English 中文(简体)
Signing Applet with Maven jar plug-in and Bouncy Castle
原标题:

I have a problem with a signed Java applet - specifically, why it is not signed using my certificate. I m using Maven in Eclipse.

The applet (a) allows the user to choose a local file or directory, (b) encrypts the file(s), and (c) uploads the file(s) to the a PHP based web page. The applet is signed, presumably using my certificate - i.e., through Maven code, using the maven-jar plug-in. For example:

<plugin>                
   <groupId>org.apache.maven.plugins</groupId>
   <artifactId>maven-jar-plugin</artifactId>                
<executions>

sign

/
/images/ src/main/resources/META-INF/MANIFEST.MF false [PATH_TO_MY_KEYSTORE] [MY ALIAS] [******] [******] [PATH_TO_SIGNED_JAR] true true

(Obviously I ve masked some of this because I work for paranoid gits!) Everything is packaged up nicely and the applet loads in the page; however, two things are troublesome: (1) when the applet loads, it identifies the Legion of Bouncy Castle as the certificate used to sign the applet and (2) while the applet, using a JFileChooser can access the file system, an "access denied" permission - to the file(s) - is thrown when trying to execute (c) above, sending the file to the web site. (I use Apache HTTP Components to do so.)

My applet is packaged separately from the dependent jars - including Bouncy Castle jars.

My question is: Why is BC the signer of my applet and not my own certificate, as identified above? Is this a Maven problem? In development, of course, everything works fine because Eclipse writes the policy file for the Applet Viewer.

Here is a snippet of the output in Eclipse - it looks like everything should be honky-dory:

[DEBUG] Configuring mojo  org.apache.maven.plugins:maven-jar-plugin:2.2:sign  with basic configurator -->
[DEBUG]   (s) alias = myalias
[DEBUG]   (s) basedir = C:..	arget
[DEBUG]   (f) finalName = app-0.0.1-SNAPSHOT
[DEBUG]   (s) jarPath = C:..app-0.0.1-SNAPSHOT.jar
[DEBUG]   (s) keypass = 1234
[DEBUG]   (s) keystore = C:..my.keystore
[DEBUG]   (s) project = MavenProject: App:app:0.0.1-SNAPSHOT @ C:..apppom.xml
[DEBUG]   (f) signedjar = C:..signed.jar
[DEBUG]   (f) skip = false
[DEBUG]   (s) storepass = 1234
[DEBUG]   (s) verbose = true
[DEBUG]   (s) verify = true
[DEBUG]   (f) workingDirectory = C:..app
[DEBUG] -- end configuration --
[INFO] [jar:sign]
[DEBUG] Setting context classloader for plugin to: /plugins/org.apache.maven.plugins:maven-jar-plugin:2.2@48/thread:main (instance is: ClassRealm[/plugins/org.apache.maven.plugins:maven-jar-plugin:2.2@48/thread:main, parent: ClassRealm[plexus.core, parent: null]])
[DEBUG] jarsigner executable=[C:Javajdk1.6.0_16jre..injarsigner.exe]
[DEBUG] mdkirs: false C:..app
[DEBUG] Executing: cmd.exe /X /C  "C:Javajdk1.6.0_16jre..injarsigner.exe -verbose -keystore C:...my.keystore -storepass ****** -keypass ****** -signedjar C:...signed.jar C:...	argetapp-0.0.1-SNAPSHOT.jar myalias" 
[INFO]  updating: META-INF/MANIFEST.MF
[INFO]    adding: META-INF/APP.SF
[INFO]    adding: META-INF/APP.RSA
[INFO]    adding: com/
[INFO]    adding: com/applet/
  ...
[INFO]    adding: images/
[INFO]   signing: com/applet/DemoApplet$1.class
[INFO]   signing: log4j.xml
[INFO]   signing: target.classes
[debug] jarsigner executable=[C:Javajdk1.6.0_16jre..injarsigner.exe]
[debug] Executing: cmd.exe /X /C  "C:Javajdk1.6.0_16jre..injarsigner.exe -verify -verbose C:...signed.jar"

Any help would be greatly appreciated. Thanks. Incidentally, here is the stack trace:

General exception: access denied (java.io.FilePermission C:Documents and SettingsPaulMy Documents	ext.txt read)
java.security.AccessControlException: access denied (java.io.FilePermission C:Documents and SettingsPaulMy Documents	ext.txt read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkRead(Unknown Source)
at java.io.File.isFile(Unknown Source)
at sun.awt.shell.ShellFolder.isFile(Unknown Source)
at org.apache.commons.httpclient.methods.multipart.FilePartSource.<init>(FilePartSource.java:68)
at com.securustek.applet.DemoApplet.sendFiles(DemoApplet.java:1098)
at com.securustek.applet.DemoApplet.actionPerformed(DemoApplet.java:448)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)

Thanks again.

问题回答

I am not sure but it may be because of the certificate itself because the security access problem... I mean it may expire. Is it new created? But still there should be more details to analyze...

Have you checked the MANIFEST classes structure? Are they all signed?

时间:2011-08-08 21:03:42


上一篇:
下一篇:


相关问题
signed java applet restrictions?

I wrote a java applet and self signed it. When I run it in eclipse or as a executable jar it works fine. But when I upload it, it doesn t do anything. It loads, and the self signed cert warning does ...

时间:2009-11-25 18:02:27 回答:3 展示:1
Conversion of a Java Web Start app to an Applet

I m trying to figure out how difficult it would be to convert a Java Web Start app to an applet. Theoretically, if the application didn t do anything such as write to the file system...basically if ...

时间:2009-11-20 05:09:58 回答:1 展示:1
Calling Applet function from RegisterStartupScript

What I m trying to do is call a Java Applet method immediately after PostBack of an ASP.NET page. In order to accomplish this I m using the ScriptManager.RegisterStartupScript function which I pass a ...

时间:2009-11-16 17:28:26 回答:1 展示:1
How to create a side scroller game?

I want to create a game where the user can go to the right-most part of the screen, and if they go any further, they will slide into a new view. So basically, if they have 3 monsters chasing them on ...

时间:2009-11-16 06:42:27 回答:1 展示:1
Include a .txt file in a .h in C++?

I have a number of places where I need to re-use some template code. Many classes need these items In a .h could I do something like: #include <xxx.txt> and place all of this code in the ....

时间:2009-11-14 00:40:15 回答:3 展示:1
Migrate Java Applet to what/where?

I am reviewing currently a medium size code base (around 30K LOC) which uses a huge Applet and interfaces with other systems. It s a tool to create custom labels, so we need drag-n-drop and other ...

时间:2009-11-13 10:25:09 回答:4 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全