Java Webstart尝试将沙盒jar称为“Trusted-Library”。 [英] Java Webstart attempt to sandboxed jar as "Trusted-Library"
问题描述
我正在尝试通过Webstart加载带有未签名库的签名jar。但是,我得到尝试打开沙盒jar作为Trusted-Library错误。我从我的jnlp文件中删除了所有权限设置,如果让它在那里(我不喜欢),我的库得到了一个类未定义的异常。
我正在使用Netbeans在可信库设置下签署我的jar。
如果我签署了图书馆(这不是我的,但是是GPL的)会有用吗?
I'm trying to load a signed jar with an unsigned library through Webstart. However I get a "attempt to open sandboxed jar as Trusted-Library" error. I removed the all permissions setting from my jnlp file, if let it there (which I prefer not to), I get a classnotdefined exception for my library. I'm using Netbeans to sign my jar with Trusted Library setting. Would it work if I signed the library (which is not mine, but GPL'ed)?
一切都在本地工作,顺便说一句,不是来自Webstart 。
谢谢,
Kaj
All is working locally, btw, just not from Webstart. Thanks, Kaj
清单文件:
Manifest-Version: 1.0
Ant-Version: Apache Ant 1.8.2
Trusted-Library: true
X-COMMENT: Main-Class will be added automatically by build
Class-Path: lib/tools.jar
Created-By: 1.7.0-b147 (Oracle Corporation)
Main-Class: customcompile.CustomCompile
Name: customcompile/Source.class
SHA-256-Digest: WFa1FC4Q07sE3S9XxmUSEpgUKjvjYo81urGSiiLNBYY=
Name: customcompile/Output.class
SHA-256-Digest: Sc8oRhAcYYrEtWY5iA56bNKx4EuHQHgFfHmXRSYV474=
Name: customcompile/CustomCompile.class
SHA-256-Digest: WYmy6ny6BU6sYFqJCwxSUPsbTWbpvBuPurYuwnZR5sM=
Name: customcompile/MemoryClassLoader.class
SHA-256-Digest: 0bUNmC+gI7dkGFzEmDvAqdOv15UmHOQS8dDVi9FxGFU=
Name: META-INF/INDEX.LIST
SHA-256-Digest: komZP7Un7Uyi8XTq+HvpbZtNF5cfPC8TmGiPBfcO3qk=
Name: customcompile/MemoryFileManager.class
SHA-256-Digest: GorTXt3N3GZ2kUHry7qBfAOgUuYvhWHE3S+SGEjzR7k=
我也找到了关于这个主题的一些信息( http://download.oracle.com/javase/6/docs /technotes/guides/jweb/mixed_code.html ):底部的
找到关于混合代码的Q& A,建议在库上设置一个懒惰模式,这对我没有任何作用。
I found some info on the subject as well ( http://download.oracle.com/javase/6/docs/technotes/guides/jweb/mixed_code.html ): at the bottom one finds a Q&A about mixed code, suggesting setting a lazy mode on the library, which did not do anything for me.
推荐答案
您应该可以在混合签名和未签名的代码。请特别参见安全地部署已签名的应用程序和小程序代码警告。
You should be able to find answers in Mixing Signed and Unsigned Code. See especially Deploying Signed Applications and Applets Securely Without a Mixed Code Warning.
请注意,上面的清单有..
Note that manifest above has..
..
Trusted-Library: true
X-COMMENT: Main-Class will be added automatically by build
Trusted-Only: true
..
它应该是中的一个或另一个Trusted-Library 或 Trusted-Only (AFAIU)。在这种情况下,它应该是 Trusted-Library 。
It should be one or the other of Trusted-Library or Trusted-Only (AFAIU). In this case it should be Trusted-Library.
这篇关于Java Webstart尝试将沙盒jar称为“Trusted-Library”。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
