StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POsigned jar file-- jnlp fails to prompt user to accept certificate
primarykey
Id
18679602
data
AcceptedAnswerId
0
AnswerCount
1
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2013-09-08T01:39:58.513
FavoriteCount
0
LastActivityDate
2013-09-08T19:30:55.777
LastEditDate
2017-05-23T12:06:54.907
LastEditorUserId
-1
OwnerUserId
2757955
ParentId
0
PostTypeId
1
Score
5
ViewCount
1189
LastEditorDisplayName
text
Body
I am an amateur programmer. I created an application which consists of a single, self-signed jar file. The application will be used only by students in my math class, so I think self-signing is okay. I followed the Oracle instructions to sign the jar and then used the jarsigner tool to verify the jar. Supposedly, it was fine. In the .jnlp file, I included the security tag with all-permissions: <pre class="lang-xml prettyprint-override"><code> <security> <all-permissions/> </security> </code></pre> When the program launches, however, I never see a dialog prompting the user to accept the certificate or asking for some kind of permission to run on the client computer. It was my understanding that I should see such a dialog, according to Oracle documentation. I have read this page on stackoverflow: <a href="https://stackoverflow.com/questions/10918777/jnlp-get-a-permission">JNLP get a permission</a> and I have a similar situation in that I get a security exception. In my case, the exception is thrown when the app attempts to show a filechooser dialog: <pre><code>java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read) </code></pre> This is because the user was never asked to provide permission. I believe I followed the advice on that stackoverflow page, but it doesn't seem to be working for me. It's like the jar appears to be unsigned. I even tried removing the all-permissions tag and got exactly the same behavior. I have looked inside the jar and I can see that the two required files are in there: MYKEY.DSA and MYKEY.SF. I looked inside the readable one (.SF) and it contains the text that should be there. I believe that is all the jar needs in order to be signed. So here are my questions: 1) Does it matter what the names are of the .DSA and .SF files are, with respect to the app? Currently they just have the name of the alias I used with keytool. 2) Does it matter if the java version on my server is 1.7 while the java version on my development computer is 1.6? I need to compile in 1.6 because our school has not upgraded to 1.7, so when it runs on client computers it needs to be 1.6. 3) Is there a way to determine which version of jarsigner I am using when I run it from the terminal? I tried jarsigner -version, but that is not one of the options. I notice that the top of the MYKEY.SF file looks like this: <pre><code> Signature-Version: 1.0 Created-By: 1.4.2-02 (Blackdown Java-Linux Team) SHA1-Digest-Manifest: OHMs6w/CQlG3MVYNxC7l1vTWdZw= Name: org/arps/tranz/TranzActionMap.class SHA1-Digest: dSI3RKfgUrRHbwnZLyXbkiJLWdU= </code></pre> Does this mean that there is actually some older version of jarsigner running? I didn't think Java 1.4 was still on my computer. In any case, my version of jarsigner seems to create the same kind of file as seen here: <a href="http://docs.oracle.com/javase/tutorial/deployment/jar/intro.html" rel="nofollow noreferrer">http://docs.oracle.com/javase/tutorial/deployment/jar/intro.html</a> I don't know if files created by a 1.6 jarsigner or 1.7 jarsigner look any different, or if it should matter. 4) If the version of jarsigner is the culprit, how do I force a newer version of jarsigner to run from the terminal (Ubuntu)? Thanks for your help. As I said at the start, I am an amateur programmer. All I really want to do is to be ready for my classes next week. UPDATE: After struggling for quite a time with a jar tool that couldn't find libjli.so, I have now successfully used the 1.6 jar tool and jarsigner tool, so that the top of the MYKEY.SF file looks like this: <pre><code> Signature-Version: 1.0 SHA1-Digest-Manifest-Main-Attributes: DGUFMaJYirZi//67NI+M5RVi63k= Created-By: 1.6.0_03 (Sun Microsystems Inc.) SHA1-Digest-Manifest: ZPS3aOyPW/tymxbGdfe4/qBVK/g= </code></pre> But I still get the same behavior, where the app starts to launch without asking the user to accept the certificate. So now my main question is: Does it matter that the jar was created with 1.6 while my server is running 1.7? I don't know how much java activity actually happens on the server. At some point, it switches over to the client computer but I assume parts of jnlp happen on the server first.
Tags
<java><security><jar><java-web-start><jnlp>
Title
signed jar file-- jnlp fails to prompt user to accept certificate
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USCommunity
UserOwnerUserId
1. USNina Koch
plurals
PostLinksPostIdRelatedPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POsigned jar file-- jnlp fails to prompt user to accept certificate
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POsigned jar file-- jnlp fails to prompt user to accept certificate
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POsigned jar file-- jnlp fails to prompt user to accept certificate
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COBe sure to validate the JNLP using [JaNeLA](http://pscode.org/janela/).
 singulars
 PostPostId
 POsigned jar file-- jnlp fails to prompt user to accept certificate
 UserUserId
 USAndrew Thompson

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.