Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8025726

Certificate rule in DRS does not work for Java Web Start app when caching is turned off

XMLWordPrintable

    • b01
    • generic
    • generic

        Testcase:
        1.) Use 7u40-b43

        2.) Open the Java ControlPanel and turn off caching

        3.) Setup DRS with the hash from a certificate (in the example below it is the hash from the Oracle cert)

        <ruleset version="1.0+">
          <rule>
            <id>
              <certificate hash="794F53C746E2AA77D84B843BE942CAB4309F258FD946D62A6C4CCEAB8E1DB2C6" />
            </id>
            <action permission="run" />
          </rule>
        </ruleset>


        4.) Open any Java Web Start application


        Actual:
        A warning message called "Do you want to run this application ?" is shown to the user before the apps starts.

        Expected:
        no interactive warnings at all, the app simply starts.

        Comments:
        When I open a signed applet, everything works as expected, I don't see any security warnings.
        However, when I open a signed Java Web Start app, I see the security warning.

        When I setup DRS with a location id (e.g. *.oracle.com), everything works as expected for both signed Java Web Start app and signed Java applets.

        When I enable caching, it also works as expected.

        Reproducible on both Windows and Linux.

        Conclusion:
        The issue only occurs if the ruleset is about a certificate rule AND it is a Java Web Start app AND Java cache is turned off. Cross platform problem probably.

              herrick Andy Herrick (Inactive)
              jloefflm Johann Löfflmann (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: