签名的小程序瓦特/签署JNLP模板生产java.lang.SecurityException异常 [英] Signed applet w/ signed JNLP template produces java.lang.SecurityException
问题描述
我登录我的RIA使用的JNLP文件,在preparation为即将到来的更严格的安全限制,的> 7u51
,由于在一月份。该版本Webstart的是伟大的工作,但我已经运行到那里的小程序的版本失败,出现以下异常推出的一个问题。
谷歌显然没有听说过这个例外。 (
java.lang.SecurityException异常:JAR不应包含JNLP-INF / APPLICATION_TEMPLATE.JNLP
在sun.plugin2.applet.Applet2ClassLoader.getPermissions(来源不明)
在java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:206)
在java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
在java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)
在sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
在sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
在java.lang.reflect.Method.invoke(Method.java:606)
在sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(来源不明)
在sun.plugin2.applet.Plugin2ClassLoader.access $ 100(来源不明)
在sun.plugin2.applet.Plugin2ClassLoader $ 2.run(来源不明)
在java.security.AccessController.doPrivileged(本机方法)
在sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(来源不明)
在sun.plugin2.applet.Applet2ClassLoader.findClass(来源不明)
在sun.plugin2.applet.Plugin2ClassLoader.loadClass0(来源不明)
在sun.plugin2.applet.Plugin2ClassLoader.loadClass(来源不明)
在sun.plugin2.applet.Plugin2ClassLoader.loadClass0(来源不明)
在sun.plugin2.applet.Plugin2ClassLoader.loadClass(来源不明)
在sun.plugin2.applet.Plugin2ClassLoader.loadClass(来源不明)
在java.lang.ClassLoader.loadClass(ClassLoader.java:358)
在sun.plugin2.applet.Plugin2ClassLoader.load code(来源不明)
在sun.plugin2.applet.Plugin2Manager.initAppletAdapter(来源不明)
在sun.plugin2.applet.Plugin2Manager $ AppletExecutionRunnable.run(来源不明)
在java.lang.Thread.run(Thread.java:744)
的问题是,小程序没有被部署为JNLP小程序。安全修补程序在介绍7u25
这是通过传统&LT打算prevent一个JNLP小程序,再重新考虑;小程序/&GT ;
标签部署机制。此异常指示该安全补丁已跳闸。
的变通办法是要么始终部署小程序作为JNLP小程序,或使用不包含 JNLP-INF
目录下的JAR文件的不同变种
请注意,您也可以看到此版本,如果你签署JNLP本身,而不是一个模板:
java.lang.SecurityException异常:JAR不应包含JNLP-INF / APPLICATION.JNLP
I'm signing the JNLP file used by my RIA, in preparation for the coming tighter security restrictions in 7u51
, due in January. The webstart version is working great, but I've run into a problem where the applet version fails to launch with the following exception.
Google has apparently never heard of this exception. :(
java.lang.SecurityException: JAR should not contain JNLP-INF/APPLICATION_TEMPLATE.JNLP
at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:206)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Thread.java:744)
The problem was that the applet was not being deployed as a JNLP applet. A security fix was introduced in 7u25
that was intended to prevent the re-purposing of a JNLP applet via the legacy <applet/>
tag deployment mechanism. This exception indicates that that security fix has been tripped.
The work-around is either to always deploy your applets as JNLP applets, or to use a different variant of the JAR file that does not contain a JNLP-INF
directory.
Note that you may also see this variant if you're signing the JNLP itself rather than a template:
java.lang.SecurityException: JAR should not contain JNLP-INF/APPLICATION.JNLP
这篇关于签名的小程序瓦特/签署JNLP模板生产java.lang.SecurityException异常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!