P4 Name: gm110360 Date: 05/10/2002
FULL PRODUCT VERSION :
java version "1.4.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-b92)
Java HotSpot(TM) Client VM (build 1.4.0-b92, mixed mode)
FULL OPERATING SYSTEM VERSION :
Windows NT Version 4.0
ADDITIONAL OPERATING SYSTEMS :
Windows 2000 Professional
A DESCRIPTION OF THE PROBLEM :
I trying to deploy a applet that is hosted on a web server
that requires client certificates. The certificate is
imported into the browser and the browser can connect okay
on it's own. However, the plug-in can not seem to connect
to load the required class/jar files.
Since the default browser SSL stuff doesn't seem to work,
I'm trying to use plug-in JVM startup parameters to specify
the keystore and truststore files. Using
javax.net.debug=all. I can see that the keystore and
truststore are loaded and all certificates are found.
However, the plug-in does not seem to use the keystore
correctly because the server does not receive any client
certificates.
It looks like the Plug-in uses different protocol handling
packages than the regular JRE so that it can leverage the
browsers HTTPS implementation. I've noticed that these
packages don't seem to initialize the SSL context the same
way. At any rate, I don't get the same debugging traces.
Specifically, I never get the trace that ays the context
has been initialized. I was thinking that this may be
causing the client certificate problem.
I've tried to set the protocol handling packages manually
with a JVM startup-up parameter, but the plug-in ignores it
(the regular JRE does not). The plug-in always uses it's
own packages to load applet classfiles.
This seems to be a bootstrap phenomenon, because I can set
all of these system properties at runtime after the applet
begins execution. Unfortunately, I need the keystore to be
used when loading the applet class/jar files before my
applet begins execution.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1.Configure the web server to require client certs
2.Using keytool create a keystore with a client cert that
is trusted by the server.
3.Configure the Applet control panel to use the new keystore
4.Deploy an applet on the web server and try to load the
applet
EXPECTED VERSUS ACTUAL BEHAVIOR :
Expected: applet loads and runs.
Actual: receive class not found exception.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
keyStore is : C:\TEMP\ns.p12
keyStore type is : pkcs12
init keystore
init keymanager of type SunX509
found key for : test_cert
...
Thread-3, SEND SSL v3.0 ALERT: warning, description = no_certificate
...
load: class CheckPlugInApplet.class not found.
java.lang.ClassNotFoundException: CheckPlugInApplet.class
at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:151)
at sun.plugin.security.PluginClassLoader.findClass
(PluginClassLoader.java:189)
at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
at sun.applet.AppletClassLoader.loadClass(AppletClassLoader.java:112)
at java.lang.ClassLoader.loadClass(ClassLoader.java:262)
at sun.applet.AppletClassLoader.loadCode(AppletClassLoader.java:478)
at sun.applet.AppletPanel.createApplet(AppletPanel.java:548)
at sun.plugin.AppletViewer.createApplet(AppletViewer.java:1621)
at sun.applet.AppletPanel.runLoader(AppletPanel.java:477)
at sun.applet.AppletPanel.run(AppletPanel.java:290)
at java.lang.Thread.run(Thread.java:536)
Caused by: java.io.IOException: open HTTP connection failed.
at sun.applet.AppletClassLoader.getBytes(AppletClassLoader.java:224)
at sun.applet.AppletClassLoader.access$100(AppletClassLoader.java:40)
at sun.applet.AppletClassLoader$1.run(AppletClassLoader.java:141)
at java.security.AccessController.doPrivileged(Native Method)
at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:138)
... 10 more
java.lang.ClassNotFoundException: CheckPlugInApplet.class
at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:151)
at sun.plugin.security.PluginClassLoader.findClass
(PluginClassLoader.java:189)
at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
at sun.applet.AppletClassLoader.loadClass(AppletClassLoader.java:112)
at java.lang.ClassLoader.loadClass(ClassLoader.java:262)
at sun.applet.AppletClassLoader.loadCode(AppletClassLoader.java:478)
at sun.applet.AppletPanel.createApplet(AppletPanel.java:548)
at sun.plugin.AppletViewer.createApplet(AppletViewer.java:1621)
at sun.applet.AppletPanel.runLoader(AppletPanel.java:477)
at sun.applet.AppletPanel.run(AppletPanel.java:290)
at java.lang.Thread.run(Thread.java:536)
Caused by: java.io.IOException: open HTTP connection failed.
at sun.applet.AppletClassLoader.getBytes(AppletClassLoader.java:224)
at sun.applet.AppletClassLoader.access$100(AppletClassLoader.java:40)
at sun.applet.AppletClassLoader$1.run(AppletClassLoader.java:141)
at java.security.AccessController.doPrivileged(Native Method)
at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:138)
... 10 more
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
Class loading problem, no source code required.
---------- END SOURCE ----------
CUSTOMER WORKAROUND :
None found yet.
(Review ID: 146286)
======================================================================
- duplicates
-
JDK-4681247 REGRESSION: Applet not loaded with JRE1.4 when SSL Client Authentication reqd
-
- Resolved
-