Login/Register
Java jnlp application blocked by Security settings
Asked Answered
javasecuritycertificatejava-web-startjnlp
R

7

18

I have an enterprise java application that has plenty of jars that are downloaded to the client's jvm cache by a jnlp file. When I start the application I get the following stack trace on Java Console:

        Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException
at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source)
at com.sun.deploy.ui.DialogTemplate.finalImageAvailable(Unknown Source)
at com.sun.deploy.ui.ImageLoader$2.run(Unknown Source)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
       Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException
at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source)
at com.sun.deploy.ui.DialogTemplate.finalImageAvailable(Unknown Source)
at com.sun.deploy.ui.ImageLoader$2.run(Unknown Source)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$200(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
    #### Java Web Start Error:
    #### The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel.

My JNLP File is like the following with some censored descriptions:

<?xml version="1.0" encoding="utf-8"?>
<jnlp spec="1.0+" codebase="http://10.100.10.9/ikarusdelhitest/" href="ikarus.jnlp">
<information>
    <title>ikarus</title>
    <vendor>my company</vendor>
    <homepage href="http://www.mycompanyaddress.com" />
    <description>My enterprise java ee swing application</description>
    <icon href="ikarus.jpg" />
    <offline-allowed />
</information>
<security>
    <all-permissions />
</security> 
<resources> 
    <jar href="jars/ikarus/ikarusClient.jar" />
    <jar href="jars/ikarus/ikarusDelegators.jar" />
    <jar href="jars/ikarus/clientRules.jar" />
    <jar href="jars/ikarus/ruleImps.jar" />
    <jar href="jars/ikarus/ikarusUtil.jar" />
    <jar href="jars/ikarus/ikarusResources.jar" />
    <jar href="jars/ikarus/domain.jar" />
    <jar href="jars/ikarus/domain_repository.jar" />
    <jar href="jars/ikarus/domain_service.jar" />
    <jar href="jars/ikarus/app_repository.jar" />
    <jar href="jars/ikarus/app_service.jar" />
    <jar href="jars/ikarus/infrastructure.jar" />
    <jar href="jars/ikarus/integration_domain.jar" />
    <jar href="jars/jboss_ejb_auth/ejb3-persistence.jar" />
    <jar href="jars/jboss_ejb_auth/jboss-ejb3x.jar" />
    <jar href="jars/jboss_ejb_auth/jbossall-client.jar" />
    <jar href="jars/jasper/commons-beanutils-1.8.0.jar" />
    <jar href="jars/jasper/commons-collections-3.2.1.jar" />
    <jar href="jars/jasper/commons-digester-1.7.jar" />
    <jar href="jars/jasper/commons-logging-1.1.jar" />
    <jar href="jars/jasper/iText-2.1.0.jar" />
    <jar href="jars/jasper/jasperreports-3.6.0.jar" />
    <jar href="jars/jasper/poi-3.2-FINAL-20081019.jar" />
    <property name="jnlp.localization" value="Delhi"/>
</resources>
<application-desc main-class="com.celebi.ikarus.main.Ikarus" />

ALso note that I get some different exception details on the more information panel:

com.sun.deploy.security.BlockedException: The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel.
at com.sun.deploy.security.SandboxSecurity.showBlockedDialog(Unknown Source)
at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
at com.sun.javaws.security.AppPolicy.addPermissions(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.getTrustedCodeSources(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$100(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.SecurityException: Invalid Permissions value: all-permissions  
at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source)
at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source)
... 39 more

I dont have any security restrictions for security on java control panel. It is at the medium level as follows: here

Thanks for any help

New Edit: I got more explanatory stacktrace when I tried to run this jnlp from a jvm 1.6 machine as follows:

java.lang.NoClassDefFoundError: javax/ejb/EJBAccessException
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Unknown Source)
at java.lang.Class.getMethod0(Unknown Source)
at java.lang.Class.getMethod(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.ClassNotFoundException: javax.ejb.EJBAccessException
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
Relieve answered 7/1, 2014 at 9:27 Comment(4)
does the line java.lang.SecurityException: Invalid Permissions value: all-permissions map to the jnlp file or my manifest files inside jars?Relieve
Huh.. again you have surprised me. I fully expected that adding all-permissions would solve the next problem the app. faced. I'll do some thinking on it..Brumley
May the <security> <all-permissions /> </security> in jnlp file and Permissions: all-permissions line in manifest file conflicting? Is this possible? Which one overrides the other?Relieve
No, they are in agreement as they should be.Brumley
M
19

I fixed this by going into the Java Control Panel (Start Menu > All Programs > Java > Configure Java) and adding two URLs to the Security Edit Site List.

http://code.google.com

http://androidscreencast.googlecode.com

For Mac System Preferences > Java

Where to add these sites

Java Control Panel > Security Tab > Edit Site List > Add > Apply > Ok enter image description here

Mcavoy answered 11/3, 2015 at 5:45 Comment(0)
M
7

I tried to add the item file:/ and worked.

enter image description here

Majormajordomo answered 15/7, 2016 at 11:34 Comment(0)
I
3

I recommend you to enable tracing and logging, see here how:

enter image description here

And then run the application from command line.

javaws -verbose AppName.jnlp

Then you could check for clues in log and trace files stored in this path

\Documents and Settings\<USERNAME>\Application Data\Sun\Java\Deployment\log

img source:

http://www.cisco.com/c/en/us/support/docs/security/hostscan/117097-trouble-java7-00.html

Idolla answered 24/10, 2014 at 15:55 Comment(1)
for those interested, the equivalent directory on Windows 10 is C:\Users\<USERNAME>\AppData\LocalLow\Sun\Java\DeploymentDissatisfy
B
1

I had a very similar problem (Correctly signed JNLP application prevented from running in Java 7)

I fixed it by ensuring

  • I compiled using 1.7

  • I updated my JNLP file to enforce 1.7

    <resources>
    <j2se version="1.7*" java-vm-args="-Xmx32m" max-heap-size="32m" href="http://java.sun.com/products/autodl/j2se"/>

Brynn answered 10/2, 2014 at 16:19 Comment(3)
it think this doesn't ahve an affect on ejb's exception. I had such a tag in jnlp (<j2se) version="1.6+" ....etc...) but deleting/adding it doesn't change anything regarding the EJBAccessExceptionRelieve
Well, that's a fine thing if you own the source code. I just want to run something someone else developed.Susurrous
Thanks, this solved the java.lang.NullPointerException at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source) for me.Hydromagnetics
D
1

We saw this problem with Java 1.8u60 caused by dead references to icons in the JNLP file. Previously the missing icons were ignored, but now we are seeing failures with the stack trace in the question. Removing the references to the icons fixed our problem.

Here are the two references we removed:

<icon href="ORCL.jpg" kind="splash"/>
<icon href="ORCS.jpg" kind="default"/>

Hope that helps.

Distrain answered 20/10, 2015 at 15:48 Comment(0)
I
0

You can also try enabling the checkbox under Advanced tab of java (in controlpanel) and check mark the Always allow option under JNLP file section

Indigotin answered 22/7, 2016 at 5:34 Comment(0)
L
0

On an Arch Linux system, I found the Java Control Panel to be accessible at /opt/java7/jre/bin/ControlPanel (a symlink to jcontrol). By running it, I was able to access the Security tab, and then crank down the Security Level to Medium. Then I'm prompted about accepting a security warning upon starting something like /opt/java7/bin/javaws.

Labored answered 30/8, 2016 at 21:4 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.