1

I'm having problems to deploy a signed applet (certificate from a trusted CA) on a new webserver. It is running fine on my old webserver, but when I transfer it to the new host, it is blocked by Java security settings.

I deploy it like this in my html file:

<div id="applet">
<script>
    var attributes = {codebase:'http://ab123.wwwdns.example.com/Applet/',
                      code: 'db.main.ExApplet',
                      archive: 'ExampleApplet.jar',
                      width: '1150', 
                      height: '700',
                      permissions: 'sandbox'};
    var parameters = {}; 
    var version = '1.6';
    deployJava.runApplet(attributes, parameters, version);
</script>
</div>

my MANIFEST file contains the following lines:

Manifest-Version: 1.0
Application-Name: Example Name
Permissions: sandbox
Caller-Allowable-Codebase: *.example.com http://ab123.wwwdns.example.com http://other.example.com
Codebase: *.example.com http://ab123.wwwdns.example.com http://other.example.com
Application-Library-Allowable-Codebase: *.example.com http://ab123.wwwdns.example.com http://other.example.com
Entry-Point: db.main.ExApplet

(previously I tried it with only specifying *.example.com but this did not work either)

I guess the problem is related to the fact that the applet can now be accessed by two different URLs (ab123.wwwdns.example.com and other.example.com)?

Here is an excerpt from the Java Console (Java 8 Update 71 build 15 Plugin on Firefox):

java.lang.reflect.InvocationTargetException
...
Caused by: com.sun.deploy.security.BlockedException: Your security settings have blocked an untrusted application from running
    at com.sun.deploy.security.BlockedDialog.show(Unknown Source)
    at com.sun.deploy.security.SandboxSecurity.checkRunUntrusted(Unknown Source)
    at 
com.sun.deploy.security.SandboxSecurity.checkUnsignedSandboxSecurity(Unknown Source)
...

Any hints are welcome!

user4266231
  • 11
  • 4

1 Answers1

0

I finally resolved my problems; I found out that the 'Unknown Source' Error was due to the fact that external libraries I use could not be found. This is weird, as I used the exact same architecture for accessing the external libraries as I did on the old server, but on the new server this did not work for some (to me unknown) reason.

Here a list of changes that I made to make the Applet work during my research and now it's running perfectly fine, hopefully this will help others who have problems with deploying their applets as well:

  • I removed the codebase attribute from my html file
  • I used the wildcard *.example.com in my MANIFEST file
  • I moved all external libraries to the same folder as ExampleApplet.jar and additionally did not add them to the ExampleApplet.jar file anymore
  • previously I had a dot (.) in my Class-Path attribute, which I also removed

html file

<div id="applet">
<script>
    var attributes = {code: 'db.main.ExApplet',
                      archive: 'ExampleApplet.jar',
                      width: '1150', 
                      height: '700',
                      permissions: 'sandbox'};
    var parameters = {}; 
    var version = '1.6';
    deployJava.runApplet(attributes, parameters, version);
</script>
</div>

MANIFEST file

Manifest-Version: 1.0
Application-Name: Example Name
Permissions: sandbox
Caller-Allowable-Codebase: *.example.com 
Codebase: *.example.com 
Application-Library-Allowable-Codebase: *.example.com
Class-Path: external1.jar external2.jar
Entry-Point: db.main.ExApplet

(previously the Class-Path had looked like this and the external libraries where located under lib/ and additionally within ExampleApplet.jar):

Class-Path: . lib/external1.jar lib/external2.jar
user4266231
  • 11
  • 4