My java applet stopped working once JRE was updated to 7u21.
Short summary:
The Exceptions I get are: netscape.javascript.JSException and
java.lang.NoClassDefFoundError. the applet worked fine until JRE 7u21.The applet is embedded in a web page using Oracle's DeployJava.js.
The applet is signed, it uses LiveConnect to fire events, it access USB and serial ports through JNI, it uses code from multiple JAR files.
The failure happens on all desktop browsers tested (Firefox, chrome, IE8/9 and Safari on Mac).
Details:
I have a java applet that allows my website to communicate with a USB device.
The applet has been working well for the past year.
Once JRE7 update 21 was released - the applet stopped working.
The applet is hosted in a web page (ASP.NET) using Oracle's DeployJava.js library.
It uses LiveConnect to raise events back to my javascript code.
The first problem I had on JRE 7u21 was an exception on the first attempt to raise an event through LiveConnect:
netscape.javascript.JSException: JavaScript error while calling "_notify"
at sun.plugin2.main.client.MessagePassingJSObject.newJSException(Unknown Source)
at sun.plugin2.main.client.MessagePassingJSObject.waitForReply(Unknown Source)
at sun.plugin2.main.client.MessagePassingJSObject.call(Unknown Source)
at <myapplet>.fireJavascriptEvent(Unknown Source)
at <myapplet>$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.asec.easypark.applets.HomeloadingApplet.start(Unknown Source)
at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
in order to mitigate this problem I added the following line to 'manifest' section in the ant script for the applet:
attribute name="Trusted-Library" value="true"
I built the applet using JDK 7u21 and it seemed to help:
after that I started getting another error - so I believe this one was solved, but it may have caused the next problem.
the second problem is this: the applet is calling code from several JAR files. on the first call to code in another JAR file (not that of the applet) fails with the following exception:
**java.lang.NoClassDefFoundError**: com/codeminders/hidapi/HIDManager
at <PackageInSecondJar>.communication.HIDTransmitter.open(Unknown Source)
at <PackageInSecondJar>.communication.HIDTransmitterSearcher.find(Unknown Source)
at <PackageInSecondJar>.communication.CompositeTransmitterSearcher.find(Unknown Source)
at <PackageInAppletJar>.communication.AppletCommunicationBroker.setupDeviceProxy(Unknown Source)
at <PackageInAppletJar>.communication.AppletCommunicationBroker.setup(Unknown Source)
at <PackageInAppletJar>.<TheApplet>$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at <PackageInAppletJar>.<TheApplet>.start(Unknown Source)
at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.start(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I already tried the following measures - without success:
add HTTP header 'Cache-Control' = 'no-cache'
add HTTP header 'Cache-Control' = 'no-cache, no-store, must-revalidate'
use latest DeployJava.js from http://java.com/js/deployJava.txt (after renaming to .js)
The applet already has these features:
mark security ‘all-permissions’ in jnlp
the main JAR is signed with certificate from an external CA
the applet code is running inside a
AccessController.doPrivilegedblock.
I'm a java newbie so please don't disregard the obvious solutions...
Thanks in advance for your help,
Guy.
The error is most likely because a Jar file is missing, or can not be accessed by the applet. This would be because:
- The JAR was on the classpath of the old JVM, but is not on the new one.
- For some reason you are distributing the applet without the JAR inadvertently, and the problem is unrelated to the upgrade to 7u2.
- The rules for applets accessing external JAR files has somehow changed, probably related to security, and you need to do something else to include them.
The JAR file you are missing is javahidapi, which can be found here: https://code.google.com/p/javahidapi/ . If you make sure it finds its way to the classpath, your applet will work.
Bailey S is right.Make sure that java can see that jar file.If you're using linux,set the path in /etc/environment path variable or in windows,just right click on my computer,go to properties,environment variables and set path there
Deploying applets is getting significantly harder as Oracle fixes security holes.
You mentioned your applet is signed -- are all of the JARs signed? There are several new attributes you'll need in your manifest files to get this to work.
Overview here: http://www.oracle.com/technetwork/java/javase/tech/java-code-signing-1915323.html
and you'll need this one in particular to get the manifest sorted out: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html
If you use some JARs that aren't signed, or that aren't all signed by you, you'll need the details here as well: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/mixed_code.html
It's not possible to set the attributes of an applet to work both on versions after 7.0.21 and below it.
Trusted-Library: true
attribute works for the ones below 7.0.21 which causes a security dialog to be displayed (and most probably your code to be blocked) after 7.0.21. If you only put
Caller-Allowable-Codebase: *.yourdomain.com
to your manifest file, it starts to work fine with the versions after 7.0.21 but this time it stops with the versions below 7.0.21. This is a huge mess.
However they've fixed this ill behaviour with the latest version (7.0.51). So I suggest to use both attributes (Trusted-Library and Caller-Allowable-Codebase) which will work for Java 6 and 7.0.51. I don't think there is a solution for the ones between 7.0.21 and 7.0.45. (I do not support them, we ask our clients to upgrade to 7.0.51).
https://blogs.oracle.com/java-platform-group/entry/7u45_caller_allowable_codebase_and
I do not know DeploJava.js bu the problem ıs clearly a classpath problem.
As a method, we define all third party libraries in archive tag. DeploJava.js may have similar properties.
<APPLET codebase="./" code="AppletMainClass" archive="printer_applet.jar, pdf-renderer.jar, library3.jar">
The same happened with me (in java environment) which ruined my whole day, netscape's JSObject is present in both jre's plugin.jar and jfxrt.jar, you'd need to exclude one. if you need a js call, i think you'd need plugin.jar jre 6 do not contain latest jfxrt.jar (JavaFX related solution for applets in web)so it used to work in jre6
also , do not use trusted library unless you want to sign individual jars separately. Hope this helps - Chaithanya
来源:https://stackoverflow.com/questions/16084324/java-applet-stopped-working-after-update-to-jre-7u21