2

我们在应用程序登录页面上使用小程序。Applet 包含 2 个类。Jar 已签名(ca 证书)。清单文件包含:“可信库:true。

它适用于大多数用户,但其中一些用户在使用 applet 时遇到问题,因为 JVM 报告 Security Exception: Attempted to open a sandboxed jar as a Trusted-Library。

你知道为什么它对他们不起作用吗?

例如,User1 具有 Java 插件 10.21.2.11 JRE 版本 1.7.0_21-b11 Java HotSpot(TM) 客户端 VM。他尝试了 Firefox 21 和 IE 8.0.6001.18702。

JVM 报告一般异常:

basic: Plugin2ClassLoader.addURL parent called for 

https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar
basic: Plugin2ClassLoader.addURL parent called for 

https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar

security: Accessing keys and certificate in Mozilla user profile: null
security: JSS is not configured
security: Blacklist revocation check is enabled
security: blacklist: created: NEED_LOAD, lastModified: 1374827364000
security: blacklist: hasBeenModifiedSince 1374827396921 (we have 1374827364000)
security: Trusted libraries list check is enabled
security: blacklist: hasBeenModifiedSince 1374827583375 (we have 1374827364000)
network: Cache entry found [url: https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar
cache: Resource https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar has expired.
network: Connecting https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar with proxy=DIRECT
security: blacklist: hasBeenModifiedSince 1374827435937 (we have 1374827364000)
security: blacklist: hasBeenModifiedSince 1374827390640 (we have 1374827364000)
security: blacklist: hasBeenModifiedSince 1374827583375 (we have 1374827364000)
network: CleanupThread used 268961 us
network: Connecting http://www.sod.pfron.org.pl:443/ with proxy=DIRECT
security: Loading Root CA certificates from C:\Program Files\Java\jre1.7.0_21\lib\security\cacerts
security: Loaded Root CA certificates from C:\Program Files\Java\jre1.7.0_21\lib\security\cacerts
security: Loading SSL Root CA certificates from C:\Program Files\Java\jre1.7.0_21\lib\security\cacerts
security: Loaded SSL Root CA certificates from C:\Program Files\Java\jre1.7.0_21\lib\security\cacerts
security: Loading Deployment SSL certificates from C:\Documents and Settings\Marek\Dane aplikacji\Sun\Java\Deployment\security\trusted.jssecerts
security: Loaded Deployment SSL certificates from C:\Documents and Settings\Marek\Dane aplikacji\Sun\Java\Deployment\security\trusted.jssecerts
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Checking if SSL certificate is in Deployment permanent certificate store
security: Check if certificate can be verified using certificates in Root CA certificate store
security: Certificate to be verified:
[
<.....>
]
security: Certificate has been verified with Root CA certificates successfully
security: Invalid certificate from HTTPS server
basic: Dialog type is not candidate for embedding
security: Saving certificates in Deployment session certificate store
security: Saved certificates in Deployment session certificate store
network: ResponseCode for https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar : 304
network: Encoding for https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar : null
network: Disconnect connection to https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar
cache: Reading Signers from 3935 https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar | C:\Documents and Settings\Marek\Ustawienia lokalne\Dane aplikacji\Sun\Java\Deployment\cache\6.0\60\6283407c-46587e7d.idx
cache: Done readSigners(https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar)
cache:  Read manifest for https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar: read=273 full=273
basic: Plugin2ClassLoader.isTrustedByPolicy called 
basic: Plugin2ClassLoader.isTrustedByPolicy returns false 
security: resource name "pl/computerland/sod/prezentacja/klient/cienki/applet/JavaVersion.class" in https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar : java.lang.SecurityException: attempted to open sandboxed jar https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar as a Trusted-Library
security: resource name "pl/computerland/sod/prezentacja/klient/cienki/applet/JavaVersion.class" in https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar : java.lang.SecurityException: attempted to open sandboxed jar https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar as a Trusted-Library
basic: exception: attempted to open sandboxed jar https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar as a Trusted-Library.
java.lang.SecurityException: attempted to open sandboxed jar https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar as a Trusted-Library
    at com.sun.deploy.security.CPCallbackHandler$ParentElement.checkResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
    at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at java.lang.ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
Ignored exception: java.lang.SecurityException: attempted to open sandboxed jar https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar as a Trusted-Library
basic: exception: attempted to open sandboxed jar https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar as a Trusted-Library.
java.lang.SecurityException: attempted to open sandboxed jar https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar as a Trusted-Library
    at com.sun.deploy.security.CPCallbackHandler$ParentElement.checkResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
    at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at java.lang.ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
Ignored exception: java.lang.SecurityException: attempted to open sandboxed jar https://www.sod.pfron.org.pl/_applet/Logowanie_8.32.2.48.jar as a Trusted-Library
basic: Dialog type is not candidate for embedding
basic: Dialog type is not candidate for embedding
basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter@5dcf43
security: Reset deny session certificate store
basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter@1b93cf8
security: Reset deny session certificate store
4

1 回答 1

3

我们也有类似的问题。对我们来说,问题是客户端机器上的 jre\lib\security\java.policy 文件被修改并添加了:

grant {
    permission java.security.AllPermission;
};

如果将其删除,则错误消失。同样在我们的测试中,如果我们删除 Trusted-Library: true,错误就会消失,但考虑到新的 Java 小程序规则,这并不是一个真正的选择。

我们还在这里发布了信息https://forums.oracle.com/message/11238296#11238296但目前没有回复。

于 2013-10-22T15:40:53.460 回答