Jasbir21
asked on
java.lang.SecurityException :Class " JDBCApplet$1's signer information does not match signer information of other classes
I am stating the steps that i did to sign it:
Hi, i need to connect my applet to a database.So, i need to sign it.
Step 1:I created my applet(java code)-tst.java
step2 :i went to the j2sdk1.4.0_03\bin
c:\j2sdk1.4.0_03\bin>
(so now i am in the bin directory)
step3: generate key
c:\j2sdk1.4.0_03\bin> : keytool -genkey -keyalg rsa -alias tstkey
Enter keystore password: *******
What is your first and last name?
[Unknown]: Your Name
What is the name of your organizational unit?
[Unknown]: YourUnit
What is the name of your organization?
[Unknown]: YourOrg
What is the name of your City or Locality?
[Unknown]: YourCity
What is the name of your State or Province?
[Unknown]: YS
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
correct?
[no]: yes
(wait...)
Enter key password for tstkey
(RETURN if same as keystore password):
(press [enter])
ok - i got this step right
step4: . Export key:
Enter keystore password: *******
Certificate stored in file tstcert.crt
ok-i got this step right
step 5. Create JAR
jar cvf tst.jar tst.class classes12.zip nls_charset12.zip
(Add all classes used in your project by typing the classnames in the
same line.
added manifest)
adding: tst.class(in = 849) (out= 536)(deflated 36%)
adding:classes12.zip...
adding:nls_charset12.zip..
ok- i got it right
step6:6. Verify JAR
jar tvf tst.jar
i got it right
step7: Sign JAR:
jarsigner tst.jar tstkey
Enter Passphrase for keystore: *******
i got it ok
step 8 Verifiy Signing:
jarsigner -verify -verbose -certs tst.jar
i got it ok
step 9:create html file
step10: create link
<HTML>
<HEAD><TITLE>JDBC Applet</TITLE></HEAD>
<BODY BGCOLOR="brown">
<H2 ALIGN="center">JDBC Applet</H2>
<BR>
<P ALIGN="center">
<!--"CONVERTED_APPLET"-->
<a href=my>http://j2sdk1.4.0_03/bin/my/tst.crt</a>
<!-- HTML CONVERTER -->
<OBJECT
classid="clsid:CAFEEFAC-00
WIDTH = 700 HEIGHT = 550
codebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab#Version=1,4,0,30">
<PARAM NAME = CODE VALUE = "tst.class" >
<PARAM NAME = ARCHIVE VALUE = "tst.jar,classes12.zip,nls
<PARAM NAME="type" VALUE="application/x-java-
<PARAM NAME="scriptable" VALUE="false">
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.Oracl
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">
<COMMENT>
<EMBED
type="application/x-java-a
CODE = "tst.class"
ARCHIVE = "tst.jar,classes12.zip,nls
WIDTH = 700
HEIGHT = 550
JdbcDriver = "oracle.jdbc.driver.Oracle
JdbcUrl = "jdbc:oracle:thin:@216.53.
User = "combtest"
Password = "combtest"
scriptable=false
pluginspage="http://java.sun.com/products/plugin/index.html#download">
<NOEMBED>
</NOEMBED>
</EMBED>
</COMMENT>
</OBJECT>
<!--
<APPLET CODE = "tst.class" ARCHIVE = "tst.jar,classes12.zip,nls
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.Oracl
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">
</APPLET>
-->
<!--"END_CONVERTED_APPLET"
</BODY>
</HTML>
I was going through the forum , and i found another step
(i am still in the bin directory)
extra step:keytool -import -keystore cacerts -storetype JKS -alias test -file tst.crt
Enter keystore password:******
Owner :
Issuer:
Serial number:
Valid from:
Certificate fingerprints:
Trust this certificate:yes
Certificate was added to keystore.
--------------------------
When i ran the html , a window pops up and asks me whether i would like download the applet>
I press grant this session.
Then , another message pops up:
java.lang.SecurityExceptio
--------------------------
Sorry i forgot to add this:
Now, regardless of which method you use, the applet should be recognized as coming from a signed jar. The user can choose to activate it if he / she chooses. If your applet uses classes from multiple jars, for example Apache's Xerce's parser, you will need to sign those jars as well to allow them to execute in the client's brower. Otherwise, only the classes coming from the signed jar will work with the java.security.AllPermissio
__________----------------
I signed the jar and i placed the jar in the html file.Is that ok?
Coz, earlier when i did the code bef signing i had to place the jdbc classes that is classes12.zip, nls_charset12.zip, in the jar and i placed the jar in the html file.
Now i followed the steps posted by ireene but i placed the classes12.zip, nls_charset12.zip, including the class file in a jar and placed the jar in the html file.
Hi, i need to connect my applet to a database.So, i need to sign it.
Step 1:I created my applet(java code)-tst.java
step2 :i went to the j2sdk1.4.0_03\bin
c:\j2sdk1.4.0_03\bin>
(so now i am in the bin directory)
step3: generate key
c:\j2sdk1.4.0_03\bin> : keytool -genkey -keyalg rsa -alias tstkey
Enter keystore password: *******
What is your first and last name?
[Unknown]: Your Name
What is the name of your organizational unit?
[Unknown]: YourUnit
What is the name of your organization?
[Unknown]: YourOrg
What is the name of your City or Locality?
[Unknown]: YourCity
What is the name of your State or Province?
[Unknown]: YS
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
correct?
[no]: yes
(wait...)
Enter key password for tstkey
(RETURN if same as keystore password):
(press [enter])
ok - i got this step right
step4: . Export key:
Enter keystore password: *******
Certificate stored in file tstcert.crt
ok-i got this step right
step 5. Create JAR
jar cvf tst.jar tst.class classes12.zip nls_charset12.zip
(Add all classes used in your project by typing the classnames in the
same line.
added manifest)
adding: tst.class(in = 849) (out= 536)(deflated 36%)
adding:classes12.zip...
adding:nls_charset12.zip..
ok- i got it right
step6:6. Verify JAR
jar tvf tst.jar
i got it right
step7: Sign JAR:
jarsigner tst.jar tstkey
Enter Passphrase for keystore: *******
i got it ok
step 8 Verifiy Signing:
jarsigner -verify -verbose -certs tst.jar
i got it ok
step 9:create html file
step10: create link
<HTML>
<HEAD><TITLE>JDBC Applet</TITLE></HEAD>
<BODY BGCOLOR="brown">
<H2 ALIGN="center">JDBC Applet</H2>
<BR>
<P ALIGN="center">
<!--"CONVERTED_APPLET"-->
<a href=my>http://j2sdk1.4.0_03/bin/my/tst.crt</a>
<!-- HTML CONVERTER -->
<OBJECT
classid="clsid:CAFEEFAC-00
WIDTH = 700 HEIGHT = 550
codebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab#Version=1,4,0,30">
<PARAM NAME = CODE VALUE = "tst.class" >
<PARAM NAME = ARCHIVE VALUE = "tst.jar,classes12.zip,nls
<PARAM NAME="type" VALUE="application/x-java-
<PARAM NAME="scriptable" VALUE="false">
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.Oracl
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">
<COMMENT>
<EMBED
type="application/x-java-a
CODE = "tst.class"
ARCHIVE = "tst.jar,classes12.zip,nls
WIDTH = 700
HEIGHT = 550
JdbcDriver = "oracle.jdbc.driver.Oracle
JdbcUrl = "jdbc:oracle:thin:@216.53.
User = "combtest"
Password = "combtest"
scriptable=false
pluginspage="http://java.sun.com/products/plugin/index.html#download">
<NOEMBED>
</NOEMBED>
</EMBED>
</COMMENT>
</OBJECT>
<!--
<APPLET CODE = "tst.class" ARCHIVE = "tst.jar,classes12.zip,nls
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.Oracl
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">
</APPLET>
-->
<!--"END_CONVERTED_APPLET"
</BODY>
</HTML>
I was going through the forum , and i found another step
(i am still in the bin directory)
extra step:keytool -import -keystore cacerts -storetype JKS -alias test -file tst.crt
Enter keystore password:******
Owner :
Issuer:
Serial number:
Valid from:
Certificate fingerprints:
Trust this certificate:yes
Certificate was added to keystore.
--------------------------
When i ran the html , a window pops up and asks me whether i would like download the applet>
I press grant this session.
Then , another message pops up:
java.lang.SecurityExceptio
--------------------------
Sorry i forgot to add this:
Now, regardless of which method you use, the applet should be recognized as coming from a signed jar. The user can choose to activate it if he / she chooses. If your applet uses classes from multiple jars, for example Apache's Xerce's parser, you will need to sign those jars as well to allow them to execute in the client's brower. Otherwise, only the classes coming from the signed jar will work with the java.security.AllPermissio
__________----------------
I signed the jar and i placed the jar in the html file.Is that ok?
Coz, earlier when i did the code bef signing i had to place the jdbc classes that is classes12.zip, nls_charset12.zip, in the jar and i placed the jar in the html file.
Now i followed the steps posted by ireene but i placed the classes12.zip, nls_charset12.zip, including the class file in a jar and placed the jar in the html file.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have created 2 jar files , one jar that holds the "classes12.zip, nls_charset12.zip "classese and another jar that holds the applet class.And then i signed both of the jar and placed it in the html file.
I still got the same error
I still got the same error
Make sure the applet classes are not available on the server (unjarred), or on the local classpath.
don't put those .zip files in the jar, simply rename them to .jar and sign it. that mean you need 3 jar files tst.jar, classes12.jar, and nls_charset12.jar, sign every one of them.
> don't put those .zip files in the jar
I assumed he unzipped, and jarred them up.
Otherwise how would the applet find the classes?
I assumed he unzipped, and jarred them up.
Otherwise how would the applet find the classes?
>> step 5. Create JAR
>> jar cvf tst.jar tst.class classes12.zip nls_charset12.zip
>> jar cvf tst.jar tst.class classes12.zip nls_charset12.zip
They are simply ignored, and don't make any difference.
I still think the problem is that some of your classes are both in your jar and in your classpath.
I still think the problem is that some of your classes are both in your jar and in your classpath.
are the class files also available in the same directory as the jar?
If so, delete them.
If so, delete them.
ASKER
When i tried to rename it, i got the error if you change a filename extension , the file may be unusable "So, i couldn't rename it.
What i did was, i put classes12.zip in a jar file, nls_charset12.zip in an another jar file and my class file in another ,(3 jar files) and i still got the error.
Thanks
What i did was, i put classes12.zip in a jar file, nls_charset12.zip in an another jar file and my class file in another ,(3 jar files) and i still got the error.
Thanks
ASKER
When i delete the tst.class ,tst$1.class, tst$2.class,
the error i got is Applet tst notinitialized
the error i got is Applet tst notinitialized
> i got the error if you change a filename extension , the file may be unusable
You can ignore that error.
> the error i got is Applet tst notinitialized
Thats your problem, you didn't include all the classes in your jar, use folloowing to build jar:
jar cvf tst.jar *.class
You can ignore that error.
> the error i got is Applet tst notinitialized
Thats your problem, you didn't include all the classes in your jar, use folloowing to build jar:
jar cvf tst.jar *.class
ASKER
Trying out
Thanks
Thanks
ASKER
I included all the class files, classes12.zip and nls_charset12.zip in the tst.jar.
When i clicked the html file, a window that pops up and asks whether i would like to grant the applet the permission , i click yes.
An then an error message pops up java.security.AccessContro
thats the error that i usually get when i have NOT signed the applet.
When i clicked the html file, a window that pops up and asks whether i would like to grant the applet the permission , i click yes.
An then an error message pops up java.security.AccessContro
thats the error that i usually get when i have NOT signed the applet.
> I included all the class files, classes12.zip and nls_charset12.zip in the tst.jar.
Including the zips in the jar will not work.
You have to either extract the classes and include them in the jar, or change the zip's to jar's and sign each. I recomend the latter.
> An then an error message pops up java.security.AccessContro
Yes I'd say that is because you haven't signed the jdbc driver.
Including the zips in the jar will not work.
You have to either extract the classes and include them in the jar, or change the zip's to jar's and sign each. I recomend the latter.
> An then an error message pops up java.security.AccessContro
Yes I'd say that is because you haven't signed the jdbc driver.
You'll also need to change your html:
<OBJECT
classid="clsid:CAFEEFAC-00
WIDTH = 700 HEIGHT = 550
codebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab#Version=1,4,0,30">
<PARAM NAME = CODE VALUE = "tst.class" >
<PARAM NAME = ARCHIVE VALUE = "tst.jar,classes12.jar,nls
<PARAM NAME="type" VALUE="application/x-java-
<PARAM NAME="scriptable" VALUE="false">
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.Oracl
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">
<COMMENT>
<EMBED
type="application/x-java-a
CODE = "tst.class"
ARCHIVE = "tst.jar,classes12.jar,nls
WIDTH = 700
HEIGHT = 550
JdbcDriver = "oracle.jdbc.driver.Oracle
JdbcUrl = "jdbc:oracle:thin:@216.53.
User = "combtest"
Password = "combtest"
scriptable=false
pluginspage="http://java.sun.com/products/plugin/index.html#download">
<NOEMBED>
</NOEMBED>
</EMBED>
</COMMENT>
</OBJECT>
<OBJECT
classid="clsid:CAFEEFAC-00
WIDTH = 700 HEIGHT = 550
codebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab#Version=1,4,0,30">
<PARAM NAME = CODE VALUE = "tst.class" >
<PARAM NAME = ARCHIVE VALUE = "tst.jar,classes12.jar,nls
<PARAM NAME="type" VALUE="application/x-java-
<PARAM NAME="scriptable" VALUE="false">
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.Oracl
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">
<COMMENT>
<EMBED
type="application/x-java-a
CODE = "tst.class"
ARCHIVE = "tst.jar,classes12.jar,nls
WIDTH = 700
HEIGHT = 550
JdbcDriver = "oracle.jdbc.driver.Oracle
JdbcUrl = "jdbc:oracle:thin:@216.53.
User = "combtest"
Password = "combtest"
scriptable=false
pluginspage="http://java.sun.com/products/plugin/index.html#download">
<NOEMBED>
</NOEMBED>
</EMBED>
</COMMENT>
</OBJECT>
ASKER
->You have to either extract the classes and include them in the jar,
is it winzip classes12.zip , extract to classes12.jar
is it winzip classes12.zip , extract to classes12.jar
ASKER
In the classes12.jar, there is 2 folders, one is called javax, and another oracle.Each of folder, contain folders in it.
Just rename classes12.zip to classes12.jar, and then sign classes12.jar.
ASKER
When i tried doing that, had the error cannot rename classes12.zip :There has been a sharing violation
Something must have it open, possibly the applet.
Restart your machine, and then rename it.
Or just take a copy.
Restart your machine, and then rename it.
Or just take a copy.
ASKER
I can't believe it , it is really working.Thanks a lot.
Actually , i am going to load it to the server now, so i am afraid , i might need help on that.
I will post the question as "Loading the applet to server", plssssssssssssss look into it.Thanks again.Thanks
God bless
Jasbir
Actually , i am going to load it to the server now, so i am afraid , i might need help on that.
I will post the question as "Loading the applet to server", plssssssssssssss look into it.Thanks again.Thanks
God bless
Jasbir
ASKER
Thanks again and God bless you
:-)
>> or change the zip's to jar's and sign each. I recomend the latter.
objects, isn't that what I said? and you assumed and thought I was wrong?
objects, isn't that what I said? and you assumed and thought I was wrong?
I didn't say you were wrong, it just wasn't the cause of the problem.
ASKER
I still got the same error