When I put the following dependency (and all of its transitive deps as well) on my classpath:
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>test-jetty-servlet</artifactId>
<version>8.1.14.v20131031</version>
</dependency>
And run this JUnit test:
public class MySimpleTest {
private ServletTester tester;
@Before
public void setUp() {
tester = new ServletTester();
tester.contextPath = "http://localhost:8080/myapp/location";
tester.addServlet(MyAppMockEndpoint.class, "/address/*");
tester.start();
}
@After
public void tearDown() {
tester.stop();
}
@Test
public void test() {
// Dummy assertion that is always true, just to prove its not
// my code throwing the exception.
Assert.assertTrue(System.currentTimeMillis() > 0L);
}
public class MyAppMockEndpoint extends HttpServlet {
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.getWriter().println(provideJson())
response.getWriter().flush()
}
public String provideJson() {
return "{ \"id\": 5, \"fizz\": \"true\", \"buzz\": \"false\" }";
}
}
}
I get this:
java.lang.SecurityException: class "javax.servlet.DispatcherType"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java:952)
at java.lang.ClassLoader.preDefineClass(ClassLoader.java:666)
at java.lang.ClassLoader.defineClass(ClassLoader.java:794)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
<giant stack trace omitted for brevity>
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)
Why? What's the fix? If one of the transitive dependencies is signed, how do I tell which one? Is there a way to specify unsigned versions of all the transitive deps? Is there another issue going on here, or a better solution?
