使用Java 7u21无法启动小程序 [英] Cannot launch applet using Java 7u21
问题描述
因此,我们安装了应该收紧小应用程序的安全性在Java 7u21发布。不幸的是,收紧这么多,我们的小程序不再运行。不好。
有趣的是,它只是停止工作,而我们与JWS操作。如果我们启动它作为一个标准的小应用程序从一个标准的网页,一切工作正常。
在JWS模式中,我们得到至少反映安全问题和 java.lang.Thread.setDefaultUncaughtExceptionHandler 。
该证书看起来ok了。
从Oracle的发行说明不提供有关JWS东西太多投入。
我对社会问题因此是:没有任何人有一个想法或(甚至更好)解决这个
与给定建议/评论附加信息:
此小程序由数百个第三方客户端运行的全球如此改变安全策略是不幸的是没有一个选项。这个问题是可再现的客户端。
不过,我可以证实,在修改政策文件解决问题。
当我运行从Eclipse的推出(因此当然没有签名Applet)一个Tomcat小程序在浏览器中如预期带来了警告通知。是,我是我让小程序运行,因为它是从我自己的开发环境推出了轻信的人。
这仍然会导致安全故障。
我已经想到,如果这是Java中的错误,但我想看看是否有其他人看到了同样的问题。我想大家都知道,甲骨文周转时间修正错误并不总是最好的...
感谢您的任何意见。
的非常感谢托尼,你的建议,让我能够创造7u21,propperly小程序;我认为这是向前迈了一步,我感到在浏览器签署和起床许多小程序然而,这些在7u21的事实。我culdn't做当天。但我得到被困,因为几个小时,在事实上,我还没有达到从传统的应用程序我有(即在JVM 1.6做工精细或以上)唤醒我的第一个第三方的小程序。的
的涉及的小程序,我签了字,但我总是得到的错误:抛出:SecurityException - 坏applet类名。我有一些小程序和HTML code调用它们,问题是,我在链条的第一小应用程序(既不在调用链中的任何其他)可能不会表现得像其他签名Applet是propperly做(这些小程序是从Java网站现场培训),这届党简单的小程序无法运行,并抛出去的异常上面提到的。
我THRID部分小程序,我不知道它在内部做。对不起,我可能会问因为这是不容易的,而不源$ C $ C解决particullar情况,但是,请相信,告诉我什么想法,无论至极它。的
的问候的
我的同事破解它。给伏特加波兰家伙有时会产生所需要的灵感。 : - )
无论如何,这似乎是安全标签被发送给小程序(什么是被设置为应用程序/ x-java的JNLP文件的内容类型返回)JNLP信息现在需要。
通过添加
<安全>
<所有的权限/>
< /安全>
它的工作原理。
希望这有助于。
So we installed the Java 7u21 release that is supposed to tighten the security for applets. Unfortunately it tightened it so much that our applet does not run anymore. Not good.
The interesting thing is that it only stopped working while we operate it with JWS. If we launch it as a standard applet from a standard web page everything works fine.
In JWS mode we get security issues on at least reflection and
java.lang.Thread.setDefaultUncaughtExceptionHandler.The certificates look ok.
The release notes from Oracle does not provide much input on anything related to JWS.
My question to the community is hence: does anyone have an idea or (even better) a solution to this?
Additional info related to the given suggestions/comments:
This applet is run by hundreds of third-party clients worldwide so changing the security policy is unfortunately not an option. The issue is reproducible for the clients. I can however confirm that changing the policy file resolves the issue.
When I run the applet from a Tomcat launched from Eclipse (thereby of course not having a signed applet) it brings up the warning notification in the browser as expected. Being the gullible person that I am I allow the applet to run since it was launched from my own dev environment. This still causes the security failure.
I have contemplated if this is a bug in Java but I want to see if there is anyone else seeing the same issue. I think we all know that the Oracle turnaround time for fixing bugs is not always the best...
Thanks for any input.
Thanks a lot Tony, your suggestion get me able to create applets in 7u21, propperly; i considered it as a forward step the fact that i am signing and waking up many applets yet over the browsers, these over 7u21. I culdn't to do it today earlier. But i get trapped since some hours, in the fact that i have not reached to wake my first third party applet from the legacy app i have (i.e. working fine in JVM 1.6 or the older).
The applets involved, i signed them, but i always get the error: SecurityException - "Bad applet class name". I have some applets, and html code calling them, the problem is that my first applet in chain (neither any other in the invoke chain) might not behave like the other signed applet are doing propperly (these applets are from java web site for training), this 3th party applet simple does not run and throw de exception above mentioned. My thrid part applet i dont know what it does internally. Sorry i might be asking for a particullar case that is no easy to solve without the source code, however, please trust to tell me any idea no matter wich it is.
best regards
解决方案My colleague cracked it. Giving vodka to a Polish guy can sometimes produce the needed inspiration. :-)
Anyway, it seems like the security tag is now required in the jnlp information sent to the applet (what is being returned with content type set to application/x-java-jnlp-file).
By adding
<security> <all-permissions/> </security>
it works.
Hope this helps.
这篇关于使用Java 7u21无法启动小程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
