无法使用 Java 7u21 启动小程序 [英] Cannot launch applet using Java 7u21
问题描述
因此,我们安装了 Java 7u21 版本,旨在加强小程序的安全性.不幸的是,它把它收得太紧了,以至于我们的小程序不再运行了.不好.
有趣的是,它只是在我们使用 JWS 操作时才停止工作.如果我们从标准网页将其作为标准小程序启动,则一切正常.
在 JWS 模式下,我们至少会在反射和 java.lang.Thread.setDefaultUncaughtExceptionHandler 上遇到安全问题.
证书看起来没问题.
Oracle 的发行说明没有提供与 JWS 相关的任何内容.
因此,我向社区提出的问题是:有人对此有想法或(甚至更好)解决方案吗?
与给定建议/评论相关的其他信息:
这个小程序由全球数百个第三方客户运行,因此很遗憾,无法更改安全策略.该问题对于客户是可重现的.但是,我可以确认更改策略文件可以解决问题.
当我从 Eclipse 启动的 Tomcat 运行小程序(因此当然没有签名小程序)时,它会按预期在浏览器中显示警告通知.作为一个容易上当的人,我允许小程序运行,因为它是从我自己的开发环境中启动的.这仍然会导致安全失败.
我已经考虑过这是否是 Java 中的错误,但我想看看是否还有其他人看到了同样的问题.我想我们都知道 Oracle 修复错误的周转时间并不总是最好的......
感谢您的任何意见.
<小时>非常感谢 Tony,您的建议使我能够正确地在 7u21 中创建小程序;我认为这是向前迈出的一步,因为我正在通过浏览器签署和唤醒许多小程序,这些小程序超过 7u21.我今天不能早点做.但是几个小时后我就被困住了,因为我还没有从我拥有的旧应用程序中唤醒我的第一个第三方小程序(即在 JVM 1.6 或更早版本中工作正常).
涉及的小程序,我给它们签名,但我总是收到错误消息:SecurityException - Bad applet class name".我有一些小程序和调用它们的 html 代码,问题是我链中的第一个小程序(调用链中的任何其他小程序)可能不像其他已签名的小程序那样正常运行(这些小程序来自用于培训的 java 网站),这个简单的第 3 方小程序不会运行并抛出上面提到的异常.我的第三部分小程序我不知道它在内部做什么.抱歉,我可能会要求没有源代码就不容易解决的特殊情况,但是,请相信告诉我任何想法,无论是什么.
最好的问候
我的同事破解了它.将伏特加送给波兰人有时会产生所需的灵感.:-)
无论如何,现在发送到小程序的 jnlp 信息中似乎需要安全标记(返回的内容类型设置为 application/x-java-jnlp-file).
通过添加
<块引用><所有权限/></安全> 它有效.
希望这会有所帮助.
So we installed the Java 7u21 release that is supposed to tighten the security for applets. Unfortunately it tightened it so much that our applet does not run anymore. Not good.
The interesting thing is that it only stopped working while we operate it with JWS. If we launch it as a standard applet from a standard web page everything works fine.
In JWS mode we get security issues on at least reflection and java.lang.Thread.setDefaultUncaughtExceptionHandler.
The certificates look ok.
The release notes from Oracle does not provide much input on anything related to JWS.
My question to the community is hence: does anyone have an idea or (even better) a solution to this?
Additional info related to the given suggestions/comments:
This applet is run by hundreds of third-party clients worldwide so changing the security policy is unfortunately not an option. The issue is reproducible for the clients. I can however confirm that changing the policy file resolves the issue.
When I run the applet from a Tomcat launched from Eclipse (thereby of course not having a signed applet) it brings up the warning notification in the browser as expected. Being the gullible person that I am I allow the applet to run since it was launched from my own dev environment. This still causes the security failure.
I have contemplated if this is a bug in Java but I want to see if there is anyone else seeing the same issue. I think we all know that the Oracle turnaround time for fixing bugs is not always the best...
Thanks for any input.
Thanks a lot Tony, your suggestion get me able to create applets in 7u21, propperly; i considered it as a forward step the fact that i am signing and waking up many applets yet over the browsers, these over 7u21. I culdn't to do it today earlier. But i get trapped since some hours, in the fact that i have not reached to wake my first third party applet from the legacy app i have (i.e. working fine in JVM 1.6 or the older).
The applets involved, i signed them, but i always get the error: SecurityException - "Bad applet class name". I have some applets, and html code calling them, the problem is that my first applet in chain (neither any other in the invoke chain) might not behave like the other signed applet are doing propperly (these applets are from java web site for training), this 3th party applet simple does not run and throw de exception above mentioned. My thrid part applet i dont know what it does internally. Sorry i might be asking for a particullar case that is no easy to solve without the source code, however, please trust to tell me any idea no matter wich it is.
best regards
My colleague cracked it. Giving vodka to a Polish guy can sometimes produce the needed inspiration. :-)
Anyway, it seems like the security tag is now required in the jnlp information sent to the applet (what is being returned with content type set to application/x-java-jnlp-file).
By adding
<security> <all-permissions/> </security>
it works.
Hope this helps.
这篇关于无法使用 Java 7u21 启动小程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
