-
Bug
-
Resolution: Cannot Reproduce
-
P3
-
None
-
7u45
FULL PRODUCT VERSION :
java version "1.7.0_45"
Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot(TM) Client VM (build 24.45-b08, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7600]
A DESCRIPTION OF THE PROBLEM :
With Java 7 update 45, a problem arose running signed Java applets locally. This is detailed at InvocationTargetException when running signed applet locally with 7u45 with a Web version of the applet as well as a zip version of the applet folder so you can reproduce the problem running locally.
REGRESSION. Last worked in version 7u40
ADDITIONAL REGRESSION INFORMATION:
java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
Java HotSpot(TM) Client VM (build 24.0-b56, mixed mode, sharing)
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Steps to reproduce:
To try this locally, download and expand the SignedAppletTest.zip file
http://www.segal.org/java/SignedAppletTest/SignedAppletTest.zip
It contains a folder with the following files:
index.html: clicking on this launches the applet
manifest.txt: permissions addd to the JAR
SignedAppletTest.jar
SignedAppletTest.java source code
SUNSIGN.bat the code used to sign the applet (folder and certificate names are changed to placeholders)
Detailed info:
https://forums.oracle.com/message/11242725
http://www.segal.org/java/SignedAppletTest/index.html
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Expected behavior: As when this signed Java applet is run from the Web, when run locally it should report the user.home property to illustrate that it launched and was trusted.
ACTUAL -
Actual behavior: When this applet is run from a local machine with Java 7 update 45, it fails to launch. Small red text appears "Error, Click for details" in the applet space. Clicking the red text pops up an "Application Error" dialog box titled "RuntimeException" that lists "java.lang.reflect.InvocationTargetException". The dialog has a button "Details" but clicking this just opens the Java Console, in which there are no error messages.
All was fine with Java 7 update 40.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
The Exception trace:
java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
... 14 more
Caused by: java.lang.NullPointerException
at sun.plugin2.applet.Plugin2ClassLoader.loadAllowedCodebases(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
... 18 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
http://www.segal.org/java/SignedAppletTest/SignedAppletTest.zip
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
If you uncheck "Enable the next-generation Java plug-in" in the Advanced tab of Java control Panel, the problem stops on IE.
Still no luck with Firefox, though...
Using self-signed certificates didn't present a problem. It's not an option though, as a security warning is prompted to the user.
Removing the issuer CA from the trusted root authority list (thus making the cert as if it were a self-signed cert) didn't present a problem either. It's not an option though, as a security warning is prompted to the user.
java version "1.7.0_45"
Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot(TM) Client VM (build 24.45-b08, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7600]
A DESCRIPTION OF THE PROBLEM :
With Java 7 update 45, a problem arose running signed Java applets locally. This is detailed at InvocationTargetException when running signed applet locally with 7u45 with a Web version of the applet as well as a zip version of the applet folder so you can reproduce the problem running locally.
REGRESSION. Last worked in version 7u40
ADDITIONAL REGRESSION INFORMATION:
java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
Java HotSpot(TM) Client VM (build 24.0-b56, mixed mode, sharing)
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Steps to reproduce:
To try this locally, download and expand the SignedAppletTest.zip file
http://www.segal.org/java/SignedAppletTest/SignedAppletTest.zip
It contains a folder with the following files:
index.html: clicking on this launches the applet
manifest.txt: permissions addd to the JAR
SignedAppletTest.jar
SignedAppletTest.java source code
SUNSIGN.bat the code used to sign the applet (folder and certificate names are changed to placeholders)
Detailed info:
https://forums.oracle.com/message/11242725
http://www.segal.org/java/SignedAppletTest/index.html
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Expected behavior: As when this signed Java applet is run from the Web, when run locally it should report the user.home property to illustrate that it launched and was trusted.
ACTUAL -
Actual behavior: When this applet is run from a local machine with Java 7 update 45, it fails to launch. Small red text appears "Error, Click for details" in the applet space. Clicking the red text pops up an "Application Error" dialog box titled "RuntimeException" that lists "java.lang.reflect.InvocationTargetException". The dialog has a button "Details" but clicking this just opens the Java Console, in which there are no error messages.
All was fine with Java 7 update 40.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
The Exception trace:
java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
... 14 more
Caused by: java.lang.NullPointerException
at sun.plugin2.applet.Plugin2ClassLoader.loadAllowedCodebases(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
... 18 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
http://www.segal.org/java/SignedAppletTest/SignedAppletTest.zip
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
If you uncheck "Enable the next-generation Java plug-in" in the Advanced tab of Java control Panel, the problem stops on IE.
Still no luck with Firefox, though...
Using self-signed certificates didn't present a problem. It's not an option though, as a security warning is prompted to the user.
Removing the issuer CA from the trusted root authority list (thus making the cert as if it were a self-signed cert) didn't present a problem either. It's not an option though, as a security warning is prompted to the user.