最近遇到了这样的一个问题,一个JWS程序,在JRE1.6.0_13上运行没有问题,但是在JRE1.6.0_22上运行就会报出如下异常,
java.lang.SecurityException: class “org.apache.log4j.Logger” does not match trust level of other classes in the same package
1. 在oracle网站发现一个说明,
http://download.oracle.com/javase/6/docs/technotes/guides/jweb/mixed_code.html
在update19以后会有这个问题。
2. 在stackoverflow问了下,http://stackoverflow.com/questions/4680823/java-lang-securityexception-class-org-apache-log4j-logger-does-not-match-trust
原因是extension的JNLP没有指定security,加上后解决。
3. 开java console的debug,
We can see more detail information by enabling the debug info of java console by
adding following statement in the deployment.properties under “D:/Documents and
Settings/login/Application Data/Sun/Java/Deployment”, the directory varies with
your PC. For more detail, refer to http://download.oracle.com/javase/1.5.0/docs/guide/deployment/deployment-guide/properties.html
deployment.trace.level=all
After enabling this option, we can
see much much more info in the java console, which will benefit our debugging a
lot. Here is a fragment of the debugging info (before JNLP files
change).
security: JAVAWS AppPolicy
Permission requested for:
https://localhost/jars/log4j-1.2.12.jar
security: Add sandbox
permissions
security: JAVAWS AppPolicy
Permission requested for:
https://
localhost
/jars/jfreechart-1.0.0.jar
security: Add sandbox
permissions
…
security: JAVAWS AppPolicy
Permission requested for:
https://
localhost
/jars/sessierstub.jar
security: Istrusted:
https://
localhost
/a.jnlp true
security: JAVAWS AppPolicy
Permission requested for:
https://
localhost
/jars/libsmmon.jar
security: Istrusted:
https://
localhost
/b.jnlp
true
security: JAVAWS AppPolicy
Permission requested for:
https://
localhost
/jars/libamv.jar
security: Istrusted:
https://
localhost
/b.jnlp
true
security: resource name
"org/apache/log4j/Logger.class" in
https://
localhost
/jars/log4j-1.2.12.jar :
java.lang.SecurityException: class "org.apache.log4j.Logger" does not match
trust level of other classes in the same package
4. The relationship between the security configuration and the jar signature status
is shown in following table.
|
<security>
<all-permissions/>
</security
-->
|
<
!--
security>
<all-permissions/>
</security
-->
|
Signed jar
file
|
basic: Main-class:
Jar1
cache: Read manifest for
http://localhost:8080/T/jar1_mix.jar: read=347
full=347
security: JAVAWS AppPolicy
Permission requested for:
http://localhost:8080/T/jar1_mix.jar
security: Istrusted:
http://localhost:8080/T/test.jnlp true
security: JAVAWS AppPolicy
Permission requested for:
http://localhost:8080/T/jar1_mix.jar
security: Istrusted:
http://localhost:8080/T/test.jnlp true
network: Connecting
socket://127.0.0.1:1964 with proxy=DIRECT
I am in org.apache.log
1
hello
|
basic: Main-class:
Jar1
security: JAVAWS AppPolicy
Permission requested for:
http://localhost:8080/T/jar1_mix.jar
security: Add sandbox
permissions
security: resource name
"Jar1.class" in http://localhost:8080/T/jar1_mix.jar :
java.lang.SecurityException: attempted to open sandboxed jar
http://localhost:8080/T/jar1_mix.jar as a
Trusted-Library
#### Java Web Start
Error:
#### attempted to open
sandboxed jar http://localhost:8080/T/jar1_mix.jar as a
Trusted-Library
|
Unsigned
jar file
|
#### Java Web Start
Error:
#### Found unsigned entry in
resource: http://localhost:8080/T/jar1.jar
|
basic: Main-class:
Jar1
cache: Reading Signers from 0
http://localhost:8080/T/jar1.jar | D:/Documents and Settings/hosun/Application
Data/Sun/Java/Deployment/cache/6.0/51/26f984b3-48893e42.idx
network: No certificate info
for unsigned JAR file:
http://localhost:8080/T/jar1.jar
network: No certificate info
for unsigned JAR file:
http://localhost:8080/T/jar1.jar
cache: Read manifest for
http://localhost:8080/T/jar1.jar: read=63 full=63
security: JAVAWS AppPolicy
Permission requested for:
http://localhost:8080/T/jar1.jar
security: Add sandbox
permissions
security: JAVAWS AppPolicy
Permission requested for:
http://localhost:8080/T/jar1.jar
security: Add sandbox
permissions
network: Connecting
socket://127.0.0.1:1931 with proxy=DIRECT
I am in org.apache.log
1
hello
|
5. Java console log contents can be saved, make sure the options are enabled(控制面板=>Java=>advanced=>debug). The
logs are located in D:/Documents and Settings/login/Application
Data/Sun/Java/Deployment/log
6. For more information about JNLP and Java Web Start,
http://mindprod.com/jgloss/javawebstart.html
http://lopica.sourceforge.net/faq.html
http://download.oracle.com/javase/1.5.0/docs/guide/javaws/developersguide/faq.html
http://download.oracle.com/javase/1.5.0/docs/guide/javaws/developersguide/troubleshooting.03.06.html
http://download.oracle.com/javase/1.5.0/docs/guide/javaws/developersguide/contents.html
contains the JNLP spec.
分享到:
相关推荐
to learn more ,you can review the list of common issues and workarounds or examine the log file. Cordova 3.0 Plugin 安装 及"git" command line tool is not installed 根据...
angular4+bootstrap4代码, Support for my items includes: </p> <li><a> Responding to questions or problems regarding the item and its features ... Item support does not include: </p> <ul>
This enables all optional modules and features with the exception of Oracle, SAP R/3 and the apple filing protocol - which you will need to download and install from the vendor's web sites. For all ...
Communicate between devices in the boundaries of the UWP model Create sounds in the app and place them in a 3D space Build simple apps that display holograms Interact with the physical environment ...
I have made changes throughout the book: fixing problems, improving presentations, in some cases reordering material to improve the flow of ideas, and deleting a few small items. Hopefully these ...
* The name and exact version of your operating system (e.g. NT4 SP5). * The exact version of the Internet Explorer installed on your system. If you can provide me with a minimal application which ...
Run this command in the directory with the source code and it will automatically compile static and shared libraries and a little test program (not the full test suite). ``` make all
This is again a bugfix-only release on the 2.1.x branch fixing numerous smaller bugs. For a changelog, see the git log here: https://git.savannah.nongnu.org/cgit/lwip.git/log/?h=STABLE-2_1_3_RELEASE ...
It’s All the Same, Just Different Now with More Savings! DIY Rotation Forcing the Issue Making Sense of It All ■Chapter 20: Working with Resources The Resource Lineup String Theory Plain ...
* Improved security fix: don't match for "OpenSC" in the card label. * New support for Feitian ePass3000 by Weitao Sun. * GemSafeV1 improved to handle key_ref other than 3 by Douglas E. Engert New ...
* fixed: number of subtitles was not appended to demuxed subtitles' file name * fixed: dialnorm removal (for Nero decoder) failed with some 2.0 TrueHD files v3.16 * added undocumented "-no2ndpass" ...
- 'AutoTrace' will not use the Tracer Level2 anymore (play CAREFULLY with the TL2 because it's a global hook) - Windows 95 Support (Thanks to EliCZ, Unknown One and ZigD for testing) - Tested ...
Fixing permissions to correct value rwx------ 18/05/25 19:51:34 INFO input.FileInputFormat: Total input paths to process : 3 18/05/25 19:51:35 INFO mapreduce.JobSubmitter: number of splits:3 18/05/25...
Understanding and fixing the NoReverseMatch exception 219 Debug page #4: TemplateDoesNotExist at /thanks/1/ 221 Understanding and fixing TemplateDoesNotExist 223 Handling invalid Survey submissions...
– AUTOSAR 4.2 – the transformer was added for serialization as well as other optimizations. – AUTOSAR 4.3 – fixing some transformer bugs, adding support for large UDP messages with SOME/IP-TP as ...
Bugfix: fixed remote edition of multiple files in SSH-browser when remote files had the same names Bugfix: aligned sessions tree to the left at start up Bugfix: fixed some issues with MobApt when ...
By the way: The superscript dot of the letter i was added in the Middle Ages to distinguish the letter (in manuscripts) from adjacent vertical strokes in such letters as u, m, and n. J is a variant ...
此问题在“修复 Unix/Linux/POSIX 文件名:控制字符(例如换行符)、前导破折号和其他问题”(http://www.dwheeler.com/essays/fixing-unix-linux-filenames. html)。 “Shell 中的文件名和路径名:如何正确执行”...
This book was generated by the volunteers at Wikibooks, a team of people from around the world with varying backgrounds. The people who wrote this book may not be experts in the field. Some may not ...
// For TODOs, BUGs, and NOTEs please use the standard form://// // TODO(username): ...//// The username (generally yours) means "for more information see", not// "I claim responsibility for fixing ...