Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4470916

Certificate Verification popup hiding buttons

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • P3
    • None
    • 1.4.0
    • deploy
    • generic
    • generic

    Description



      Name: boT120536 Date: 06/17/2001


      Merlin Beta JRE with netscape 4.7?

      We tried to view the GEONExT-Applet
      (http://did.mat.uni-bayreuth.de/geonext/content/geonext/geonextgo.html) with JRE
      1.4.0 beta. The applet is singned with an TrustCenter netscape-object-signing
      certificate. When the security-dialogbox is popping up the buttons (grant, ...)
      are shown for less than a second. Then the text covers the buttons and there is
      no chance to press them. Closing the dialogbox by pressing the close button in
      the titlebar doesn't grant the applet any rights.

      I think the bug is justified as it is reproducable (it was so for me).
      Following additional information:

      -Applet is signed with CERT from TC-Trustcenter
      -Java Plug-In Version 1.4 beta running in Netscape 4.7x Solaris or
      Windows
      -I encountered the problem only when I was loading the signed applet
      from a local filesystem and not with http (attached a tar file with the

      applet and geonext.html to start the applet, Root-Cert _1716.der has to
      be imported into JRE 1.4 cacerts file first)
      -In some circumstances the problem occured after the following exception
      was dumped in the Console (the exception does not occur every time so
      perhaps it may be a timing problem???)

      Loading Root CA certificates from
      /home/da94773/j2sdk1.4.0/jre/lib/security/cacerts
      /home/da94773/.plugin140.log
      java.security.AccessControlException: access denied
      (java.util.logging.LoggingPermission control)
              at java.security.AccessControlContext.checkPermission(AccessControlContext.java:273)
              at java.security.AccessController.checkPermission(AccessController.java:400)
              at java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
              at java.util.logging.LogManager.checkAccess(LogManager.java:762)
              at java.util.logging.Handler.checkAccess(Handler.java:261)
              at java.util.logging.FileHandler.<init>(FileHandler.java:212)
              at sun.plugin.usability.PluginLogger.<clinit>(PluginLogger.java:48)
              at sun.plugin.usability.Trace.securityPrintln(Trace.java:538)
              at sun.plugin.security.RootCACertificateStore.load(RootCACertificateStore.java:58)
              at sun.plugin.security.TrustDecider.isAllPermissionGranted(TrustDecider.java:141)
              at sun.plugin.security.PluginClassLoader.getPermissions(PluginClassLoader.java:115)
              at java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:144)
              at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:110)
              at java.net.URLClassLoader.defineClass(URLClassLoader.java:249)
              at java.net.URLClassLoader.access$100(URLClassLoader.java:57)
              at java.net.URLClassLoader$1.run(URLClassLoader.java:196)
              at java.security.AccessController.doPrivileged(Native Method)
              at java.net.URLClassLoader.findClass(URLClassLoader.java:189)
              at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:128)
              at sun.plugin.security.PluginClassLoader.findClass(PluginClassLoader.java:243)
              at java.lang.ClassLoader.loadClass(ClassLoader.java:304)
              at sun.applet.AppletClassLoader.loadClass(AppletClassLoader.java:108)
              at java.lang.ClassLoader.loadClass(ClassLoader.java:260)
              at sun.applet.AppletClassLoader.loadCode(AppletClassLoader.java:373)
              at sun.applet.AppletPanel.createApplet(AppletPanel.java:542)
              at sun.plugin.AppletViewer.createApplet(AppletViewer.java:1155)
              at sun.applet.AppletPanel.runLoader(AppletPanel.java:478)
              at sun.applet.AppletPanel.run(AppletPanel.java:293)
              at sun.plugin.navig.motif.MotifAppletViewer.maf_run(MotifAppletViewer.java:127)
              at sun.plugin.navig.motif.MotifAppletViewer.run(MotifAppletViewer.java:123)
              at java.lang.Thread.run(Thread.java:579)
      Loaded Root CA certificates from
      /home/da94773/j2sdk1.4.0/jre/lib/security/cacerts
      Loading JPI certificates from /home/da94773/.java/jpicerts140
      Loaded JPI certificates from /home/da94773/.java/jpicerts140
      Loading certificates from JPI session certificate store
      Loaded certificates from JPI session certificate store
      Check if certificate can be verified using certificates in Root CA
      certificate store
      Certificate to be verified:

      I also attached a gif showing you how the problems look like. In the
      Dialog you see that there are no buttons available. As the dialoge is
      not resizable you don't have a chance to reach the buttons by enlarging
      it.

      Please consider opening the bug as it is reproducable and a severe error
      for signed applets.

      Greetings
      Daniel
      (Review ID: 126758)
      ======================================================================

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. JDK-4473019 Java Plug-in Security Warning dialog does not show buttons

          • P2 - Crashes, loss of data, severe memory leak.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              bonealsunw Bret O'neal (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: