't have the JNLP signed (by placing it in the main jar in JNLP-INF/APPLICATION.JNLP) but this didn't help. Also I didn't have the JNLP codebase set to a real URL (and really cant in production because its a solution we deploy to customers servers - its packaged software not hosted) but even after I tested with a codebase to a test server, it still didnt remove the famed yellow triangle. I have all-permissions set in the JNLP.
So two related questions:
1) Other than having not having signed jars (or not signed correctly), what other reasons cause the 'yellow triangle'?
2) The warning only appears on one of the popup Frames. What could be the possible reasons for that? Are there some privileges that show the icon whether the applet is signed or not?
Note: While changing the client policy setting (showWindowWithoutWarningBanner) works, this cant be a solution.
From the Java Console:
...It goes through all the jars (I only included one for brevity - there are 23 of them). Note it says 'have 1 common certificates'.. which I think indicates everything is signed by the same cert.
Is there any indication in the console logs I can use to determine why it is not trusted? It looks (to me) that everything is OK, until it says 'istrusted=false'.
security: Validating cached jar url=http://10.192.252.26/QMDesktop/native.jar ffile=C:\Documents and Settings\bunkowm\Application Data\Sun\Java\Deployment\cache\6.0\34\1df0b62-2c3ce377 com.sun.deploy.cache.CachedJarFile@d964af
cache: Reading Signers from 995 http://10.192.252.26/QMDesktop/native.jar | C:\Documents and Settings\bunkowm\Application Data\Sun\Java\Deployment\cache\6.0\34\1df0b62-2c3ce377.idx
security: Have 1 common certificates after processing http://10.192.252.26/QMDesktop/native.jar
security: Istrusted: null false
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Start to check whether root CA is replaced
security: The root CA hasnt been replaced
security: No timestamping info available
security: Found jurisdiction list file
security: No need to checking trusted extension for this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
security: Checking if certificate is in Deployment session certificate store
security: Mark trusted: nullAndrew - of course you were correct about the signed cert - I misspoke when the CA signed applet didn't show a warning. (You were also right that I must have checked 'always accept' the certificate on the server I had the CA signed cert on).
I think you guys are on to something about the privileged actions. It would explain where one popup has the icon and the other doesn't. We have Javascript making calls into the applet and we do use JNI (although I don't think there are any calls back). We do wrap these calls in privileged actions but maybe we missed something. What I've seen before is a security exception is thrown if we don't wrap them - but maybe there are areas where we don't and it doesn't throw an exception or it does and we eat it somehow (and for whatever reason doesn't cause anything noticeable).
Now that I know it could likely be the applet code and not necessarily a build issue with signing the jars, I have another place to look...
I'll check it out and let you know what I find. -
Frmall.jar, jacob.jar,... determine certificate with which they were signed
hi,
oracle forms provides signed jar-files (frmall.jar, jacob.jar,...).
is there a way to determine the certificate with which the particular jar-file was signed?
regards,
matthiashi
you will find a batch file inside in the webutil folder.
mkcrt something like this.
u can make certificate by using that batch file in command prompt.
sarah -
Add intermediate certificate to signed jar
Is it possible to add an intermediate certificate to a signed jar file?
The users of my applet are asked to trust the certificate showing the hint that the source is not trusted. The root certificate of my code signing certificate is included in the trusted sources.
Thanks,
ReinhardI have already a full trusted chain consisting of the root, an intermediate certificate and my code signing certificate. The root is included in Java�s trusted roots. But if I sign my jar with my code signing certificate, Java can not build the trust chain, as it does not have the intermediate certificate. If it would be possible to include the intermediate certificate certificate it would work, but appearantly this is not possible with jarsigner.
-
In-House Certificate Authority for Self Signed Jars in JRE1.8
Hi,
I am trying to get some assistance on a Java issue that Oracle Support are struggling with. I am using Oracle E-Business Suite and there is a note 1591073.1 advising on what to do to allow E-Business Suite to interoperate with the new security model of JRE 1.8
The note effectively advises on 3 options –
Option 1 - Purchase a Code Signing Certificate from a well known Certificate Authority ( already registered in their Root Certificates Key Store cacert ) and import it into the Key Store adkeystore.dat
Option 2 - Purchase a Root Certificate from an unknown Certificate Authority, import it into the Key Store cacerts, then purchase a Code Signing Certificate from this Authority as per option 1
Option 3 - Designate yourself as an In-House Certificate Authority by creating your own Root Certificate, importing into the Key Store cacerts and then creating yourself a Code Signing Certificate as this In-House Authority and importing into the Key Store adkeystore.dat
Q1. I am trying to achieve option 3. However the Oracle note does not actually tell you how to create a Root Digital Certificate and Oracle support are struggling to answer – does anyone know how to do this ?
Q2. How then do you create a Code Signing Certificate – Oracle seem to have a command ‘adjkey’ but I am not sure if this is what should be used and if so, how this maps my Root Certificate in the Key Store cacerts (given that there are also lots of other Root Certificates in cacerts belonging to all the well known Certificate Authorities ) to the Code Signing Certificate Key Store adkeystore.dat ?
Any advice greatly appreciated,
JimHi,
For this issue, ensure you explicitly set the store for the certificate.
Meanwhile, I would like to share the following article with you, I suggest you perform the steps to test it.
Windows 8 Mail and Exchange using a self-signed certificate
http://david.gardiner.net.au/2012/08/windows-8-mail-and-exchange-using-self.html.
It also applies to windows 8.1.
Additionally, I suggest you use other network to test it.
If the issue persists, try to switch off SSL to see if it works.
Note: Microsoft provides third-party
contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
Regards,
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Error with Java WebStart Signed Jars on 1.6.0_19's new Mixed Code
All,
First, we have a valid code signing certificate/keystore from Thawte that works for signing webstart jars as of update 18. For some reason, if you run our webstart application on update 19 JRE, the runtime believes that some of the jars are not signed and some are. Even though we create and sign the jars in the exact same way and after inspecting the jar the JRE believes are not signed they have the necessary signing entries/files in the manifest folder. Not sure why the signing process would work for some of our jars and not for others. There is nothing really all that different.
So, because the JRE believes some of the jars are not signed the new security warning "...contains both signed and unsigned code." pops up ( [Error Description|http://java.com/en/download/help/error_mixedcode.xml] ). If I press yes, then I get the following exception.
java.lang.SecurityException: trusted loader attempted to load sandboxed resource from https://path-to-our.jar
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.check(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.access$1400(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at main.JwsMain.main(JwsMain.java:32)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)If I press "no" I get the following exception (I get this exception if I try to run our WebStart application with no signed jars as well, no warnings about missing certs, just straight to error)
java.lang.NullPointerException
at com.sun.deploy.cache.CachedJarFile.findMatchingSignerIndices(Unknown Source)
at com.sun.deploy.cache.CachedJarFile.entryNames(Unknown Source)
at com.sun.deploy.cache.DeployCacheJarAccessImpl.entryNames(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler.assertTrust(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler.access$700(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.check(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.access$1400(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at main.JwsMain.main(JwsMain.java:32)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)Does anyone know why this would be happening? It only occurs with the new update. We use the same keystore and process for signing all of our jars so it really doesn't make since why some of them work and some of them don't. Also, our JNLP is correct or it wouldn't work in update 18.
Edit: We've tried it on Windows XP SP3 and compiled the code using update 18 and used jarsigner both from 18 and 19 with same results.
Edited by: chenthor on Apr 1, 2010 8:44 AM
Edited by: chenthor on Apr 1, 2010 8:51 AMHi All,
So we've been battling this bug for a year or so now, and I've come up with a solution to the webstart bugs
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6967414
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6805618
(see the bugs for more details)
From what we can tell the bug stems from the way that the jar signers information is "cached" by webstart.
When a jar is loaded by webstart, it is represented by a CachedJarFile instance. When loading and using classes the signature for the jar is verified. The signers used is the one that is stored in the CachedJarFile instances. These "signers" are stored as SoftReferences. SoftReferences are like WeakReferences, except that they only become eligible for garbage collection when there is a small amount of available heaps space remaining and that the object is only softly reachable. (That's a pretty crude description, but it will do for now)
So what we found was happening is that when the JVM reached a certain heap size threshold and needed to allocate more heap, that these soft references (and hence the signers information) werebeing garbage collected. if you attempt to load a class after this you get the security error.
So I came up with a hack to work around this. At application startup, iterate through all of the CachedJarFile objects on the classpath and create a hard reference to each of the signers info by putting them in a static list somewhere. From our tests this seems to work. (though with the intermittent nature of the problem, it has been hard to prove conclusively, though we've had some success repro-ing the issue, by reducing the intial heap size and using VisualVM to watch for heap expansions and forcing gc's)
Below is the code for the hack, to run it just call JarSignersHardLinker.go() and it will do some sanity checks (running on webstart on java 1.6 update 19 or higher) before spawning a new thread to create hard refs for all signers info for all jars on the classpath.
import java.io.IOException;
import java.lang.ref.SoftReference;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.JarURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import java.util.jar.JarFile;
* A utility class for working around the java webstart jar signing/security bug
* see http://bugs.sun.com/view_bug.do?bug_id=6967414 and http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6805618
* @author Scott Chan
public class JarSignersHardLinker {
private static final String JRE_1_6_0 = "1.6.0_";
* the 1.6.0 update where this problem first occurred
private static final int PROBLEM_JRE_UPDATE = 19;
public static final List sm_hardRefs = new ArrayList();
protected static void makeHardSignersRef(JarFile jar) throws java.io.IOException {
System.out.println("Making hard refs for: " + jar );
if(jar != null && jar.getClass().getName().equals("com.sun.deploy.cache.CachedJarFile")) {
//lets attempt to get at the each of the soft links.
//first neet to call the relevant no-arg method to ensure that the soft ref is populated
//then we access the private member, resolve the softlink and throw it in a static list.
callNoArgMethod("getSigners", jar);
makeHardLink("signersRef", jar);
callNoArgMethod("getSignerMap", jar);
makeHardLink("signerMapRef", jar);
// callNoArgMethod("getCodeSources", jar);
// makeHardLink("codeSourcesRef", jar);
callNoArgMethod("getCodeSourceCache", jar);
makeHardLink("codeSourceCacheRef", jar);
* if the specified field for the given instance is a Softreference
* That soft reference is resolved and the returned ref is stored in a static list,
* making it a hard link that should never be garbage collected
* @param fieldName
* @param instance
private static void makeHardLink(String fieldName, Object instance) {
System.out.println("attempting hard ref to " + instance.getClass().getName() + "." + fieldName);
try {
Field signersRef = instance.getClass().getDeclaredField(fieldName);
signersRef.setAccessible(true);
Object o = signersRef.get(instance);
if(o instanceof SoftReference) {
SoftReference r = (SoftReference) o;
Object o2 = r.get();
sm_hardRefs.add(o2);
} else {
System.out.println("noooo!");
} catch (NoSuchFieldException e) {
e.printStackTrace();
return;
} catch (IllegalAccessException e) {
e.printStackTrace();
* Call the given no-arg method on the given instance
* @param methodName
* @param instance
private static void callNoArgMethod(String methodName, Object instance) {
System.out.println("calling noarg method hard ref to " + instance.getClass().getName() + "." + methodName + "()");
try {
Method m = instance.getClass().getDeclaredMethod(methodName);
m.setAccessible(true);
m.invoke(instance);
} catch (SecurityException e1) {
e1.printStackTrace();
} catch (NoSuchMethodException e1) {
e1.printStackTrace();
} catch (IllegalArgumentException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
} catch (InvocationTargetException e) {
e.printStackTrace();
* is the preloader enabled. ie: will the preloader run in the current environment
* @return
public static boolean isHardLinkerEnabled() {
boolean isHardLinkerDisabled = false; //change this to use whatever mechanism you use to enable or disable the preloader
return !isHardLinkerDisabled && isRunningOnJre1_6_0_19OrHigher() && isRunningOnWebstart();
* is the application currently running on webstart
* detect the presence of a JNLPclassloader
* @return
public static boolean isRunningOnWebstart() {
ClassLoader cl = Thread.currentThread().getContextClassLoader();
while(cl != null) {
if(cl.getClass().getName().equals("com.sun.jnlp.JNLPClassLoader")) {
return true;
cl = cl.getParent();
return false;
* Is the JRE 1.6.0_19 or higher?
* @return
public static boolean isRunningOnJre1_6_0_19OrHigher() {
String javaVersion = System.getProperty("java.version");
if(javaVersion.startsWith(JRE_1_6_0)) {
//then lets figure out what update we are on
String updateStr = javaVersion.substring(JRE_1_6_0.length());
try {
return Integer.parseInt(updateStr) >= PROBLEM_JRE_UPDATE;
} catch (NumberFormatException e) {
//then unable to determine updatedate level
return false;
//all other cases
return false;
* get all the JarFile objects for all of the jars in the classpath
* @return
public static Set<JarFile> getAllJarsFilesInClassPath() {
Set<JarFile> jars = new LinkedHashSet<JarFile> ();
for (URL url : getAllJarUrls()) {
try {
jars.add(getJarFile(url));
} catch(IOException e) {
System.out.println("unable to retrieve jar at URL: " + url);
return jars;
* Returns set of URLS for the jars in the classpath.
* URLS will have the protocol of jar eg: jar:http://HOST/PATH/JARNAME.jar!/META-INF/MANIFEST.MF
static Set<URL> getAllJarUrls() {
try {
Set<URL> urls = new LinkedHashSet<URL>();
Enumeration<URL> mfUrls = Thread.currentThread().getContextClassLoader().getResources("META-INF/MANIFEST.MF");
while(mfUrls.hasMoreElements()) {
URL jarUrl = mfUrls.nextElement();
// System.out.println(jarUrl);
if(!jarUrl.getProtocol().equals("jar")) continue;
urls.add(jarUrl);
return urls;
} catch(IOException e) {
throw new RuntimeException(e);
* get the jarFile object for the given url
* @param jarUrl
* @return
* @throws IOException
public static JarFile getJarFile(URL jarUrl) throws IOException {
URLConnection urlConnnection = jarUrl.openConnection();
if(urlConnnection instanceof JarURLConnection) {
// Using a JarURLConnection will load the JAR from the cache when using Webstart 1.6
// In Webstart 1.5, the URL will point to the cached JAR on the local filesystem
JarURLConnection jcon = (JarURLConnection) urlConnnection;
return jcon.getJarFile();
} else {
throw new AssertionError("Expected JarURLConnection");
* Spawn a new thread to run through each jar in the classpath and create a hardlink
* to the jars softly referenced signers infomation.
public static void go() {
if(!isHardLinkerEnabled()) {
return;
System.out.println("Starting Resource Preloader Hardlinker");
Thread t = new Thread(new Runnable() {
public void run() {
try {
Set<JarFile> jars = getAllJarsFilesInClassPath();
for (JarFile jar : jars) {
makeHardSignersRef(jar);
} catch (Exception e) {
System.out.println("Problem preloading resources");
e.printStackTrace();
} catch (Error e) {
System.out.println("Error preloading resources");
e.printStackTrace();
t.start();
} -
Is a signed jar with another unsigned jar possible?
Is it possible to use 1 signed jar with another unsigned jar with webstart. I read this wasn't possible with version 1.0, but what about higher versions? if so how to specify this?
Thanks
James
Edited by: fatbatman on Mar 26, 2009 1:01 PMAll jars within same jnlp must be signed with the same certificate, but you can use extensions to have many jnlp with different (or no) signature within the same application.
Bye. -
Peculiar issue with signed .jars and Linux (Debian unstable, 2.4.20-custom)
BACKGROUND:
I am a developer working on a Java3D application, which is to be deliverable over
the Web. Delivery as an applet seemed a natural choice, and so I spent a considerable amount of effort learning (I won't say "mastering") the process of
creating a self-signed .jar containing java3d-<some_version>.exe. I have in fact
successfully created a fully-fuctional from-scratch JPI/Java3D/myapp install. By
this I mean that Windows machine with only stock IE installed could hit my URL,
get the proper JPI installed, followed by the Java3D runtime I'd chosen, as well
as a third-party DXF loader, and finally (after much clicking of 'Yes', 'Accept',
'OK', etc.) see my app in a browser window.
That was on my old, slow, Windows2000 workstation. Now I have a shiny, new
workstation upon which my employer has graciously allowed me to run Linux. Sadly,
the re-creation of the self-signed .jar files under a new JDK has not gone smoothly.
PROBLEM DESCRIPTION:
When a user attempts to download the self-signed .jar containing the auto-install
executable for the Java3D runtime, the normal security warning prompts are displayed (one for granting to install the extension, one to accept the "suspect" certificate from me alone). The plugin happily downloads the .jar file, and then
a NullPointerException is thrown, with a
stack trace like:
NPE!
at java.util.zip.ZipFile.getInputStream (unknown source)
at java.util.jar.JarFile.getInputStream (unknown source)
<something>doPrivileged<something>
etc.
I apologize for the lack of a full stack trace; I would essentially have to type it in by hand after printing it out on the remote test box; I hope that I've caught the important details above.
After this, the pure-java signed .jar is downloaded and installed, and then the applet "loads" with the predictable ClassNotFoundException for javax.media.j3d.SceneGroup.
Downloading and installing the J3D runtime by hand and then re-visiting the URL results in a fully-functional applet.
I've tried Blackdown Linux JDKs 1.4 and 1.3.1, as well as Sun's JDKs 1.3.1_07 and 1.3.1_05 for the compiling, jar'ing, and jarsigner'ing of these files, all with the same result. At each new JDK, I re-did the HTML conversion so that he appropriate
JPI version was required on the client. I did complete uninstallations of all client JPI instances (including Web Start for 1.4.1_x, as well as cleaning the registry on the client).
When this strategy worked, it was on Sun JDK 1.3.1_05 for Windows runnning on Windows2000, unknown service pack.
DESIRED BEHAVIOR:
I would like my clients to be able to go from stock Windows2K/IE (this being an intranet without any other options) to some JPI version running the J3D extension, with only the need to click 'OK', 'Accept', 'Grant This Session', etc. a bunch of times on the part of the user. I want this to happen without my having to resurrect my decrepit old Compaq Deskpro just to play the role of "build host" for my
Java3D and loader .jar files, if at all possible.
FILES:
Here's what gets merged into the "main" applet's mainfest at creation time:
Manifest-Version: 1.0
Extension-List: java3d DxfLoader
java3d-Extension-Name: javax.media.j3d
java3d-Implementation-Vendor-Id: com.sun
java3d-Implementation-Version: 1.3
java3d-Specification-Title: Java 3D API Specification
java3d-Specification-Version: 1.3
java3d-Specification-Vendor: Sun Microsystems, Inc
java3d-Implementation-URL: http://10.1.1.1/heartcad/lib/java3d.jar
DxfLoader-Extension-Name: eupla.dxfloader
DxfLoader-Implementation-Title: Eupla DXFLoader
DXFLoader-Implementation-URL: http://10.1.1.1/heartcad/lib/DxfLoader.jar
And into the manifest for the J3D .jar:
Manifest-Version: 1.0
Implementation-Version: 1.3
Specification-Version: 1.3
Extension-Installation: "java3d-1_3-windows-i586-directx-rt.exe"
Extension-Name: javax.media.j3d
Implementation-Vendor-Id: com.sun
Implementation-Vendor: Sun Microsystems, Inc
Specification-Vendor: Sun Microsystems, IncI have seen that bug, and the problem I'm having seems to be different than it. The extension installer is in the first extension .jar my applet asks for, and it
never works automatically, regardless of how many times the applet is loaded.
The second .jar, which doesn't have to run any installer, always works fine, but the first one will never work (a manual install of the Java3D runtime is required). This seems to not be the behavior described in the bug.
I will continue to search for an answer to this problem, and of course if I should find anything I'll post it here. -
Different signed jars need to be passed to the client.
Hi,
My requirement is that I have a list of my jar files that are signed by me and a set of another jar files that are not signed by me, but a third party. I require that these be signed by the third party only. I need to pass this files on to the client.
I cannot put the jars with different signatures under the same jnlp.
I am trying to embed one jnlp (the one that has third party signed jars) inside the main jnlp (the jnlp that will be called from my html). But I am not able to do so,
Please provide any help. Also is there any other approach that can be used.
Thaks in advance.tcstcs,
One thing you could do is manually go in and delete the 3rd party's signature from the second JAR file, and re-sign that jar with your own signature. I'm not 100% sure this is what you should be doing, but you could give it a shot. Open up the 3rd party JAR in WinZip and delete the meta-inf path. This contains the signature. Now you can re-sign that jar with your own signature, and they will all match up so you can use them in the same JNLP file. Hope this helps,
Mark -
Problem Packing Signed JARs of more than 10 MB
Hi friends of Java,
there seems to be a size issue when packing signed JARs.
When I try to pack a signed JAR of about 5 MEGs (such as the jbossall_client.jar file) it works (i.e. jarsigner can verify the result),
but if i try doing it with a JAR of about 11 MEGs the jarsigner can't verify the packed (and unpacked again) file.
Example:
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>dir temp\webstart\BasisWebClient.jar
06.03.2009 17:32 10.943.963 BasisWebClient.jar
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>pack200 --repack temp\webstart\BasisWebClient.jar
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>jarsigner -storepass xxxxxx -keystore resources\build\key\BasisWebKeystore temp\webstart\BasisWebClient.jar BasisWeb
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>jarsigner -verify temp\webstart\BasisWebClient.jar
jar verified.
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>pack200 temp\webstart\BasisWebClient.jar.pack.gz temp\webstart\BasisWebClient.jar
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>unpack200 temp\webstart\BasisWebClient.jar.pack.gz test.jar
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>jarsigner -verify test.jar
jarsigner: java.lang.SecurityException: SHA1 digest error for basisweb/vg/presenter/SchluesselBezeichnungDialogPresenter.class
The same with a smaller file:
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>dir temp\webstart\jbossall-client.jar
31.08.2007 07:31 4.895.807 jbossall-client.jar
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>pack200 --repack temp\webstart\jbossall-client.jar
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>jarsigner -storepass xxxxx -keystore resources\build\key\BasisWebKeystore temp\webstart\jbossall-client.jar BasisWeb
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>jarsigner -verify temp\webstart\jbossall-client.jar
jar verified.
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>pack200 temp\webstart\jbossall-client.jar.pack.gz temp\webstart\jbossall-client.jar
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>unpack200 temp\webstart\jbossall-client.jar.pack.gz test.jar
C:\p\u\ccm_wa\basis_web\santafu~tnagel\santafu>jarsigner -verify test.jar
jar verified.
It also works when I split the original JAR in multiple parts. Any ideas?
Used Java Version:
java version "1.6.0_12"
Java(TM) SE Runtime Environment (build 1.6.0_12-b04)
Java HotSpot(TM) Client VM (build 11.2-b01, mixed mode, sharing)
OS: Windows XP Pro Version 2002 SP2
PC: Intel Pentium 4 3.2GHz, 2GB RAM, 160 GB HD
Regards from Germany,
Thomas NagelHello Bryan,
I dont have a solution yet. Currently we use the jars uncompressed. Sad, but that works.
For the future, we are not really sure wether we can stick with JWS, as the signed JNLP-file-issue might make us even more trouble.
I've done some error search. Look at the following.
Try for your own with some different sized jar's, and maybe post the results (definitely if they all pass):
--- snip ----
package ctest;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.Enumeration;
import java.util.Map;
import java.util.jar.*;
import java.util.jar.Pack200.*;
* @author tnagel
public class PackTest implements Runnable {
String test1 = "junit";
String test2a = "xalan";
String test2 = "jbossall-client";
String test3 = "BasisWebClient2";
String dir = "/tmp/";
String ext1 = ".jar";
String ext2 = ".jar.pack.gz";
//String infile = "/tmp/BasisWebClient.jar";
//String outfile = "/tmp/BasisWebClient.jar.pack.gz";
//String testfile = "/tmp/testaus.jar";
* @param args the command line arguments
public static void main(String[] args) {
PackTest me = new PackTest(args);
public PackTest(String[] args) {
this.run();
public void setProperties(Packer packer) {
// Initialize the state by setting the desired properties
Map p = packer.properties();
// take more time choosing codings for better compression
p.put(Packer.EFFORT, "9"); // default is "5"
//// use largest-possible archive segments (>10% better compression).
// p.put(Packer.SEGMENT_LIMIT, "-1");
//// reorder files for better compression.
//p.put(Packer.KEEP_FILE_ORDER, Packer.FALSE);
//// smear modification times to a single value.
//p.put(Packer.MODIFICATION_TIME, Packer.LATEST);
//// ignore all JAR deflation requests,
//// transmitting a single request to use "store" mode.
//p.put(Packer.DEFLATE_HINT, Packer.FALSE);
//// discard debug attributes
//p.put(Packer.CODE_ATTRIBUTE_PFX+"LineNumberTable", Packer.STRIP);
// throw an error if an attribute is unrecognized
p.put(Packer.UNKNOWN_ATTRIBUTE, Packer.ERROR);
//// pass one class file uncompressed:
//p.put(Packer.PASS_FILE_PFX+0, "mutants/Rogue.class");
@Override
public void run() {
doTest(test1, true);
doTest(test2, true);
doTest(test3, true);
doTest(test3, true);
doTest(test3, true);
private void doTest(String test, boolean compare) {
String infile = dir + test + ext1; // "/tmp/BasisWebClient.jar";
String outfile = dir + test + ext2; // "/tmp/BasisWebClient.jar.pack.gz";
String testfile = dir + test+ "-aus" + ext1;
try {
countJar(infile, false);
JarFile jarFile = new JarFile(infile);
FileOutputStream fos = new FileOutputStream(outfile);
// Create the Packer object
Packer packer = Pack200.newPacker();
setProperties(packer);
// call the packer
long startTimeMethode =System.currentTimeMillis();
packer.pack(jarFile, fos);
System.out.println("Time for Pack: " + (System.currentTimeMillis() - startTimeMethode));
jarFile.close();
fos.close();
File f = new File(outfile);
FileOutputStream fostream = new FileOutputStream(testfile);
JarOutputStream jostream = new JarOutputStream(fostream);
Unpacker unpacker = Pack200.newUnpacker();
// Call the unpacker
startTimeMethode =System.currentTimeMillis();
unpacker.unpack(f, jostream);
System.out.println("Time for Unpack: " + (System.currentTimeMillis() - startTimeMethode));
// Must explicitly close the output.
jostream.close();
countJar(testfile, false);
if(compare) compareJars(infile,testfile);
} catch (IOException ioe) {
System.err.println(ioe);
ioe.printStackTrace();
private void countJar(String filename, boolean showDetails) {
JarFile jarFile1 = null;
try {
int entries = 0;
long sizeTotal = 0L;
long compressedSum = 0L;
jarFile1 = new JarFile(filename);
Enumeration e = jarFile1.entries();
while(e.hasMoreElements()) {
JarEntry jarE = (JarEntry) e.nextElement();
entries ++;
sizeTotal += jarE.getSize();
compressedSum += jarE.getCompressedSize();
if(showDetails) {
System.out.println( jarE.getName() + " s= " + jarE.getSize() + " c= " + jarE.getCompressedSize() );
System.out.println( filename + ": " + entries + " entries, " + sizeTotal + " Byte, compressed " + compressedSum + " Byte" );
} catch (IOException ioe) {
System.err.println(ioe);
ioe.printStackTrace();
} finally {
try { if(jarFile1 != null) jarFile1.close(); } catch (Exception e) { }
private void compareJars(String erstes, String zweites) {
JarFile jarFile1 = null;
JarFile jarFile2 = null;
try {
int fehler = 0;
int entries = 0;
jarFile1 = new JarFile(erstes);
jarFile2 = new JarFile(zweites);
Enumeration e1 = jarFile1.entries();
Enumeration e2 = jarFile2.entries();
while(e1.hasMoreElements()) {
JarEntry jarE1 = (JarEntry) e1.nextElement();
if(e2.hasMoreElements()) {
JarEntry jarE2 = (JarEntry) e2.nextElement();
entries++;
if(!jarE1.getName().equals(jarE2.getName())) {
System.out.println( "Name different at Index= " + entries+ " n1=" + jarE1.getName() + " n2=" + jarE2.getName() );
fehler ++;
break;
if(jarE1.getSize() != jarE2.getSize()) {
System.out.println( "Size different at bei " + jarE1.getName() + " Index= " + entries + " s1=" + jarE1.getSize() + " s2=" + jarE2.getSize());
fehler ++;
if(jarE1.getCrc() != jarE2.getCrc()) {
System.out.println( "CRC different at " + jarE1.getName() + " Index= " + entries + " s1=" + jarE1.getCrc() + " s2=" + jarE2.getCrc());
fehler ++;
if(jarE1.getMethod() != jarE2.getMethod()) {
System.out.println( "Method different at " + jarE1.getName() + " Index= " + entries + " m1=" + jarE1.getMethod() + " m2=" + jarE2.getMethod());
fehler ++;
System.out.println( "Errors= " + fehler + " entries=" + entries );
} catch (IOException ioe) {
System.err.println(ioe);
ioe.printStackTrace();
} finally {
try { if(jarFile1 != null) jarFile1.close(); } catch (Exception e) { }
try { if(jarFile2 != null) jarFile2.close(); } catch (Exception e) { }
--- snip ----
Cheers,
Thomas -
Unable to get jarsigner to sign jar file using pkcs11 smartcard
I'm using a JDK jdk1.6.0_14 with a datakey smartcard with the below info in pkcs11.cfg file:
name = DK330
library = c:\windows\system32\dkck232.dll
I have also configured the java.security file to include the security.provider.10=sun.security.pkcs11.SunPKCS11 c:/pkcs11.cfg
I have my environment set for the below to keep it simple as possible:
JAVA_HOME=C:\Program Files\Java\jdk1.6.0_14
CLASSPATH=C:\Program Files\Java\jdk1.6.0_14\lib
PATH=C:\Program Files\Java\jdk1.6.0_14\bin;c:\windows;c:\windows\system32
1) I am able to Confirm that the secret key is present in the keystore
keytool -v -list -keystore NONE -storetype PKCS11 -storepass xxxxxx
Keystore type: PKCS11
Keystore provider: SunPKCS11-DK330
Your keystore contains 1 entry
Alias name: CS.NOLSC.002's U.S. Government ID
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=CS.NOLSC.002, OU=USN, OU=PKI, OU=DoD, O=U.S. Government, C=US, OU=PKI, OU=DoD, O=U.S. Government, C=US
Issuer: CN=DOD CA-14, OU=PKI, OU=DoD, O=U.S. Government, C=US
Serial number: 3e8e
Valid from: Mon Feb 05 14:53:22 EST 2007 until: Thu Feb 04 14:53:22 EST 2010
Certificate fingerprints:
MD5: 9D:34:AF:D8:DE:18:15:78:D6:88:3D:37:83:FA:DC:E8
SHA1: 8A:BB:39:D5:2B:45:F7:CE:A3:93:C5:71:5C:36:DC:FE:3F:B4:7D:9A
Signature algorithm name: SHA1withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature etc
2) When I try to sign the applet using the below commands I get the same errors:
command 1:
jarsigner -keystore NONE -storetype PKCS11 -providerClass sun.security.pkcs11.SunPKCS11 -providerArg ${java.home}/lib/security/pkcs11.cfg sfilechooser.jar "CS.NOLSC.002's U.S. Government ID"
I get this error::
jarsigner error: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_TYPE_INVALID
command 2:
jarsigner -verbose -keystore NONE -storetype PKCS11 -storepass xxxxxx sfilechooser.jar "CS.NOLSC.002's U.S. Government ID"jarsigner error: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_TYPE_INVALID
I can also confirm the jar file that I'm trying to sign is unsigned using the below command without problem.
C:\Program Files\Java\jdk1.6.0_14\bin>jarsigner -verify -verbose -certs -keystore NONE -storetype PKCS11 sfilechooser.jar
Enter Passphrase for keystore:
0 Wed Jul 08 09:36:06 EDT 2009 META-INF/
71 Wed Jul 08 09:36:06 EDT 2009 META-INF/MANIFEST.MF
4227 Tue Jun 09 09:56:20 EDT 2009 DirList.class
0 Wed Jul 08 09:29:52 EDT 2009 FileChooserPackage/
4728 Tue Jun 09 09:56:20 EDT 2009 FileChooserPackage/DirUtil.class
809 Fri May 29 13:05:42 EDT 2009 FileChooserPackage/FileChooserBean$AWTFileDialogThread.class
765 Fri May 29 13:05:42 EDT 2009 FileChooserPackage/FileChooserBean$AWTSaveDialogThread.class
819 Tue Jun 09 09:56:20 EDT 2009 FileChooserPackage/FileChooserBean$FileChooserBeanThread.class
1015 Tue Jun 09 09:56:20 EDT 2009 FileChooserPackage/FileChooserBean$FormsDecoderException.class
815 Tue Jun 09 09:56:20 EDT 2009 FileChooserPackage/FileChooserBean$SaveFileChooserThread.class
17198 Tue Jun 09 09:56:20 EDT 2009 FileChooserPackage/FileChooserBean.class
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar is unsigned. (signatures missing or not parsable)
======================================
What could be my problem to get my applet signed? I'm at a loss.I found the problem.
I was able to use jarsigner correctly after I backed off on the GemPlus driver version from v4.7.062 file name dkck232.dll to the previous version of dkck201.dll at v4.7.062. -
SSL Cert used to sign Jars for distribution via WebStart
Hi,
I have an SSL cert (Comodo InstallSSL) for my website and wondered if I can use it to sign jars so, when distributed via webstart, the old "untrusted source" message doesn't get displayed. I've been doing a lot of reading but, to be honest, I can't really find my bearings! I have imported the cert into my keystore but get the message when I try to sign a jar:
Certificate chain not found for: myalias myalias must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.I have the following files in relation to my cert:
xxx.cabundle (this can be imported into keytool easily)
cert/xxx.crt (looks like a PGP file, cannot be imported (-import) into keytool)
private/xxx.key
My questions I suppose are:
1. Can I use a cert issued for SSL to sign jars for webstart distribution?
2. If yes to 1; what steps other than importing the cert alone (which generates the message above) do I need to do to achieve this?
Any help would be appreciated!
RichHi,
yes, the pkcs12 certificate includes the private key, as opposed to pb7 which does not.
Sent from Cisco Technical Support Android App -
Problems with signed jar, HTTPS and forms 10.1.2.3
I have been facing a hard problem for some days concerning jar signed and HTTPS. The server can be accessed both internally, on our intranet, by a local ip address, and externally, on the internet. The first access doesn't require https,as hosts are under our domain. Externally, however, we use https. That's de logic:
A local server , a proxy server (on our DMZ) and externals hosts (internet). The proxy server is responsible for getting the information on our local forms server, applying the https security and connection to the external reequests.
Concerning my application, it uses some signed jars. All of them were signed by using 'sign_webutil.bat', located in java bin directory.
When the access is made internally, everything works fine. The jar files are downloaded correctly on the user machine and the applets run well. On the other hand, when we the access is made on internet, we get many errors concerning the classes inside frwebutil:
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/clientInfo/GetClientInfo.class with cookie "JSESSIONID=4D4A8E49A46D4134112177FBACABE7B4"
java.lang.ClassNotFoundException: oracle.forms.webutil.clientInfo.GetClientInfo
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/clientInfo/GetClientInfo.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
I don't know what to do.Hi, Michael!
Thanks for your reply. I read the article you suggested and I signed ther many jar files I use with the same certificate, however the problem remais the same. Without HTTPS, all works fine. With HTTPS:
network: Cache entry not found [url: https://200.253.113.26/forms/java/oracle/forms/webutil/clientInfo/GetClientInfo.class, version: null]
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/clientInfo/GetClientInfo.class with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/clientInfo/GetClientInfo.class with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
java.lang.ClassNotFoundException: oracle.forms.webutil.clientInfo.GetClientInfo
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at oracle.forms.handler.UICommon.instantiate(Unknown Source)
at oracle.forms.handler.UICommon.onCreate(Unknown Source)
at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
at oracle.forms.engine.Runform.startRunform(Unknown Source)
at oracle.forms.engine.Main.createRunform(Unknown Source)
at oracle.forms.engine.Main.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/clientInfo/GetClientInfo.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 20 more
network: Cache entry not found [url: https://200.253.113.26/lib/oracle/forms/webutil/file/FileFunctions.class, version: null]
network: Connecting https://200.253.113.26/lib/oracle/forms/webutil/file/FileFunctions.class with proxy=DIRECT
network: Cache entry not found [url: https://200.253.113.26/forms/java/oracle/forms/webutil/file/FileFunctions.class, version: null]
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/file/FileFunctions.class with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/file/FileFunctions.class with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
java.lang.ClassNotFoundException: oracle.forms.webutil.file.FileFunctions
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at oracle.forms.handler.UICommon.instantiate(Unknown Source)
at oracle.forms.handler.UICommon.onCreate(Unknown Source)
at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
at oracle.forms.engine.Runform.startRunform(Unknown Source)
at oracle.forms.engine.Main.createRunform(Unknown Source)
at oracle.forms.engine.Main.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/file/FileFunctions.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 20 more
network: Cache entry not found [url: https://200.253.113.26/lib/oracle/forms/webutil/host/Host.class, version: null]
network: Connecting https://200.253.113.26/lib/oracle/forms/webutil/host/Host.class with proxy=DIRECT
network: Cache entry not found [url: https://200.253.113.26/forms/java/oracle/forms/webutil/host/Host.class, version: null]
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/host/Host.class with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/host/Host.class with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
java.lang.ClassNotFoundException: oracle.forms.webutil.host.Host
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at oracle.forms.handler.UICommon.instantiate(Unknown Source)
at oracle.forms.handler.UICommon.onCreate(Unknown Source)
at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
at oracle.forms.engine.Runform.startRunform(Unknown Source)
at oracle.forms.engine.Main.createRunform(Unknown Source)
at oracle.forms.engine.Main.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/host/Host.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 20 more
network: Cache entry not found [url: https://200.253.113.26/lib/oracle/forms/webutil/session/SessionFunctions.class, version: null]
network: Connecting https://200.253.113.26/lib/oracle/forms/webutil/session/SessionFunctions.class with proxy=DIRECT
network: Cache entry not found [url: https://200.253.113.26/forms/java/oracle/forms/webutil/session/SessionFunctions.class, version: null]
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/session/SessionFunctions.class with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/session/SessionFunctions.class with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
java.lang.ClassNotFoundException: oracle.forms.webutil.session.SessionFunctions
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at oracle.forms.handler.UICommon.instantiate(Unknown Source)
at oracle.forms.handler.UICommon.onCreate(Unknown Source)
at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
at oracle.forms.engine.Runform.startRunform(Unknown Source)
at oracle.forms.engine.Main.createRunform(Unknown Source)
at oracle.forms.engine.Main.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/session/SessionFunctions.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 20 more
network: Cache entry not found [url: https://200.253.113.26/lib/oracle/forms/webutil/fileTransfer/FileTransfer.class, version: null]
network: Connecting https://200.253.113.26/lib/oracle/forms/webutil/fileTransfer/FileTransfer.class with proxy=DIRECT
network: Cache entry not found [url: https://200.253.113.26/forms/java/oracle/forms/webutil/fileTransfer/FileTransfer.class, version: null]
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/fileTransfer/FileTransfer.class with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/fileTransfer/FileTransfer.class with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
java.lang.ClassNotFoundException: oracle.forms.webutil.fileTransfer.FileTransfer
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at oracle.forms.handler.UICommon.instantiate(Unknown Source)
at oracle.forms.handler.UICommon.onCreate(Unknown Source)
at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
at oracle.forms.engine.Runform.startRunform(Unknown Source)
at oracle.forms.engine.Main.createRunform(Unknown Source)
at oracle.forms.engine.Main.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/fileTransfer/FileTransfer.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 20 more
network: Cache entry not found [url: https://200.253.113.26/lib/oracle/forms/webutil/ole/OleFunctions.class, version: null]
network: Connecting https://200.253.113.26/lib/oracle/forms/webutil/ole/OleFunctions.class with proxy=DIRECT
network: Cache entry not found [url: https://200.253.113.26/forms/java/oracle/forms/webutil/ole/OleFunctions.class, version: null]
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/ole/OleFunctions.class with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/ole/OleFunctions.class with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
java.lang.ClassNotFoundException: oracle.forms.webutil.ole.OleFunctions
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at oracle.forms.handler.UICommon.instantiate(Unknown Source)
at oracle.forms.handler.UICommon.onCreate(Unknown Source)
at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
at oracle.forms.engine.Runform.startRunform(Unknown Source)
at oracle.forms.engine.Main.createRunform(Unknown Source)
at oracle.forms.engine.Main.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/ole/OleFunctions.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 20 more
network: Cache entry not found [url: https://200.253.113.26/lib/oracle/forms/webutil/cApi/CApiFunctions.class, version: null]
network: Connecting https://200.253.113.26/lib/oracle/forms/webutil/cApi/CApiFunctions.class with proxy=DIRECT
network: Cache entry not found [url: https://200.253.113.26/forms/java/oracle/forms/webutil/cApi/CApiFunctions.class, version: null]
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/cApi/CApiFunctions.class with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/cApi/CApiFunctions.class with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
java.lang.ClassNotFoundException: oracle.forms.webutil.cApi.CApiFunctions
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at oracle.forms.handler.UICommon.instantiate(Unknown Source)
at oracle.forms.handler.UICommon.onCreate(Unknown Source)
at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
at oracle.forms.engine.Runform.startRunform(Unknown Source)
at oracle.forms.engine.Main.createRunform(Unknown Source)
at oracle.forms.engine.Main.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/cApi/CApiFunctions.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 20 more
network: Cache entry not found [url: https://200.253.113.26/lib/oracle/forms/webutil/browser/BrowserFunctions.class, version: null]
network: Connecting https://200.253.113.26/lib/oracle/forms/webutil/browser/BrowserFunctions.class with proxy=DIRECT
network: Cache entry not found [url: https://200.253.113.26/forms/java/oracle/forms/webutil/browser/BrowserFunctions.class, version: null]
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/browser/BrowserFunctions.class with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/java/oracle/forms/webutil/browser/BrowserFunctions.class with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
java.lang.ClassNotFoundException: oracle.forms.webutil.browser.BrowserFunctions
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at oracle.forms.handler.UICommon.instantiate(Unknown Source)
at oracle.forms.handler.UICommon.onCreate(Unknown Source)
at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.sendInitialMessage(Unknown Source)
at oracle.forms.engine.Runform.startRunform(Unknown Source)
at oracle.forms.engine.Main.createRunform(Unknown Source)
at oracle.forms.engine.Main.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: open HTTP connection failed:https://200.253.113.26/forms/java/oracle/forms/webutil/browser/BrowserFunctions.class
at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
... 20 more
network: Connecting https://200.253.113.26/forms/lservlet;jsessionid=08AA4CF07F761424418619C068213911 with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/lservlet;jsessionid=08AA4CF07F761424418619C068213911 with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
network: Connecting https://200.253.113.26/forms/lservlet;jsessionid=08AA4CF07F761424418619C068213911 with proxy=DIRECT
network: Connecting https://200.253.113.26/forms/lservlet;jsessionid=08AA4CF07F761424418619C068213911 with cookie "JSESSIONID=08AA4CF07F761424418619C068213911"
basic: Applet started -
Problems during execution of signed JARs applet...
Hi Everyone,
I noticed that AppletViewer used for development allows a wider range of operation not permitted during the execution in browser of a signed JAR.
I would be interested to know if this is caused because I am using a not real certificate (generated for testing). Anyone with a real certificate may tell me if for example URLClassLoader works well with jar applet signed with his real certificate?
Thanks, byeThanks, you confirm what I was not anymore able to verify in my browser :)
In fact the very first time I launched my applet in browser, the browser was showing a detailed message dialog pane complaining the untrustable certificate and restricted access privileges, so I thought to accept untrusted certificate as default and I tried to set up some options in security panel of the browser to trust untrusted certificate. Consequentely I was receiving only the untrusted certificate warning without any restriction message warning.
I understood that applets signed with untrusted certificates gives some more privilege than applet not signed, but evidently the security level of untrusted certificate does not give all total priviliges that trusted certificate does.
Maybe you are looking for
-
How do I run query per report page?
I have a report with two subreports which both need queries to run on the fly per supplier(per report page). All the other subreports on the page as well as the main report queries are loaded in advance before the report and includes all records nee
-
Error while installing Oracle 8i on RHEL 3.0, ORA-12545
Hi, I am trying to install oracle 8.1.7 on redhat EL 3.0. Earlier i installed the same oracle i.e 8.1.7 on redhat 8.0/9.0 and it installed sucesfully. The proceudre i follow for installtion was : ####### some settings groupadd dba groupadd oinstall g
-
What are the LOV fileds in Oracle HRMS Shared Tables?
Hi All, I want to prepare interface from third party HRMs software to Oracle HRMS shared tables. I need to know what are the important tables needs data to fullfill all requirements like Approval Hierarichy setup configurations. And also want to know
-
CRM_SURVEY_SUITE - Questionnaire preparation
Dear experts, Could I get any kind of config documents or ppts on CRM_SURVEY_SUITE and Questionnaire preparation? I am working on CRM 5.2 CRM_SURVEY_SUITE and able to create questions and answers. My issue now is, in the below model question our clie
-
Displaying XML using XPath expressions
Hi. I have a XML file which looks something like this: <?xml version="1.0"?> <SAQ> <question id="1"> What does UML stand for? <answer id="1" correct="yes"> Unified Modelling Language <explanation> Explanation </explanation> </answer> <answer id="2" c