Java Web Star java.lang.NullPointerException (JnlpxArgs.execProgram) [英] Java Web Star java.lang.NullPointerException (JnlpxArgs.execProgram)
问题描述
我有一个由 servlet 动态生成的 JNLP 文件.生成的 JNLP 为:
<信息><title>JSGD</title><vendor>evconsul</vendor><主页 href=""/><description>JSGD</description><description kind="short">JSGD</description><离线允许/></信息><update check="background"/><安全><所有权限/></安全><资源><j2se version="1.8+"/><jar href="http://192.168.0.17:8080/Secu/huella/JSGD.jar" main="true"/></资源><application-desc main-class="jsgd.JSGD"><argument>Hoolas</argument></application-desc></jnlp> 客户端机器中的错误:
java.lang.NullPointerException在 com.sun.javaws.JnlpxArgs.execProgram(来源不明)在 com.sun.javaws.Launcher.relaunch(来源不明)在 com.sun.javaws.Launcher.prepareResources(来源不明)在 com.sun.javaws.Launcher.prepareAllResources(来源不明)在 com.sun.javaws.Launcher.prepareToLaunch(来源不明)在 com.sun.javaws.Launcher.prepareToLaunch(来源不明)在 com.sun.javaws.Launcher.launch(来源不明)在 com.sun.javaws.Main.launchApp(来源不明)在 com.sun.javaws.Main.continueInSecureThread(来源不明)在 com.sun.javaws.Main.access$000(来源不明)在 com.sun.javaws.Main$1.run(来源不明)在 java.lang.Thread.run(未知来源)缺少应用程序名称清单属性:http://192.168.0.17:8080/Secu/huella/JSGD.jar#### Java Web 启动错误:#### 空值我已将所有库打包在一个名为 JSGD.jar 的 jar 中,其结构是:
JSGD.jar-jsgd-元信息-组织-SecugenLib我的jar的网址是:http://192.168.0.17:8080/Secu/huella/JSGD.jar
我已经通过 Netbeans 8.1 打包了我的应用程序文件->/buil.xml 右键运行目标->其他目标->package-for-store.这会在 Store 文件夹中生成一个 jar.此 jar 具有上述结构.
在我的机器上运行正常(当代码库属性是:codebase="http://localhost:8080/Secu/" 当然!).会有什么问题?JRE 版本 1.7.0_79-b15(客户端机器)我使用 Netbeans 8.1
详情:
我已经覆盖了 build.xml 添加了下一行;将所有类打包在一个 jar 中:
<!-- Cambien el valor de esta propiedad para dar el nombre al JAR,罪拉扩展.jar.没有 debe tener espacios.<property name="store.jar.name" value="NombreDelJar"/>--><property name="store.jar.name" value="JSGD"/><!-- No editar nada después de esta línea --><property name="store.dir" value="store"/><property name="store.jar" value="${store.dir}/${store.jar.name}.jar"/><echo message="将 ${application.title} 打包成一个位于 ${store.jar} 的 JAR"/><delete dir="${store.dir}"/><mkdir dir="${store.dir}"/><jar destfile="${store.dir}/temp_final.jar" filesetmanifest="skip"><zipgroupfileset dir="dist" includes="*.jar"/><zipgroupfileset dir="dist/lib" includes="*.jar"/><清单><attribute name="Main-Class" value="${main.class}"/><attribute name="Application-Name" value="JSGD"/><attribute name="Trusted-Only" value="true"/><属性名称=权限"值=沙盒"/><属性名称=代码库"value="http://192.168.0.17 http://localhost"/></清单></jar><zip destfile="${store.jar}"><zipfileset src="${store.dir}/temp_final.jar"excludes="META-INF/*.SF, META-INF/*.DSA, META-INF/*.RSA"/></zip><delete file="${store.dir}/temp_final.jar"/></目标> 更新
按照@mosquito-x 的建议,事情似乎变得更好了,但是 Java 7(我也在 jre-8u91 中尝试)阻止了它.消息是:
应用程序被 Java 安全阻止.名称:JSGD来自:http://192.168.0.17原因:Java 安全设置使此应用程序无法运行.您可以在 Java 控制面板中更改此行为.在 Java 控制面板站点列表中.我添加了这些网站:
http://192.168.0.17:8080http://192.168.0.17:8080/Secuhttp://192.168.0.17:8080/Secu/huellahttp://192.168.0.17:8080/Secu/launch提前致谢!
JNLP :
硬编码的codebase="http://192.168.0.17:8080/Secu/"
只会在本地主机上工作导致java被阻塞
原因
Java 进一步增强了安全性,使用户系统不易受到外部攻击.
从 Java 7 Update 51 开始,Java 不允许用户运行未签名(未签名)、自签名(未由受信任的机构签名)或缺少权限属性的应用程序.运行应用程序涉及的风险未签名的应用程序
默认情况下会阻止没有证书的应用程序(即未签名的应用程序)或缺少应用程序名称和发布者信息.运行这种应用程序可能不安全,并且存在更高的风险.自签名应用程序(证书不是来自受信任机构)
具有自签名证书的应用程序被阻止 ............
应用名称属性
应用程序名称属性在安全提示中用于为您签署的 RIA 提供标题.建议使用此属性来帮助用户做出信任和运行 RIA 的决定.该值可以是任何有效的字符串,例如:
应用程序名称:Hello World
如果 JAR 文件清单中不存在 Application-Name 属性 ……
修改清单文件
在创建 JAR 文件期间,您可以使用 m 命令行选项向清单添加自定义信息.本节介绍 m 选项.
Jar 工具会自动将路径名为 META-INF/MANIFEST.MF 的默认清单放入您创建的任何 JAR 文件中.您可以通过修改默认清单来启用特殊的 JAR 文件功能,例如包密封.通常,修改默认清单涉及向清单添加特殊用途的标头,以允许 JAR 文件执行特定的所需功能.
要修改清单,您必须首先准备一个文本文件,其中包含您希望添加到清单中的信息.然后使用 Jar 工具的 m 选项将文件中的信息添加到清单中.警告:用于创建清单的文本文件必须以换行符或回车符结尾.最后一行如果不以换行或回车结束,将不会被正确解析.
基本命令格式如下:
jar cfm jar-file manifest-addition input-file(s)让我们看看这个命令中使用的选项和参数:
<块引用>c 选项表示您要创建 JAR 文件.m 选项表示您要合并现有文件中的信息...f 选项表示您希望输出到一个文件(JAR 文件)...manifest-addition 是现有文本文件的名称(或路径和名称)....jar-file 是您希望生成的 JAR 文件具有的名称.input-file(s) 参数是以空格分隔的一个或多个文件的列表......我的例子之一
清单.MF
清单版本:1.0Ant 版本:Apache Ant 1.8.3主类:DataSummaryApplet类路径:lib/plugin.jar应用名称:appJSN仅受信任:真实权限:沙盒创建者:1.7.0_51-b13(甲骨文公司)代码库:http://www.asitexx.com http://localhost
1.)大多数创建 jar 文件的 IDE 使用 build.xml.如果您更改项目中的某些内容,则此文件总是新创建的坏事.
你可以测试你是否改变了:
<attribute name="Main-Class" value="${main.class}"/></清单> with(根据您的需要更改)
<attribute name="Main-Class" value="${main.class}"/><attribute name="Application-Name" value="whatever"/><attribute name="Trusted-Only" value="true"/><属性名称=权限"值=沙盒"/><attribute name="Codebase" value="http://www.asitexx.com http://localhost"/></清单> 您可以将域添加到以空格分隔的代码库中
2.) 从不再需要的 JNLP 文件中删除代码库
<jnlp spec="6.0+" codebase="http://192.168.0.17:8080/Secu/" href="launch?param1=Hooolas">到
希望能帮到你,
托马斯
更新来自评论
<块引用>你认为我应该用证书签名吗??以及怎么做?
这并不容易,您必须小心地按照正确的顺序进行所有操作.
小心:
仅使用纯 .jar 文件,其中包含所有库,甚至是您自己创建的 MANIFEST.FM.
测试一下,打开的jar文件必须只包含除libs以外的纯文本.否 SHA-256-Digest 或其他部分,例如 7fnH8YhS5mkYtZoJqiWEI2bfSXSYd2alrKCEdvieyEk 等
然后您可以继续进行下一步.
只有两个链接可以帮助您.
I have a JNLP file which is generated by a servlet dynamically . The JNLP generated is:
<jnlp spec="6.0+" href="launch?param1=Hooolas">
<information>
<title>JSGD</title>
<vendor>evconsul</vendor>
<homepage href=""/>
<description>JSGD</description>
<description kind="short">JSGD</description>
<offline-allowed/>
</information>
<update check="background"/>
<security>
<all-permissions/>
</security>
<resources>
<j2se version="1.8+"/>
<jar href="http://192.168.0.17:8080/Secu/huella/JSGD.jar" main="true"/>
</resources>
<application-desc main-class="jsgd.JSGD">
<argument>Hooolas</argument>
</application-desc>
</jnlp>
The error in a client machine:
java.lang.NullPointerException
at com.sun.javaws.JnlpxArgs.execProgram(Unknown Source)
at com.sun.javaws.Launcher.relaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Missing Application-Name manifest attribute for: http://192.168.0.17:8080/Secu/huella/JSGD.jar
#### Java Web Start Error:
#### null
I have packed all libraries in one jar called JSGD.jar its struct is:
JSGD.jar
-jsgd
-META-INF
-org
-SecugenLib
The URL of my jar is: http://192.168.0.17:8080/Secu/huella/JSGD.jar
I have packed my app via on Netbeans 8.1 Files->/buil.xml right click Run Target->Other Targets->package-for-store. This generates a jar inside in Store folder. This jar has the struct described above.
In my machine runs ok(when codebase attribute is: codebase="http://localhost:8080/Secu/" of course! ). What would be the problem? JRE version 1.7.0_79-b15(Client Machine) I use Netbeans 8.1
DETAILS:
I have overwritten build.xml adding the next lines; to pack all classes in one jar:
<target name="package-for-store" depends="jar">
<!-- Cambien el valor de esta propiedad para dar el nombre al JAR,
sin la extensión .jar. No debe tener espacios.
<property name="store.jar.name" value="NombreDelJar"/>
-->
<property name="store.jar.name" value="JSGD"/>
<!-- No editar nada después de esta línea -->
<property name="store.dir" value="store"/>
<property name="store.jar" value="${store.dir}/${store.jar.name}.jar"/>
<echo message="Packaging ${application.title} into a single JAR at ${store.jar}"/>
<delete dir="${store.dir}"/>
<mkdir dir="${store.dir}"/>
<jar destfile="${store.dir}/temp_final.jar" filesetmanifest="skip">
<zipgroupfileset dir="dist" includes="*.jar"/>
<zipgroupfileset dir="dist/lib" includes="*.jar"/>
<manifest>
<attribute name="Main-Class" value="${main.class}"/>
<attribute name="Application-Name" value="JSGD"/>
<attribute name="Trusted-Only" value="true"/>
<attribute name="Permissions" value="sandbox"/>
<attribute name="Codebase"
value="http://192.168.0.17 http://localhost"/>
</manifest>
</jar>
<zip destfile="${store.jar}">
<zipfileset src="${store.dir}/temp_final.jar"
excludes="META-INF/*.SF, META-INF/*.DSA, META-INF/*.RSA"/>
</zip>
<delete file="${store.dir}/temp_final.jar"/>
</target>
Update
Following the advices from @mosquito-x, seems the thing goes better, but Java 7(I'm trying in jre-8u91 too) block it. The message is:
Application Blocked by Java Security.
Name: JSGD
From: http://192.168.0.17
Reason: The Java Security Settings have this application from running. You may change this behavior in Java Control Panel.
In Java control panel Site list. I have added these sites:
http://192.168.0.17:8080
http://192.168.0.17:8080/Secu
http://192.168.0.17:8080/Secu/huella
http://192.168.0.17:8080/Secu/launch
Thanks in advance!
The JNLP :
a hardcodedcodebase="http://192.168.0.17:8080/Secu/"
will only work on localhostcause java blocked
CAUSE
Java has further enhanced security to make the user system less vulnerable to external exploits.
Starting with Java 7 Update 51, Java does not allow users to run applications that are not signed (unsigned), self-signed (not signed by trusted authority) or that are missing permission attributes.
Risks involved in running applications
Unsigned application
An application without a certificate (i.e. unsigned apps), or missing application Name and Publisher information are blocked by default. Running this kind of application is potentially unsafe and present higher level of risk. Self-signed application (Certificate not from trusted authority)
An application with self-signed certificate is blocked ............
Application-Name Attribute
The Application-Name attribute is used in security prompts to provide a title for your signed RIA. Use of this attribute is recommended to help users make the decision to trust and run the RIA. The value can be any valid string, for example:
Application-Name: Hello World
If the Application-Name attribute is not present in the JAR file manifest ............
Modifying a Manifest File
You use the m command-line option to add custom information to the manifest during creation of a JAR file. This section describes the m option.
The Jar tool automatically puts a default manifest with the pathname META-INF/MANIFEST.MF into any JAR file you create. You can enable special JAR file functionality, such as package sealing, by modifying the default manifest. Typically, modifying the default manifest involves adding special-purpose headers to the manifest that allow the JAR file to perform a particular desired function.
To modify the manifest, you must first prepare a text file containing the information you wish to add to the manifest. You then use the Jar tool's m option to add the information in your file to the manifest. Warning: The text file from which you are creating the manifest must end with a new line or carriage return. The last line will not be parsed properly if it does not end with a new line or carriage return.
The basic command has this format:
jar cfm jar-file manifest-addition input-file(s)
Let's look at the options and arguments used in this command:
The c option indicates that you want to create a JAR file. The m option indicates that you want to merge information from an existing file ... The f option indicates that you want the output to go to a file (the JAR file) ... manifest-addition is the name (or path and name) of the existing text file .... jar-file is the name that you want the resulting JAR file to have. The input-file(s) argument is a space-separated list of one or more files ....
example one of mine
MANIFEST.MF
Manifest-Version: 1.0
Ant-Version: Apache Ant 1.8.3
Main-Class: DataSummaryApplet
Class-Path: lib/plugin.jar
Application-Name: appJSN
Trusted-Only: true
Permissions: sandbox
Created-By: 1.7.0_51-b13 (Oracle Corporation)
Codebase: http://www.asitexx.com http://localhost
EDIT:
1.)
Most IDE's who creates the jar file, uses a build.xml.
The bad thing this file is always new created if you change something in the project.
You can test if you change :
<manifest>
<attribute name="Main-Class" value="${main.class}"/>
</manifest>
with (change to your needs)
<manifest>
<attribute name="Main-Class" value="${main.class}"/>
<attribute name="Application-Name" value="whatever"/>
<attribute name="Trusted-Only" value="true"/>
<attribute name="Permissions" value="sandbox"/>
<attribute name="Codebase" value="http://www.asitexx.com http://localhost"/>
</manifest>
you can add domains to the codebase seperated by a blank
2.) Remove the code base from JNLP file it's not needed anymore
<jnlp spec="6.0+" codebase="http://192.168.0.17:8080/Secu/" href="launch?param1=Hooolas">
to
<jnlp spec="6.0+" href="launch?param1=Hooolas">
Hope it helps,
Thomas
Update from comments
You think that I should sign with a certificate?? and How do that?
that is not that easy and you have to be careful to do everything in the correct sequence.
Be careful:
Only pure .jar file use, that has all libs and even your self created MANIFEST.FM in it.
Test this, open the jar file must contain only except the libs plain text.
No SHA-256-Digest or other parts like 7fnH8YhS5mkYtZoJqiWEI2bfSXSYd2alrKCEdvieyEketc.
Then you can with the next steps proceed.
only two links of many that may help you.
To Generate a Certificate by Using keytool
这篇关于Java Web Star java.lang.NullPointerException (JnlpxArgs.execProgram)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
