PLugin unable to find jar files

The Problem :

I have a package com.arjun.example. One of the Java classes loads a library using the loadlibrary() call. I have signed the class using the Netscape Object signing ID from Verisign. I have also verfied the jar file. It is OK.

I have the following questions. Anyone can use class package that I provide, so how should they use ? Should this be done at all? Where should put the jar file? I tried placing the jar file at the following places and none of them work c:\programfiles\Javasoft\jre; c:\winnt\java\classes c:\winnt\java\classes\com\arjun\example c:\programfiles\Netscape\communicator\java\classes Am I correct in assuming that the same jar file should work for IE and Netscape because they both use the plugin. The error that I am getting now saying that the class definition is note found.

Please note that i had successfully used the Netscape Object sigining method earlier for the same project.

Any help would be greatly appreciated.

Thanks in Advance. :)

Hoping for a cool solution from you. ArjunR
 
arjunramAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arjunramAuthor Commented:
OK guys I need a fast anwser and I am increasing the stakes !!!
0
vladi21Commented:
what u browser and plugin versions?

look

Creating Signed, Persistent Java Applets
http://www.ddj.com/articles/1999/9902/9902h/9902h.htm

--
Running signed applets with the JavaTM Plug-in
http://www.suitable.com/CodeSigningSignPlug.shtml
http://java.sun.com/security/signExample/index.html 

http://www.javasoft.com/products/jdk/1.1/docs/guide/security/index.html

Writing Advanced Applications Chapter 10: Signed Applets
http://developer.java.sun.com/developer/onlineTraining/Programming/JDCBook/signed.html

On the trail of certificates in Java 2
http://service2.boulder.ibm.com/devcon/news0999/artpage2.htm

Implementing custom security permissions in Java 2
http://service2.boulder.ibm.com/devcon/news0699/artpage13.htm

DEPLOYING RSA SIGNED APPLETS IN JAVA TM PLUG-IN 1.2.2
http://java.sun.com/products/plugin/1.2/docs/nsobjsigning.html
http://java.sun.com/docs/books/tutorial/security1.2/toolsign/index.html 
--

Code Signing for Java Applets
http://www.suitable.com/Doc_CodeSigning.shtml
http://www.securingjava.com/appdx-c/
java how-to http://tactika.com/realhome/javaht/java-s1.html

http://java.sun.com/docs/books/tutorial/security1.2/toolsign/index.html 
Unfortunately the Java Development Kit (JDK TM) 1.1 signing and verification is not supported by the web browsers (NetscapeTM's and Microsoft's.) It is supported in HotJavaTM, http://java.sun.com/products/hotjava and appletviewer.

You can use the JavaTM Plug-in in the browsers to get access to more recent JDK technology, http://java.sun.com/products/plugin. You can run 1.1.x signed applets with the Plug-in plugged into the browsers.


NN:
Software Developer Digital IDsSM for Netscape Object Signing:
http://www.verisign.com/library/guide/developer/signing/index.html
http://developer.netscape.com/software/signedobj/jarpack.html
http://developer.netscape.com/docs/manuals/signedobj/
http://developer.netscape.com/docs/manuals/signedobj/javadoc/Package-netscape_security.html
http://developer.netscape.com/docs/manuals/signedobj/targets/contents.htm
JAVA CAPABILITIES API http://developer.netscape.com/docs/manuals/signedobj/capsapi.html
OBJECT SIGNING FAQ  http://developer.netscape.com/support/faqs/objfaq.html
DevEdge Newsgroup FAQ: Security http://developer.netscape.com/support/faqs/champions/security.html


NN: Bypass the need for a certificate
COMMUNICATOR 4.5 PREFERENCES  http://developer.netscape.com/docs/manuals/deploymt/4_5PREFS.HTM
Netscape provides a way to accept a codebase as trusted (then a certificate is not needed). This can be useful during development or in a private Intranet. In the Netscape Users directory, there is a file called prefs.js. Adding the line user_pref("signed.applets.codebase_principal_support", true);
will enable JAR file without a certificate to request privileges on your machine. If you agree, it will be possible for an Applet to lauch a program, write a file on your hard disk or print on the printer. You will still have to ask for privileges in your program using the Netscape capabilites classes.
Another way is to lower general security setting to more allow more freedom when running applets locally. Add or modify the following entries in the prefs.js: user_pref("unsigned.applets.low_security_for_local_classes", true);
user_pref("signed.applets.local_classes_have_30_powers", true);
user_pref("signed.applets.low_security_for_local_classes", true);
user_pref("signed.applets.verbose_security_exception", true);

Then you don't need to asked for privileges for local classes.
When adding or modifying the file prefs.js, Netscape must not be running because your modification will be overwritten. So shut down Netscape, edit the prefs.js and then restart Netscape.

0
conickCommented:
Wow I hate to follow that!

A quick thing to check:
Have you tried placing the jar file in the extension directory?
Should be something like:
c:\progra~1\javasoft\jre\1.2\lib\ext
Place your jar file in that directory and as long as your browsers are actually using the plugin the jar file should be able to be searched.
See the Java tutorial for more info on the extension mechanism:
http://java.sun.com/docs/books/tutorial/ext/index.html

Congrats vladi21 on expert of the week a few weeks ago :)

Good Luck

0
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

vladi21Commented:
conick: thank you :)
0
arjunramAuthor Commented:
vladi21,
    That was a good dump of URL's. I guess I will worry about them later. I have not recieve any specific annwers.
I found out a problem and now it works on Netscape. I had to create the same directory structure while structure com.arjun.example and then sign. But I have a few more problems.

I donot get the Jav plugin security warning dialog. I have no certificates granted all in the database.

Can I use the same jar file for IE? I think I can and my thought is substantiated by http://204.191.136.6/~neutron/j22classpath/.

But I get the following security in IE
java.security.AccessControlException: access denied (java.lang.RuntimePermission loadLibrary.arjunDLL)

      at java.security.AccessControlContext.checkPermission(Unknown Source)

      at java.security.AccessController.checkPermission(Unknown Source)

      at java.lang.SecurityManager.checkPermission(Unknown Source)

      at java.lang.SecurityManager.checkLink(Unknown Source)

      at java.lang.Runtime.loadLibrary0(Unknown Source)

      at java.lang.System.loadLibrary(Unknown Source)

      at com.arjunr.example.arjunExample.<init>(arjunExample.java:18)


Solve this and take the booty price of 1000 points.

ArjunRam
0
vladi21Commented:
U use plugin with IE?
I never try it :)
what ur browser and plugin versions?


0
vladi21Commented:
I am also
I donot get the Jav plugin security warning dialog. I have no certificates granted all in the database.
with IE 5.01
0
vladi21Commented:

its working now!
try make JAR cache disabled and reload page



Java(TM) Plug-in: Version 1.2.2.px

Using JRE version 1.2.2

User home directory = D:\WINNT\Profiles\VLADP

Proxy Configuration: no proxy



JAR cache disabled.

Opening http://204.191.136.6/~neutron/j22classpath/j22classpath.jar no proxy

CacheHandler file name: D:\WINNT\Profiles\VLADP\Temporary Internet Files\Content.IE5\0AB34E6Y\j22classpath[1].jar

0
arjunramAuthor Commented:
The jar file shown in the URl works for me. But my jar file does not work for me. I showed the URL just to say that one jar file is enough for IE and Netscape. So Back to square one: Why Am I not getting a security warning dialog and why Am I getting errors when I run this thro IE. See the IE errors carefully. It gives out errors for my jar file not for the URL given by me.

0
vladi21Commented:
I cannot reproduce your exception in my IE 5.01 (5.00.2919.6307)

after closing (Alt-F4) security warning dialog:
java.security.AccessControlException: access denied (java.util.PropertyPermission java.class.path read)

      at java.security.AccessControlContext.checkPermission(Unknown Source)

      at java.security.AccessController.checkPermission(Unknown Source)

      at java.lang.SecurityManager.checkPermission(Unknown Source)

      at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)

      at java.lang.System.getProperty(Unknown Source)

      at j22classpath.init(j22classpath.java:15)

      at sun.applet.AppletPanel.run(Unknown Source)

      at java.lang.Thread.run(Unknown Source)



Now it's working with disabled and enable cache

try download latest MS JVM
MS JSDK
http://www.microsoft.com/java/sdk/32/start.htm
http://www.microsoft.com/java/download/dl_sdk32.htm

also try different Plug-in versions and settings
0
arjunramAuthor Commented:
my plugin version is 1.2.2 and browser version 5.0.1. You can see in the errors that it fails due to security restrictions for loadlibrary(); I have not written any security related code. I have removed my Netscape capability code and signed it. Thats all
0
vladi21Commented:
What is ur settings for JRE - at Advanced tab of plug-in properties?

My IE work only with 1.2
0
arjunramAuthor Commented:
My idea of the plugin in was that the browser need not have a JVM and hence the plugin takes over, so why should I download an SDK. Please dont give me general solutions. I am able to see the page that I mention, I also getting the dialog for that page. But the same thing does not happen when I use my applet and URL.

I hope U understand.
0
arjunramAuthor Commented:
Please understand that I want MY applet to work not the one I had mentioned in that URL.!!!
0
vladi21Commented:
post YOUR url :)
0
arjunramAuthor Commented:
This is not off the web. And I cannot post this bcos of the source license crap. :(
0
vladi21Commented:
It's hard to find answer without source code.
0
arjunramAuthor Commented:
I donot understand why you need the source code. Let me explain what I am trying to do. I am creating a package which provides certain functions. I also have a DLL. Customers will use this package and the DLL. So the sample is theirs. I have created a jar file just to load the library. Now does that make sense :(
0
vladi21Commented:
and jar file signed with special permissions for loading lib?
0
arjunramAuthor Commented:
Yes. I have removed all the Netscape API classes from the classes. I have NOT added any new security API's. I donot know if If I have to write Security APIs in java.
0
vladi21Commented:
Test Your Signature
% signtool -v testjar.jar

0
arjunramAuthor Commented:
I had already done that. I tried again and it passed the test.
0
vladi21Commented:
check this

--------- Note on disabling RSA signed applet security with JavaPlugin1.2.2 ---------
With JavaPlugin1.2.2 and RSA signed applets, the client's local policy file is checked to see if there is a usePolicy entry under RuntimePermission. If usePolicy is found, then the fine-grained privileges present in the client's policy file are invoked (along with the default system policy "sandbox" security). If usePolicy is *not* found, then the RSA signed applet is granted all privileges (like a Java application) if the user selects "Grant this session" in the Java Plug-in Security Warning dialog
0
arjunramAuthor Commented:
Do u mean the D:\Program Files\JavaSoft\JRE\1.2\lib\security\java.policy file???
0
vladi21Commented:
yes
0
arjunramAuthor Commented:
The entry was found. I removed it tried it again. Something is gone wrong!!. I am now getting same security error on both IE and netscape. :(

Should I write some APIs?/
0
vladi21Commented:
If usePolicy is *not* found, then the RSA signed applet is granted all privileges (like a Java application) if the user selects "Grant this session" in the Java Plug-in Security Warning dialog
0
arjunramAuthor Commented:
UR URL says whatever I am trying to do which is as follows.

Converting old Netscape signed applets
Existing RSA signed applets designed for Netscape may use Netscape specific security APIs. These Netscape specific APIs are not supported in the Java Plug-in. Instead the Plug-in supports the standard Java security APIs in both Netscape Navigator and Internet Explorer.


To migrate Netscape signed applets using the Netscape security APIs to run in Java Plug-in:

Comment or remove all netscape.security.* related statements from the Java applet.
Compile and archive the applet as a JAR file.
Re-sign the JAR file using Object Signing.
This ensures that your RSA signed applet will run in both Netscape Navigator and Internet Explorer with the Java Plug-in.


What are U trying to hint by sending the URls
0
arjunramAuthor Commented:
UR URL says whatever I am trying to do which is as follows.

Converting old Netscape signed applets
Existing RSA signed applets designed for Netscape may use Netscape specific security APIs. These Netscape specific APIs are not supported in the Java Plug-in. Instead the Plug-in supports the standard Java security APIs in both Netscape Navigator and Internet Explorer.


To migrate Netscape signed applets using the Netscape security APIs to run in Java Plug-in:

Comment or remove all netscape.security.* related statements from the Java applet.
Compile and archive the applet as a JAR file.
Re-sign the JAR file using Object Signing.
This ensures that your RSA signed applet will run in both Netscape Navigator and Internet Explorer with the Java Plug-in.


What are U trying to hint by sending the URls
0
vladi21Commented:
As you can see when you use RSA SIGNED APPLETS you must dont use any API, becouse If usePolicy is *not* found, then the RSA signed applet is granted all privileges
0
arjunramAuthor Commented:
Could you specifically mention the entry. Is it       
permission java.lang.RuntimePermission "stopThread";
0
vladi21Commented:
from java.policy
      // Allows any thread to stop itself using the java.lang.Thread.stop()
      // method that takes no argument.
      // Note that this permission is granted by default only to remain
      // backwards compatible.
      // It is strongly recommended that you either remove this permission
      // from this policy file or further restrict it to code sources
      // that you specify, because Thread.stop() is potentially unsafe.
      // See "http://java.sun.com/notes" for more information.
      permission java.lang.RuntimePermission "stopThread";
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JodCommented:
Surprised that you haven't got these points stashed away yet vladi21?

Nice to hear you were expert of the week. I missed it though as I didn't login over much of Dec/Jan. Just wondering, did they ask you or do you apply. I have no aspirations to get my picture up there, but was just wondering how they choose. I think mbormann is a good candidate - never was there a more helpful and friendly expert here.

Just a small note about your security dialog not popping up - what are the settings in the Java Plug In control Panel for certificates. From sun (also in the above links):

"The Java Plug-in Control Panel provides a panel for managing RSA signed applets. This panel contains a list of certificates that have been chosen as "Grant always" when the Java Plug-in security dialog popped up. Users can remove any certificate from the list, and if any applet signed by these removed certificates is encountered again, a security dialog will pop up and ask for permission again."

DO you see your certificate? What happens if you remove it?

0
arjunramAuthor Commented:
I donot see my certificate!!
0
arjunramAuthor Commented:
OK!! I know the problem.  

If I write a sample and sign the class file with the my package and then use the jar file then it works!!

But this is what I need:

1. I have a package com.arjun.example.
2. One of the classes loads a dll
3. This package is to be utilised by the customers.
4. They can have their own sample.


I want to be able to sign my class and allow the use to call the jar file. How do I do this??

Solution seems to be at sight.

vladi21 Thanks a lot for being so patient. Hope this info helps you to solve the problem. :)

Mind you the booty is still open!!

0
arjunramAuthor Commented:
I still donot know why I am giving these points, but since you put in effort I am gifting it to U. Please remmember that you have ----NOT--- given the answer. I am sure heyhey will not do this. Take it and party!!!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java

From novice to tech pro — start learning today.