-
Bug
-
Resolution: Fixed
-
P4
-
6u19
FULL PRODUCT VERSION :
java version "1.6.0_19"
Java(TM) SE Runtime Environment (build 1.6.0_19-b04)
Java HotSpot(TM) 64-Bit Server VM (build 16.2-b04, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7600]
A DESCRIPTION OF THE PROBLEM :
when i have this jnlp file:
<?xml version="1.0" encoding="utf-8"?>
<jnlp spec="1.0+"
codebase="http://localhost:8080"
href="test.jnlp">
<information>
<title>Servoy Client - servoy_client</title>
<vendor>Servoy</vendor>
<homepage href="http://www.servoy.com/"/>
<description>Database client</description>
<icon href="/lib/images/servoy_client_icon.gif" />
<icon kind="splash" href="/lib/splashclient.gif" width="64" height="64"/>
</information>
<resources>
<j2se version="1.5+" />
<j2se version="1.6+" />
<jar href="main.jar" download="eager" version="1"/>
<jar href="utility.jar" download="eager" version="3"/>
</resources>
<application-desc main-class="com.first.jar.Main">
</application-desc>
<security>
<all-permissions/>
</security>
</jnlp>
where 2 jars are referenced and only the main.jar is signed but the utility.jar is not, i will not get a nice security warning dialog, but a exception dialog:
java.lang.NullPointerException
at com.sun.deploy.cache.CachedJarFile.findMatchingSignerIndices(Unknown Source)
at com.sun.deploy.cache.CachedJarFile.entryNames(Unknown Source)
at com.sun.deploy.cache.DeployCacheJarAccessImpl.entryNames(Unknown Source)
at com.sun.javaws.security.SigningInfo.getCommonCodeSignersForJar(Unknown Source)
at com.sun.javaws.security.SigningInfo.check(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
just use the jnlp file above and create 2 jars one is signed the other not
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
A nice security dialog.
ACTUAL -
a Application Exception dialog
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.NullPointerException
at com.sun.deploy.cache.CachedJarFile.findMatchingSignerIndices(Unknown Source)
at com.sun.deploy.cache.CachedJarFile.entryNames(Unknown Source)
at com.sun.deploy.cache.DeployCacheJarAccessImpl.entryNames(Unknown Source)
at com.sun.javaws.security.SigningInfo.getCommonCodeSignersForJar(Unknown Source)
at com.sun.javaws.security.SigningInfo.check(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
sign all the jars
SUPPORT :
YES
Release Regression From : 6u10
The above release value was the last known release where this
bug was not reproducible. Since then there has been a regression.
java version "1.6.0_19"
Java(TM) SE Runtime Environment (build 1.6.0_19-b04)
Java HotSpot(TM) 64-Bit Server VM (build 16.2-b04, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7600]
A DESCRIPTION OF THE PROBLEM :
when i have this jnlp file:
<?xml version="1.0" encoding="utf-8"?>
<jnlp spec="1.0+"
codebase="http://localhost:8080"
href="test.jnlp">
<information>
<title>Servoy Client - servoy_client</title>
<vendor>Servoy</vendor>
<homepage href="http://www.servoy.com/"/>
<description>Database client</description>
<icon href="/lib/images/servoy_client_icon.gif" />
<icon kind="splash" href="/lib/splashclient.gif" width="64" height="64"/>
</information>
<resources>
<j2se version="1.5+" />
<j2se version="1.6+" />
<jar href="main.jar" download="eager" version="1"/>
<jar href="utility.jar" download="eager" version="3"/>
</resources>
<application-desc main-class="com.first.jar.Main">
</application-desc>
<security>
<all-permissions/>
</security>
</jnlp>
where 2 jars are referenced and only the main.jar is signed but the utility.jar is not, i will not get a nice security warning dialog, but a exception dialog:
java.lang.NullPointerException
at com.sun.deploy.cache.CachedJarFile.findMatchingSignerIndices(Unknown Source)
at com.sun.deploy.cache.CachedJarFile.entryNames(Unknown Source)
at com.sun.deploy.cache.DeployCacheJarAccessImpl.entryNames(Unknown Source)
at com.sun.javaws.security.SigningInfo.getCommonCodeSignersForJar(Unknown Source)
at com.sun.javaws.security.SigningInfo.check(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
just use the jnlp file above and create 2 jars one is signed the other not
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
A nice security dialog.
ACTUAL -
a Application Exception dialog
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.NullPointerException
at com.sun.deploy.cache.CachedJarFile.findMatchingSignerIndices(Unknown Source)
at com.sun.deploy.cache.CachedJarFile.entryNames(Unknown Source)
at com.sun.deploy.cache.DeployCacheJarAccessImpl.entryNames(Unknown Source)
at com.sun.javaws.security.SigningInfo.getCommonCodeSignersForJar(Unknown Source)
at com.sun.javaws.security.SigningInfo.check(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
sign all the jars
SUPPORT :
YES
Release Regression From : 6u10
The above release value was the last known release where this
bug was not reproducible. Since then there has been a regression.
- relates to
-
-
- Closed
-