-
Bug
-
Resolution: Cannot Reproduce
-
P3
-
7u45, 8, 9
-
windows_7
FULL PRODUCT VERSION :
java version "1.7.0_45"
Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot(TM) Client VM (build 24.45-b08, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
A DESCRIPTION OF THE PROBLEM :
A signed applet gives an InvocationTargetException when running locally, but runs fine from the Web.
REGRESSION. Last worked in version 7u40
ADDITIONAL REGRESSION INFORMATION:
java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
Java HotSpot(TM) Client VM (build 24.0-b56, mixed mode, sharing)
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Download and expand the SignedAppletTest.zip file from http://www.segal.org/java/SignedAppletTest/SignedAppletTest.zip and linked to on http://www.segal.org/java/SignedAppletTest/. It contains a folder with the following files:
1. index.html: clicking on this launches the applet (see its applet code below)
2. SignedAppletTest.java source code (see contents below)
3. SUNSIGN.bat the code used to sign the applet (folder and certificate names are changed to placeholders)
4. manifest.txt: permissions added by SUNSIGN.bat to the JAR (see contents below)
5. SignedAppletTest.jar: the resulting JAR file
Then run the index.html file.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
As when the signed Java applet at http://www.segal.org/java/SignedAppletTest/ is run from the Web, when run locally the applet should report the user.home property to illustrate that it launched and was trusted.
ACTUAL -
When this applet is run from a local machine with Java 7 update 45, it fails to launch. Small red text appears "Error, Click for details" in the applet space. Clicking the red text pops up an "Application Error" dialog box titled "RuntimeException" that lists "java.lang.reflect.InvocationTargetException". The dialog has a button "Details" but clicking this just opens the Java Console, in which at the default trace level has no error messages. However, if one sets the trace level to be high one sees the error message below:
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
... 14 more
Caused by: java.lang.NullPointerException
at sun.plugin2.applet.Plugin2ClassLoader.loadAllowedCodebases(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
... 18 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
The applet code, used both on this page and on the index.html file in the zip file, is:
<APPLET code="SignedAppletTest.class" archive="SignedAppletTest.jar" width=700 height=60></APPLET>
The manifest.txt file has the following content:
Permissions: all-permissions
Codebase: *
Application-Name: SignedAppletTest
The applet source code is:
import java.awt.*;
import java.applet.*;
public class SignedAppletTest extends Applet {
public void init()
{
setBackground(new Color(255, 240, 200));
}
public void paint(Graphics g)
{
try
{
String userHome = System.getProperty("user.home");
g.drawString("Signing worked. The user.home property is: " + userHome, 10, 30);
}
catch (SecurityException e)
{
g.drawString("Signing didn't work. The SecurityException is: " + e.getMessage(), 10, 70);
}
}
} // END OF Class SignedAppletTest
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
1. It works fine with Java 8 build 111, but once the security code from 7u45 is added to the JRE 8 builds they may no longer work either. Java 8 build 111 works on Windows 8 for the test applet given here, but the larger applet it is intended to mimic works with Java 8 build 111 only on firefox, not Internet Explorer.
2. On Windows Vista, unchecking "Enable the next-generation Java plug-in" in the Advanced tab of Java Control Panel fixes the problem for Internet Explorer but not for Firefox. However, this carries the warning that the older plug-in will be removed in the next major release.
3. Attempts to launch with a JNLP file did not succeed in my testing, but I've never used JNLP before.
java version "1.7.0_45"
Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot(TM) Client VM (build 24.45-b08, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
A DESCRIPTION OF THE PROBLEM :
A signed applet gives an InvocationTargetException when running locally, but runs fine from the Web.
REGRESSION. Last worked in version 7u40
ADDITIONAL REGRESSION INFORMATION:
java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
Java HotSpot(TM) Client VM (build 24.0-b56, mixed mode, sharing)
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Download and expand the SignedAppletTest.zip file from http://www.segal.org/java/SignedAppletTest/SignedAppletTest.zip and linked to on http://www.segal.org/java/SignedAppletTest/. It contains a folder with the following files:
1. index.html: clicking on this launches the applet (see its applet code below)
2. SignedAppletTest.java source code (see contents below)
3. SUNSIGN.bat the code used to sign the applet (folder and certificate names are changed to placeholders)
4. manifest.txt: permissions added by SUNSIGN.bat to the JAR (see contents below)
5. SignedAppletTest.jar: the resulting JAR file
Then run the index.html file.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
As when the signed Java applet at http://www.segal.org/java/SignedAppletTest/ is run from the Web, when run locally the applet should report the user.home property to illustrate that it launched and was trusted.
ACTUAL -
When this applet is run from a local machine with Java 7 update 45, it fails to launch. Small red text appears "Error, Click for details" in the applet space. Clicking the red text pops up an "Application Error" dialog box titled "RuntimeException" that lists "java.lang.reflect.InvocationTargetException". The dialog has a button "Details" but clicking this just opens the Java Console, in which at the default trace level has no error messages. However, if one sets the trace level to be high one sees the error message below:
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
... 14 more
Caused by: java.lang.NullPointerException
at sun.plugin2.applet.Plugin2ClassLoader.loadAllowedCodebases(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
... 18 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
The applet code, used both on this page and on the index.html file in the zip file, is:
<APPLET code="SignedAppletTest.class" archive="SignedAppletTest.jar" width=700 height=60></APPLET>
The manifest.txt file has the following content:
Permissions: all-permissions
Codebase: *
Application-Name: SignedAppletTest
The applet source code is:
import java.awt.*;
import java.applet.*;
public class SignedAppletTest extends Applet {
public void init()
{
setBackground(new Color(255, 240, 200));
}
public void paint(Graphics g)
{
try
{
String userHome = System.getProperty("user.home");
g.drawString("Signing worked. The user.home property is: " + userHome, 10, 30);
}
catch (SecurityException e)
{
g.drawString("Signing didn't work. The SecurityException is: " + e.getMessage(), 10, 70);
}
}
} // END OF Class SignedAppletTest
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
1. It works fine with Java 8 build 111, but once the security code from 7u45 is added to the JRE 8 builds they may no longer work either. Java 8 build 111 works on Windows 8 for the test applet given here, but the larger applet it is intended to mimic works with Java 8 build 111 only on firefox, not Internet Explorer.
2. On Windows Vista, unchecking "Enable the next-generation Java plug-in" in the Advanced tab of Java Control Panel fixes the problem for Internet Explorer but not for Firefox. However, this carries the warning that the older plug-in will be removed in the next major release.
3. Attempts to launch with a JNLP file did not succeed in my testing, but I've never used JNLP before.