0

We need to sign all 5 .class java files. That we have done by creating a .jar file and signed it too. But while executing my web application it is showing below error message in Java Console 

java.lang.SecurityException: attempted to open sandboxed jar https://xxxxxxxxxxx.com/xxxx/JavaApplet.jar as Trusted-Only
at com.sun.deploy.security.CPCallbackHandler$ParentElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Exception: java.lang.SecurityException: attempted to open sandboxed jar https://xxxxxxxxxxx.com/xxxx/JavaApplet.jar as Trusted-Only*

I am not sure about this error. I have signed Jar 3-4 times after getting this error but I am getting same error again again.

Please can anybody help me if I am doing something wrong?

Hulk1991
  • 3,079
  • 13
  • 31
  • 46
Ankur
  • 1
  • 1
  • 1

1 Answers1

1

Check your Manifest.mf file of jar. This should contain the Trusted-Library: true if you are using MixedCode(Applet called from the javascript) and your files are self signed. oracle has released latest security updates in Java 7 update 21. According to the release notes you must sign your code with CA certificates only, else JRE will treat your code as malicious. oracle is totally deprecating the Mixedcode. Please check the release notes of latest updates. But before adding the attribute Trusted-Library: true in manifest.mf make sure you are aware of the effects of the attribute.

gusainhimanshu
  • 157
  • 1
  • 11