1. 技术文章
  2. Signed applet w/ signed JNLP template produces java.lang.SecurityException

Signed applet w/ signed JNLP template produces java.lang.SecurityException

霸气de小男生 提交于 2019-12-11 05:59:33

问题


I'm signing the JNLP file used by my RIA, in preparation for the coming tighter security restrictions in 7u51, due in January. The webstart version is working great, but I've run into a problem where the applet version fails to launch with the following exception.

Google has apparently never heard of this exception. :(

java.lang.SecurityException: JAR should not contain JNLP-INF/APPLICATION_TEMPLATE.JNLP
        at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
        at java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:206)
        at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
        at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
        at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
        at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
        at java.security.AccessController.doPrivileged(Native Method)
        at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
        at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
        at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
        at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
        at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
        at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
        at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
        at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
        at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
        at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
        at java.lang.Thread.run(Thread.java:744)

回答1:


The problem was that the applet was not being deployed as a JNLP applet. A security fix was introduced in 7u25 that was intended to prevent the re-purposing of a JNLP applet via the legacy <applet/> tag deployment mechanism. This exception indicates that that security fix has been tripped.

The work-around is either to always deploy your applets as JNLP applets, or to use a different variant of the JAR file that does not contain a JNLP-INF directory.

Note that you may also see this variant if you're signing the JNLP itself rather than a template:

java.lang.SecurityException: JAR should not contain JNLP-INF/APPLICATION.JNLP


来源:https://stackoverflow.com/questions/20429462/signed-applet-w-signed-jnlp-template-produces-java-lang-securityexception

标签
java
applet
java-web-start
jnlp
signed-applet
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!