Oxygen Applet is hangs on after code security changes
Having trouble installing Oxygen? Got a bug to report? Post it all here.
-
yury.eroshenkov
- Posts: 34
- Joined: Mon Jun 03, 2013 2:17 pm
Oxygen Applet is hangs on after code security changes
Post by yury.eroshenkov »
Hello.
We are using the web component in our DITA authoring web tool and previously an applet was self-signed. Than we signed the applet jars with trusted sertificate and also add Permission, Codebase and Trusted Library options to the jar manifests and jnlp using your build.xml. After that we got message from java with blue shield (which means that the certificate is trusted and valid), but after clicking Run we got warning with yellow triangle and message:
"This application is going to perform an insecure operation. Do you want to continue?" in the class AuthorComponentApplet.
If we don't set the checkbox "Do not asking again" on the previus step (message with blue shield) the applet will open successfully, but if once we set this option - every time when the applet is loading we got this warning message and the applet is hanging on on the initialization step after clicking "Continue" from the message.
This happens in Mazilla and Chrome, but in IE (at least 8.0) an applet finnally loaded, but after a couple of minutes. Also, we didn't make any changes in the applet code since we sign it.
So, the questions are:
1. Can you explain the java security message with yellow triangle? Which "insecure operation" could be mean?
2. Why after java has put the certificate, which we use to sign the applet, to the trusted certificates the applet is not started but hanging on the initialization?
We are using the web component in our DITA authoring web tool and previously an applet was self-signed. Than we signed the applet jars with trusted sertificate and also add Permission, Codebase and Trusted Library options to the jar manifests and jnlp using your build.xml. After that we got message from java with blue shield (which means that the certificate is trusted and valid), but after clicking Run we got warning with yellow triangle and message:
"This application is going to perform an insecure operation. Do you want to continue?" in the class AuthorComponentApplet.
If we don't set the checkbox "Do not asking again" on the previus step (message with blue shield) the applet will open successfully, but if once we set this option - every time when the applet is loading we got this warning message and the applet is hanging on on the initialization step after clicking "Continue" from the message.
This happens in Mazilla and Chrome, but in IE (at least 8.0) an applet finnally loaded, but after a couple of minutes. Also, we didn't make any changes in the applet code since we sign it.
So, the questions are:
1. Can you explain the java security message with yellow triangle? Which "insecure operation" could be mean?
2. Why after java has put the certificate, which we use to sign the applet, to the trusted certificates the applet is not started but hanging on the initialization?
Re: Oxygen Applet is hangs on after code security changes
Hi Yuri,
http://www.oxygenxml.com/demo/AuthorDem ... ments.html
I'm curious if they generate the same problem on your side.
If they do not generate that warning on your side:
We use a certificate generated by Thawthe to sign our applet, what certificate are you using on your side?
We decided to remove the Trusted-Library property from the JAR manifests because it generated a warning with the latest Java (but not the warning you reported). So our demo applets have the following properties set in the manifest for all JAR libraries:
Regards,
Radu
I do not quite know. Could you try to run one of the demo applets from our web site?1. Can you explain the java security message with yellow triangle? Which "insecure operation" could be mean?
http://www.oxygenxml.com/demo/AuthorDem ... ments.html
I'm curious if they generate the same problem on your side.
If they do not generate that warning on your side:
We use a certificate generated by Thawthe to sign our applet, what certificate are you using on your side?
We decided to remove the Trusted-Library property from the JAR manifests because it generated a warning with the latest Java (but not the warning you reported). So our demo applets have the following properties set in the manifest for all JAR libraries:
Code: Select all
<target name="addTrustedLibraryProperty">
<echo>Add properties Trusted-Library, Permissions and Codebase to file: ${jarFile}</echo>
<jar file="${jarFile}" update="true">
<manifest>
<!--Commented out, gives warning with Java 1.7.45-->
<!--<attribute name="Trusted-Library" value="true"/>-->
<!--EXM-27848
Remove warnings, see:
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/no_redeploy.html
-->
<attribute name="Permissions" value="all-permissions"/>
<attribute name="Codebase" value="*"/>
<!--EXM-28568 Avoid giving warning with Java 1.7.45-->
<attribute name="Application-Library-Allowable-Codebase" value="*"/>
<attribute name="Caller-Allowable-Codebase" value="*"/>
</manifest>
</jar>
</target>I would need to see the entire output received in the Java console when the applet fails to load.2. Why after java has put the certificate, which we use to sign the applet, to the trusted certificates the applet is not started but hanging on the initialization?
Regards,
Radu
Radu Coravu
<oXygen/> XML Editor
http://www.oxygenxml.com
<oXygen/> XML Editor
http://www.oxygenxml.com
-
yury.eroshenkov
- Posts: 34
- Joined: Mon Jun 03, 2013 2:17 pm
Re: Oxygen Applet is hangs on after code security changes
Post by yury.eroshenkov »
Hi, Radu. Thanks for your reaction.
This is a java console:
Also removing Trusted-Library attribute doesn't help. We got the same message.
This is a java console:
- Java Plug-in 10.45.2.18
Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\holodilnik
----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------
[OXYGEN] Doc base is http://localhost:8888/webtop
widgetId w329
http://localhost:8888/oxygen-framework/ ... mework.zip
Code: Select all
factory.init(frameworksURLs.toArray(new URL[0]), optionsZipURL, getCodeBase(), getAppletId(), // The license key if it is a fixed license
licenseKey);
-
yury.eroshenkov
- Posts: 34
- Joined: Mon Jun 03, 2013 2:17 pm
Re: Oxygen Applet is hangs on after code security changes
Post by yury.eroshenkov »
PS. I've tried to wrap the init line into AccessController.doPrivileged():
and after long-long initialization in the console i've got:
12:48:54,800 472190 ERROR [ Applet 2 LiveConnect Worker Thread ] ro.sync.exml.editor.vd - Could not change from Unknown to: Author because: java.security.AccessControlException: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
java.security.AccessControlException: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
Code: Select all
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
try {
factory.init(frameworksURLs.toArray(new URL[0]), optionsZipURL, getCodeBase(), getAppletId(),
// The license key if it is a fixed license
licenseKey);
} catch (AuthorComponentException e) {
e.printStackTrace();
}
return null;
}
});
- Java Plug-in 10.45.2.18
Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\holodilnik
----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------
[OXYGEN] Doc base is http://localhost:8888/webtop
widgetId w329
http://localhost:8888/oxygen-framework/ ... mework.zip
log4j:WARN No appenders could be found for logger (ro.sync.ecss.extensions.api.component.sync.ResourcesSynchronizer).
log4j:WARN Please initialize the log4j system properly.
12:46:37,190 334580 ERROR [ Applet 2 LiveConnect Worker Thread ] ro.sync.ui.Icons - Problem while decoding image /images/ValidateCached20.png
java.lang.SecurityException: Unable to create temporary file or directory
at java.nio.file.TempFileHelper.create(Unknown Source)
at java.nio.file.TempFileHelper.createTempFile(Unknown Source)
at java.nio.file.Files.createTempFile(Unknown Source)
at javax.imageio.stream.FileCacheImageInputStream.<init>(Unknown Source)
at com.sun.imageio.spi.InputStreamImageInputStreamSpi.createInputStreamInstance(Unknown Source)
at javax.imageio.ImageIO.createImageInputStream(Unknown Source)
at javax.imageio.ImageIO.read(Unknown Source)
at ro.sync.ui.Icons.createImageIcon(Unknown Source)
at ro.sync.ui.Icons.createImageIcon(Unknown Source)
at ro.sync.ui.Icons.getIcon(Unknown Source)
at ro.sync.exml.editor.validate.p.createEditorActions(Unknown Source)
at ro.sync.exml.editor.xmleditor.sb.createEditorActions(Unknown Source)
at ro.sync.exml.editor.xmleditor.mb.createEditorActions(Unknown Source)
at ro.sync.exml.editor.xmleditor.tb.createEditorActions(Unknown Source)
at ro.sync.exml.editor.vd.initFrame(Unknown Source)
at ro.sync.exml.editor.validate.p.initFrame(Unknown Source)
at ro.sync.exml.editor.xmleditor.mb.initFrame(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.<init>(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentFactory.createEditorComponentProvider(Unknown Source)
at ro.sync.ecss.applet.AuthorComponent.<init>(AuthorComponent.java:410)
at ro.sync.ecss.applet.AuthorComponentApplet.createAuthorComponentEditor(AuthorComponentApplet.java:228)
at ro.sync.ecss.applet.AuthorComponentApplet.switchToEditor(AuthorComponentApplet.java:273)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
............
12:48:33,331 450721 ERROR [ Applet 2 LiveConnect Worker Thread ] ro.sync.ui.Icons - Problem while decoding image /images/EditComment20.png
java.lang.SecurityException: Unable to create temporary file or directory
at java.nio.file.TempFileHelper.create(Unknown Source)
at java.nio.file.TempFileHelper.createTempFile(Unknown Source)
at java.nio.file.Files.createTempFile(Unknown Source)
at javax.imageio.stream.FileCacheImageInputStream.<init>(Unknown Source)
at com.sun.imageio.spi.InputStreamImageInputStreamSpi.createInputStreamInstance(Unknown Source)
at javax.imageio.ImageIO.createImageInputStream(Unknown Source)
at javax.imageio.ImageIO.read(Unknown Source)
at ro.sync.ui.Icons.createImageIcon(Unknown Source)
at ro.sync.ui.Icons.createImageIcon(Unknown Source)
at ro.sync.ui.Icons.getIcon(Unknown Source)
at ro.sync.ecss.component.j.f.f.nb.<init>(Unknown Source)
at ro.sync.ecss.component.j.f.f.prg(Unknown Source)
at ro.sync.ecss.component.j.f.f.<init>(Unknown Source)
at ro.sync.exml.editor.xmleditor.pageauthor.b.csf(Unknown Source)
at ro.sync.exml.editor.yb.hpf(Unknown Source)
at ro.sync.exml.editor.vd.changePage(Unknown Source)
at ro.sync.exml.editor.vd.changePage(Unknown Source)
at ro.sync.exml.editor.validate.p.changePage(Unknown Source)
at ro.sync.exml.editor.vd.initFrame(Unknown Source)
at ro.sync.exml.editor.validate.p.initFrame(Unknown Source)
at ro.sync.exml.editor.xmleditor.mb.initFrame(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.<init>(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentFactory.createEditorComponentProvider(Unknown Source)
at ro.sync.ecss.applet.AuthorComponent.<init>(AuthorComponent.java:410)
at ro.sync.ecss.applet.AuthorComponentApplet.createAuthorComponentEditor(AuthorComponentApplet.java:228)
at ro.sync.ecss.applet.AuthorComponentApplet.switchToEditor(AuthorComponentApplet.java:273)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
12:48:33,331 450721 ERROR [ Applet 2 LiveConnect Worker Thread ] ro.sync.ui.Icons - Problem while decoding image /images/EditComment16.png
java.lang.SecurityException: Unable to create temporary file or directory
at java.nio.file.TempFileHelper.create(Unknown Source)
at java.nio.file.TempFileHelper.createTempFile(Unknown Source)
at java.nio.file.Files.createTempFile(Unknown Source)
at javax.imageio.stream.FileCacheImageInputStream.<init>(Unknown Source)
at com.sun.imageio.spi.InputStreamImageInputStreamSpi.createInputStreamInstance(Unknown Source)
at javax.imageio.ImageIO.createImageInputStream(Unknown Source)
at javax.imageio.ImageIO.read(Unknown Source)
at ro.sync.ui.Icons.createImageIcon(Unknown Source)
at ro.sync.ui.Icons.createImageIcon(Unknown Source)
at ro.sync.ui.Icons.getIcon(Unknown Source)
at ro.sync.ecss.component.j.f.f.nb.<init>(Unknown Source)
at ro.sync.ecss.component.j.f.f.prg(Unknown Source)
at ro.sync.ecss.component.j.f.f.<init>(Unknown Source)
at ro.sync.exml.editor.xmleditor.pageauthor.b.csf(Unknown Source)
at ro.sync.exml.editor.yb.hpf(Unknown Source)
at ro.sync.exml.editor.vd.changePage(Unknown Source)
at ro.sync.exml.editor.vd.changePage(Unknown Source)
at ro.sync.exml.editor.validate.p.changePage(Unknown Source)
at ro.sync.exml.editor.vd.initFrame(Unknown Source)
at ro.sync.exml.editor.validate.p.initFrame(Unknown Source)
at ro.sync.exml.editor.xmleditor.mb.initFrame(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.<init>(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentFactory.createEditorComponentProvider(Unknown Source)
at ro.sync.ecss.applet.AuthorComponent.<init>(AuthorComponent.java:410)
at ro.sync.ecss.applet.AuthorComponentApplet.createAuthorComponentEditor(AuthorComponentApplet.java:228)
at ro.sync.ecss.applet.AuthorComponentApplet.switchToEditor(AuthorComponentApplet.java:273)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
12:48:45,347 462737 ERROR [ Applet 2 LiveConnect Worker Thread ] ro.sync.ui.Icons - Problem while decoding image /images/ValidationError12.png
java.lang.SecurityException: Unable to create temporary file or directory
at java.nio.file.TempFileHelper.create(Unknown Source)
at java.nio.file.TempFileHelper.createTempFile(Unknown Source)
at java.nio.file.Files.createTempFile(Unknown Source)
at javax.imageio.stream.FileCacheImageInputStream.<init>(Unknown Source)
at com.sun.imageio.spi.InputStreamImageInputStreamSpi.createInputStreamInstance(Unknown Source)
at javax.imageio.ImageIO.createImageInputStream(Unknown Source)
at javax.imageio.ImageIO.read(Unknown Source)
at ro.sync.ui.Icons.createImageIcon(Unknown Source)
at ro.sync.ui.Icons.createImageIcon(Unknown Source)
at ro.sync.ui.Icons.getIcon(Unknown Source)
at ro.sync.exml.editor.validate.v.<init>(Unknown Source)
at ro.sync.ecss.component.validation.b.<init>(Unknown Source)
at ro.sync.exml.editor.xmleditor.pageauthor.b.csf(Unknown Source)
at ro.sync.exml.editor.yb.hpf(Unknown Source)
at ro.sync.exml.editor.vd.changePage(Unknown Source)
at ro.sync.exml.editor.vd.changePage(Unknown Source)
at ro.sync.exml.editor.validate.p.changePage(Unknown Source)
at ro.sync.exml.editor.vd.initFrame(Unknown Source)
at ro.sync.exml.editor.validate.p.initFrame(Unknown Source)
at ro.sync.exml.editor.xmleditor.mb.initFrame(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.<init>(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentFactory.createEditorComponentProvider(Unknown Source)
at ro.sync.ecss.applet.AuthorComponent.<init>(AuthorComponent.java:410)
at ro.sync.ecss.applet.AuthorComponentApplet.createAuthorComponentEditor(AuthorComponentApplet.java:228)
at ro.sync.ecss.applet.AuthorComponentApplet.switchToEditor(AuthorComponentApplet.java:273)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
12:48:54,800 472190 ERROR [ Applet 2 LiveConnect Worker Thread ] ro.sync.exml.editor.vd - Could not change from Unknown to: Author because: java.security.AccessControlException: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
java.security.AccessControlException: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source)
at java.lang.reflect.AccessibleObject.setAccessible(Unknown Source)
at ro.sync.util.Equaler.e(Unknown Source)
at ro.sync.util.Equaler.verifyOptionsEquals(Unknown Source)
at ro.sync.util.Equaler.d(Unknown Source)
at ro.sync.util.Equaler.verifyOptionsEquals(Unknown Source)
at ro.sync.util.Equaler.verifyOptionsEquals(Unknown Source)
at ro.sync.options.v.e(Unknown Source)
at ro.sync.options.v.setObjectArrayProperty(Unknown Source)
at ro.sync.contentcompletion.n.c(Unknown Source)
at ro.sync.contentcompletion.l.i(Unknown Source)
at ro.sync.contentcompletion.l.c(Unknown Source)
at ro.sync.exml.editor.xmleditor.pageauthor.b.csf(Unknown Source)
at ro.sync.exml.editor.yb.hpf(Unknown Source)
at ro.sync.exml.editor.vd.changePage(Unknown Source)
at ro.sync.exml.editor.vd.changePage(Unknown Source)
at ro.sync.exml.editor.validate.p.changePage(Unknown Source)
at ro.sync.exml.editor.vd.initFrame(Unknown Source)
at ro.sync.exml.editor.validate.p.initFrame(Unknown Source)
at ro.sync.exml.editor.xmleditor.mb.initFrame(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.<init>(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentFactory.createEditorComponentProvider(Unknown Source)
at ro.sync.ecss.applet.AuthorComponent.<init>(AuthorComponent.java:410)
at ro.sync.ecss.applet.AuthorComponentApplet.createAuthorComponentEditor(AuthorComponentApplet.java:228)
at ro.sync.ecss.applet.AuthorComponentApplet.switchToEditor(AuthorComponentApplet.java:273)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
access denied ("java.util.PropertyPermission" "user.dir" "read")
java.security.AccessControlException: access denied ("java.util.PropertyPermission" "user.dir" "read")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.io.Win32FileSystem.getUserPath(Unknown Source)
at java.io.Win32FileSystem.resolve(Unknown Source)
at java.io.File.getAbsolutePath(Unknown Source)
at java.io.File.toURL(Unknown Source)
at ro.sync.util.URLUtil.correct(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentProvider.<init>(Unknown Source)
at ro.sync.ecss.extensions.api.component.AuthorComponentFactory.createEditorComponentProvider(Unknown Source)
at ro.sync.ecss.applet.AuthorComponent.<init>(AuthorComponent.java:410)
at ro.sync.ecss.applet.AuthorComponentApplet.createAuthorComponentEditor(AuthorComponentApplet.java:228)
at ro.sync.ecss.applet.AuthorComponentApplet.switchToEditor(AuthorComponentApplet.java:273)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
12:48:54,800 472190 ERROR [ Applet 2 LiveConnect Worker Thread ] ro.sync.exml.editor.vd - Could not change from Unknown to: Author because: java.security.AccessControlException: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
java.security.AccessControlException: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
Re: Oxygen Applet is hangs on after code security changes
Hi,
I also asked you to test the demo applet we have on our web site.
Does it have a similar behavior?
Also when you enable the Java console you can set it to full tracing:
From the log you posted it seems that the applet packed by you does not have permissions to do anything. Maybe setting the java console to full tracing will help, it will show how each JAR is downloaded and also if its signature is OK or not.
You have an HTTP server setup on your local machine, right? Could you also try to access the HTTP server from another machine in the same network and start the applet from there? I'm not sure if the applet has these limitations because it is run on the same machine, probably not though.
Regards,
Radu
I also asked you to test the demo applet we have on our web site.
Does it have a similar behavior?
Also when you enable the Java console you can set it to full tracing:
or you can press (5) in the Java console when it appears to show all tracing info.Open a console and run javaws -viewer;
In the Advanced tab, expand the Debugging category and check all boxes.
Expand the Java console category and choose Show console.
From the log you posted it seems that the applet packed by you does not have permissions to do anything. Maybe setting the java console to full tracing will help, it will show how each JAR is downloaded and also if its signature is OK or not.
You have an HTTP server setup on your local machine, right? Could you also try to access the HTTP server from another machine in the same network and start the applet from there? I'm not sure if the applet has these limitations because it is run on the same machine, probably not though.
Regards,
Radu
Radu Coravu
<oXygen/> XML Editor
http://www.oxygenxml.com
<oXygen/> XML Editor
http://www.oxygenxml.com
-
yury.eroshenkov
- Posts: 34
- Joined: Mon Jun 03, 2013 2:17 pm
Re: Oxygen Applet is hangs on after code security changes
Post by yury.eroshenkov »
1. The sample Oxygen applet is working fine without any warnings and hangs on and loaded in about 1 min.
2. I set debugging level 5 in the Java console and got a dozen strings like this:
I can send you the log from the beginnig (but not to the end, becouse it looks like endless), but the char count is limited at this forum.
Looks like, the java security mechanism requests certificate for all resources in the jars...
I've look at the console from your sample applet and the situation is different: looks like the certificate is requested for only hole jar bit not for all resources.
Why is the difference?
Some strings from the console in case of Oxygen Sample applet:
2. I set debugging level 5 in the Java console and got a dozen strings like this:
Code: Select all
ruleset: finding Deployment Rule Set for
title: <oXygen/> XML Author Component Applet
location: http://localhost:8888/oxygen-editor/author-component-dita.jnlp
main location: http://localhost:8888/oxygen-editor/lib/oxygen.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: AC90AF1BD01C1C0080F3EB2671E418C0F3DE7918E8A8B8DC6169603DF586A901
security: SHA-256Certificate finger print: 0CFC19DB681B014BFE3F23CB3A78B67208B4E3D8D7B6A7B1807F7CD6ECB2A54E
security: SHA-256Certificate finger print: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
security: The OCSP support is enabled
security: The CRL support is enabled
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: JNLP2ClassLoader.findClass: ro.sync.ecss.extensions.api.component.sync.ResourcesSynchronizer: try again ..
ruleset: finding Deployment Rule Set for
title: <oXygen/> XML Author Component Applet
location: http://localhost:8888/oxygen-editor/author-component-dita.jnlp
main location: http://localhost:8888/oxygen-editor/lib/oxygen.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: AC90AF1BD01C1C0080F3EB2671E418C0F3DE7918E8A8B8DC6169603DF586A901
security: SHA-256Certificate finger print: 0CFC19DB681B014BFE3F23CB3A78B67208B4E3D8D7B6A7B1807F7CD6ECB2A54E
security: SHA-256Certificate finger print: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
security: The OCSP support is enabled
security: The CRL support is enabled
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: JNLP2ClassLoader.findClass: ro.sync.ecss.extensions.api.component.sync.SyncInfoManager: try again ..
ruleset: finding Deployment Rule Set for
title: <oXygen/> XML Author Component Applet
location: http://localhost:8888/oxygen-editor/author-component-dita.jnlp
main location: http://localhost:8888/oxygen-editor/lib/oxygen.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: AC90AF1BD01C1C0080F3EB2671E418C0F3DE7918E8A8B8DC6169603DF586A901
security: SHA-256Certificate finger print: 0CFC19DB681B014BFE3F23CB3A78B67208B4E3D8D7B6A7B1807F7CD6ECB2A54E
security: SHA-256Certificate finger print: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
security: The OCSP support is enabled
security: The CRL support is enabled
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: JNLP2ClassLoader.findClass: ro.sync.ecss.extensions.api.component.sync.Resource2Synchronize: try again ..
ruleset: finding Deployment Rule Set for
title: <oXygen/> XML Author Component Applet
location: http://localhost:8888/oxygen-editor/author-component-dita.jnlp
main location: http://localhost:8888/oxygen-editor/lib/oxygen.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: AC90AF1BD01C1C0080F3EB2671E418C0F3DE7918E8A8B8DC6169603DF586A901
security: SHA-256Certificate finger print: 0CFC19DB681B014BFE3F23CB3A78B67208B4E3D8D7B6A7B1807F7CD6ECB2A54E
security: SHA-256Certificate finger print: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
security: The OCSP support is enabled
security: The CRL support is enabled
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: JNLP2ClassLoader.findClass: org.apache.log4j.spi.LoggingEvent: try again ..
ruleset: finding Deployment Rule Set for
title: <oXygen/> XML Author Component Applet
location: http://localhost:8888/oxygen-editor/author-component-dita.jnlp
main location: http://localhost:8888/oxygen-editor/lib/log4j.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: AC90AF1BD01C1C0080F3EB2671E418C0F3DE7918E8A8B8DC6169603DF586A901
security: SHA-256Certificate finger print: 0CFC19DB681B014BFE3F23CB3A78B67208B4E3D8D7B6A7B1807F7CD6ECB2A54E
security: SHA-256Certificate finger print: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
security: The OCSP support is enabled
security: The CRL support is enabled
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
log4j:WARN No appenders could be found for logger (ro.sync.ecss.extensions.api.component.sync.ResourcesSynchronizer).
log4j:WARN Please initialize the log4j system properly.
basic: JNLP2ClassLoader.findClass: org.apache.log4j.spi.ThrowableInformation: try again ..
ruleset: finding Deployment Rule Set for
title: <oXygen/> XML Author Component Applet
location: http://localhost:8888/oxygen-editor/author-component-dita.jnlp
main location: http://localhost:8888/oxygen-editor/lib/log4j.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: AC90AF1BD01C1C0080F3EB2671E418C0F3DE7918E8A8B8DC6169603DF586A901
security: SHA-256Certificate finger print: 0CFC19DB681B014BFE3F23CB3A78B67208B4E3D8D7B6A7B1807F7CD6ECB2A54E
security: SHA-256Certificate finger print: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
security: The OCSP support is enabled
security: The CRL support is enabled
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: JNLP2ClassLoader.findClass: org.apache.log4j.spi.VectorWriter: try again ..
ruleset: finding Deployment Rule Set for
title: <oXygen/> XML Author Component Applet
location: http://localhost:8888/oxygen-editor/author-component-dita.jnlp
main location: http://localhost:8888/oxygen-editor/lib/log4j.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: AC90AF1BD01C1C0080F3EB2671E418C0F3DE7918E8A8B8DC6169603DF586A901
security: SHA-256Certificate finger print: 0CFC19DB681B014BFE3F23CB3A78B67208B4E3D8D7B6A7B1807F7CD6ECB2A54E
security: SHA-256Certificate finger print: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
security: The OCSP support is enabled
security: The CRL support is enabled
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: JNLP2ClassLoader.findClass: ro.sync.ecss.extensions.api.component.sync.ExpandedSyncInfo: try again ..
ruleset: finding Deployment Rule Set for
title: <oXygen/> XML Author Component Applet
location: http://localhost:8888/oxygen-editor/author-component-dita.jnlp
main location: http://localhost:8888/oxygen-editor/lib/oxygen.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: AC90AF1BD01C1C0080F3EB2671E418C0F3DE7918E8A8B8DC6169603DF586A901
security: SHA-256Certificate finger print: 0CFC19DB681B014BFE3F23CB3A78B67208B4E3D8D7B6A7B1807F7CD6ECB2A54E
security: SHA-256Certificate finger print: 9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF
security: The OCSP support is enabled
security: The CRL support is enabled
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: JNLP2ClassLoader.findClass: ro.sync.exml.options.Options: try again ..
...................
Looks like, the java security mechanism requests certificate for all resources in the jars...
I've look at the console from your sample applet and the situation is different: looks like the certificate is requested for only hole jar bit not for all resources.
Why is the difference?
Some strings from the console in case of Oxygen Sample applet:
Code: Select all
basic: JNLP2ClassLoader.findClass: org.apache.log4j.CategoryKey: try again ..
basic: JNLP2ClassLoader.findClass: ro.sync.ecss.extensions.api.component.EditorComponentProvider: try again ..
basic: JNLP2ClassLoader.findClass: ro.sync.ecss.extensions.api.component.ComponentProvider: try again ..
basic: JNLP2ClassLoader.findClass: ro.sync.ecss.extensions.api.component.AuthorComponentFactory: try again ..
basic: JNLP2ClassLoader.findClass: ro.sync.exml.workspace.api.standalone.ReferencesCustomizer: try again ..
basic: JNLP2ClassLoader.findClass: ro.sync.exml.workspace.api.math.MathFlowConfigurator: try again ..
basic: JNLP2ClassLoader.findClass: ro.sync.ui.application.ApplicationMainFrameDescriptor: try again ..
Re: Oxygen Applet is hangs on after code security changes
Hi Yuri,
Then please send an email to support@oxygenxml.com containing the entire log received in the Java console when your applet fails to initialize.
Regards,
Radu
Then please send an email to support@oxygenxml.com containing the entire log received in the Java console when your applet fails to initialize.
Regards,
Radu
Radu Coravu
<oXygen/> XML Editor
http://www.oxygenxml.com
<oXygen/> XML Editor
http://www.oxygenxml.com
-
yury.eroshenkov
- Posts: 34
- Joined: Mon Jun 03, 2013 2:17 pm
Re: Oxygen Applet is hangs on after code security changes
Hi Yuri,
Thanks for the console data, one thing that puzzles me is this line:
The applet we have as demo on our web site also signs the JNLP (includes a copy of the JNLP file in the main JAR as a resource called JNLP-INF/APPLICATION.JNLP). Did you also sign your JNLP file?
More details here:
http://docs.oracle.com/javase/7/docs/te ... dJNLP.html
Maybe you should re-download our Author Component Startup Project:
http://www.oxygenxml.com/demo/AuthorDem ... roject.zip
and take a look at the build.xml which comes with it. Our ANT build file contains a couple of lines like:
Another problem seems to be the fact that for each class which needs to be loaded the certificate authority web site is contacted 4 times, but maybe this derives from the fact that the JNLP is not signed (although the JAR libraries are signed).
Regards,
Radu
Thanks for the console data, one thing that puzzles me is this line:
Code: Select all
security: Istrusted: http://localhost:8888/oxygen-editor/author-component-dita.jnlp falseMore details here:
http://docs.oracle.com/javase/7/docs/te ... dJNLP.html
Maybe you should re-download our Author Component Startup Project:
http://www.oxygenxml.com/demo/AuthorDem ... roject.zip
and take a look at the build.xml which comes with it. Our ANT build file contains a couple of lines like:
Code: Select all
<!--Also add the JNLP file in the JAR to avoid security problems.-->
<mkdir dir="classes/JNLP-INF"/>
<copy file="author-component-dita.jnlp" tofile="classes/JNLP-INF/APPLICATION.JNLP" overwrite="true"/>
<replace file="classes/JNLP-INF/APPLICATION.JNLP" token="@@CODEBASE@@" value="${codebase}"/>
<replace file="classes/JNLP-INF/APPLICATION.JNLP" token="@@HREF@@" value="${codebase}author-component-dita.jnlp"/> Regards,
Radu
Radu Coravu
<oXygen/> XML Editor
http://www.oxygenxml.com
<oXygen/> XML Editor
http://www.oxygenxml.com
-
yury.eroshenkov
- Posts: 34
- Joined: Mon Jun 03, 2013 2:17 pm
Re: Oxygen Applet is hangs on after code security changes
Post by yury.eroshenkov »
Thank you, Radu, for quick reply.
Actually, when we faced with applet sign task, we have gone through many different problems and finally with the problem of non-signed jnlp. In that case we saw another warning about it and sign the jnlp as you suggest. And we are using build.xml script from your sample project almost without changes.
And after we signed our jnlp we got valid massege with blue shild (as it have to be), but after that we got this problem, which we are discussing now.
So, i don't think that the reason is the non-signed jnlp file, and this problem
I think, you, Radu help me enough, and i will continue my investigation. Thank you very much!
Actually, when we faced with applet sign task, we have gone through many different problems and finally with the problem of non-signed jnlp. In that case we saw another warning about it and sign the jnlp as you suggest. And we are using build.xml script from your sample project almost without changes.
And after we signed our jnlp we got valid massege with blue shild (as it have to be), but after that we got this problem, which we are discussing now.
So, i don't think that the reason is the non-signed jnlp file, and this problem
is not the result of the non-signed jnlp, but some other reason...Another problem seems to be the fact that for each class which needs to be loaded the certificate authority web site is contacted 4 times
I think, you, Radu help me enough, and i will continue my investigation. Thank you very much!
Re: Oxygen Applet is hangs on after code security changes
Hi Yuri,
No problem, if you find anything please update this thread.
You may want to double check that the JNLP included in the JAR has the same content as the one outside the main applet JAR.
Also, one of the causes that the Java applets container is very eager to check multiple times that the JAR library is correctly signed might be caused by the default activation of the online certificate revocation check:
http://www.oxygenxml.com/forum/post27996.html#p27996
But this would not be an explanation for the fact that in your case when each class is loaded the browser applet container connects 3-4 times to the certificate provider site to perform checks.
Regards,
Radu
No problem, if you find anything please update this thread.
You may want to double check that the JNLP included in the JAR has the same content as the one outside the main applet JAR.
Also, one of the causes that the Java applets container is very eager to check multiple times that the JAR library is correctly signed might be caused by the default activation of the online certificate revocation check:
http://www.oxygenxml.com/forum/post27996.html#p27996
But this would not be an explanation for the fact that in your case when each class is loaded the browser applet container connects 3-4 times to the certificate provider site to perform checks.
Regards,
Radu
Radu Coravu
<oXygen/> XML Editor
http://www.oxygenxml.com
<oXygen/> XML Editor
http://www.oxygenxml.com
-
yury.eroshenkov
- Posts: 34
- Joined: Mon Jun 03, 2013 2:17 pm
Re: Oxygen Applet is hangs on after code security changes
Post by yury.eroshenkov »
Hi, Radu!
Finally, i've solved the problem!
I've found a thread on the stackoverflow.com with the same problem (http://stackoverflow.com/questions/6610 ... ut-popups?).
And the solution is the insecure java debug arguments in the jnlp:
Removing this args solved the issue!
Best,
Yury Eroshenkov
Finally, i've solved the problem!
I've found a thread on the stackoverflow.com with the same problem (http://stackoverflow.com/questions/6610 ... ut-popups?).
And the solution is the insecure java debug arguments in the jnlp:
Code: Select all
<j2se java-vm-args="-Xmx512m -XX:MaxPermSize=80m [b]-Xss4m -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5021[/b]" version="1.6+"
href="http://java.sun.com/products/autodl/j2se"/>
Best,
Yury Eroshenkov
Re: Oxygen Applet is hangs on after code security changes
Hi Yury,
Thanks for sharing the solution with us, this is the kind of problem which takes days to figure out because the Java application does not report enough useful details for the security problem.
Regards,
Radu
Thanks for sharing the solution with us, this is the kind of problem which takes days to figure out because the Java application does not report enough useful details for the security problem.
Regards,
Radu
Radu Coravu
<oXygen/> XML Editor
http://www.oxygenxml.com
<oXygen/> XML Editor
http://www.oxygenxml.com
Jump to
- Oxygen XML Editor/Author/Developer
- ↳ Feature Request
- ↳ Common Problems
- ↳ DITA (Editing and Publishing DITA Content)
- ↳ SDK-API, Frameworks - Document Types
- ↳ DocBook
- ↳ TEI
- ↳ XHTML
- ↳ Other Issues
- Oxygen XML Web Author
- ↳ Feature Request
- ↳ Common Problems
- Oxygen Content Fusion
- ↳ Feature Request
- ↳ Common Problems
- Oxygen JSON Editor
- ↳ Feature Request
- ↳ Common Problems
- Oxygen PDF Chemistry
- ↳ Feature Request
- ↳ Common Problems
- Oxygen Feedback
- ↳ Feature Request
- ↳ Common Problems
- Oxygen XML WebHelp
- ↳ Feature Request
- ↳ Common Problems
- XML
- ↳ General XML Questions
- ↳ XSLT and FOP
- ↳ XML Schemas
- ↳ XQuery
- NVDL
- ↳ General NVDL Issues
- ↳ oNVDL Related Issues
- XML Services Market
- ↳ Offer a Service