?
Solved

java.lang.SecurityException :Class " JDBCApplet$1's signer information does not match signer information of other classes

Posted on 2003-03-24
26
Medium Priority
?
563 Views
Last Modified: 2013-11-23
I am stating the steps that i did to sign it:

Hi, i need to connect my applet to a database.So, i need to sign it.

Step 1:I created my applet(java code)-tst.java

step2 :i went to the j2sdk1.4.0_03\bin

c:\j2sdk1.4.0_03\bin>
(so now i am in the bin directory)


step3: generate key
c:\j2sdk1.4.0_03\bin> : keytool -genkey -keyalg rsa -alias tstkey
Enter keystore password: *******
What is your first and last name?
[Unknown]: Your Name
What is the name of your organizational unit?
[Unknown]: YourUnit
What is the name of your organization?
[Unknown]: YourOrg
What is the name of your City or Locality?
[Unknown]: YourCity
What is the name of your State or Province?
[Unknown]: YS
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
correct?
[no]: yes

(wait...)

Enter key password for tstkey
(RETURN if same as keystore password):

(press [enter])

ok - i got this step right

step4: . Export key:
Enter keystore password: *******
Certificate stored in file tstcert.crt
ok-i got this step right


step 5. Create JAR

jar cvf tst.jar tst.class classes12.zip nls_charset12.zip
(Add all classes used in your project by typing the classnames in the
same line.

added manifest)
adding: tst.class(in = 849) (out= 536)(deflated 36%)
adding:classes12.zip...
adding:nls_charset12.zip...
ok- i got it right

step6:6. Verify JAR

jar tvf tst.jar

i got it right

step7: Sign JAR:
jarsigner tst.jar tstkey
Enter Passphrase for keystore: *******

i got it ok

step 8 Verifiy Signing:
jarsigner -verify -verbose -certs tst.jar

i got it ok

step 9:create html file
step10: create link
<HTML>
<HEAD><TITLE>JDBC Applet</TITLE></HEAD>
<BODY BGCOLOR="brown">
<H2 ALIGN="center">JDBC Applet</H2>
<BR>
<P ALIGN="center">
<!--"CONVERTED_APPLET"-->
<a href=my>http://j2sdk1.4.0_03/bin/my/tst.crt</a>
<!-- HTML CONVERTER -->
<OBJECT
classid="clsid:CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA"
WIDTH = 700 HEIGHT = 550
codebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab#Version=1,4,0,30">
<PARAM NAME = CODE VALUE = "tst.class" >
<PARAM NAME = ARCHIVE VALUE = "tst.jar,classes12.zip,nls_charset12.zip" >

<PARAM NAME="type" VALUE="application/x-java-applet;jpi-version=1.4.0_03">
<PARAM NAME="scriptable" VALUE="false">
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.OracleDriver">
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53.126.14:1521:KLM">
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">

<COMMENT>
<EMBED
type="application/x-java-applet;jpi-version=1.4.0_03"
CODE = "tst.class"
ARCHIVE = "tst.jar,classes12.zip,nls_charset12.zip"
WIDTH = 700
HEIGHT = 550
JdbcDriver = "oracle.jdbc.driver.OracleDriver"
JdbcUrl = "jdbc:oracle:thin:@216.53.126.14:1521:KLM"
User = "combtest"
Password = "combtest"
scriptable=false
pluginspage="http://java.sun.com/products/plugin/index.html#download">
<NOEMBED>

</NOEMBED>
</EMBED>
</COMMENT>
</OBJECT>

<!--
<APPLET CODE = "tst.class" ARCHIVE = "tst.jar,classes12.zip,nls_charset12.zip" WIDTH = 700 HEIGHT = 550>
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.OracleDriver">
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53.126.14:1521:KLM">
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">


</APPLET>
-->


<!--"END_CONVERTED_APPLET"-->

</BODY>
</HTML>

I was going through the forum , and i found another step
(i am still in the bin directory)

extra step:keytool -import -keystore cacerts -storetype JKS -alias test -file tst.crt
Enter keystore password:******
Owner :
Issuer:
Serial number:
Valid from:
Certificate fingerprints:

Trust this certificate:yes
Certificate was added to keystore.

-------------------------------

When i ran the html , a window pops up and asks me whether i would like download the applet>
I press grant this session.
Then , another message pops up:
java.lang.SecurityException:class"tst.class$1",signer information does not match signer information of other classes in the same package"

--------------------------------------------------------------------------------------------------
Sorry i forgot to add this:

Now, regardless of which method you use, the applet should be recognized as coming from a signed jar. The user can choose to activate it if he / she chooses. If your applet uses classes from multiple jars, for example Apache's Xerce's parser, you will need to sign those jars as well to allow them to execute in the client's brower. Otherwise, only the classes coming from the signed jar will work with the java.security.AllPermission setting and all other classes from unsigned jars will run in the sandbox.
__________-----------------------------------------------------------------------

I signed the jar and i placed the jar in the html file.Is that ok?

Coz, earlier when i did the code bef signing i had to place the jdbc classes that is classes12.zip, nls_charset12.zip, in the jar and i placed the jar in the html file.

Now i followed the steps posted by ireene but i placed the classes12.zip, nls_charset12.zip, including the class file in a jar and placed the jar in the html file.




0
Comment
Question by:Jasbir21
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 11
  • 3
26 Comments
 
LVL 92

Accepted Solution

by:
objects earned 1000 total points
ID: 8199768
I think you need to also sign *all* the jar files.
0
 

Author Comment

by:Jasbir21
ID: 8199968
I have created 2 jar files , one jar that holds the "classes12.zip, nls_charset12.zip "classese and another jar that holds the applet class.And then i signed both of the jar and placed it in the html file.
 I still got the same error
0
 

Author Comment

by:Jasbir21
ID: 8199989
I have created 2 jar files , one jar that holds the "classes12.zip, nls_charset12.zip "classese and another jar that holds the applet class.And then i signed both of the jar and placed it in the html file.
 I still got the same error
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 92

Expert Comment

by:objects
ID: 8199990
Make sure the applet classes are not available on the server (unjarred), or on the local classpath.
0
 
LVL 14

Expert Comment

by:kennethxu
ID: 8200035
don't put those .zip files in the jar, simply rename them to .jar and sign it. that mean you need 3 jar files tst.jar, classes12.jar, and nls_charset12.jar, sign every one of them.
0
 
LVL 92

Expert Comment

by:objects
ID: 8200060
> don't put those .zip files in the jar

I assumed he unzipped, and jarred them up.
Otherwise how would the applet find the classes?
0
 
LVL 14

Expert Comment

by:kennethxu
ID: 8200078
>> step 5. Create JAR
>> jar cvf tst.jar tst.class classes12.zip nls_charset12.zip
0
 
LVL 92

Expert Comment

by:objects
ID: 8200092
They are simply ignored, and don't make any difference.

I still think the problem is that some of your classes are both in your jar and in your classpath.

0
 
LVL 92

Expert Comment

by:objects
ID: 8200130
are the class files also available in the same directory as the jar?
If so, delete them.
0
 

Author Comment

by:Jasbir21
ID: 8200148
When i tried to rename it, i got the error if you change a filename extension , the file may be unusable "So, i couldn't rename it.

What i did was, i put classes12.zip in a jar file, nls_charset12.zip in an another jar file and my class file in another ,(3 jar files) and i still got the error.

Thanks


0
 

Author Comment

by:Jasbir21
ID: 8200168
When i delete the tst.class ,tst$1.class, tst$2.class,
the error i got is  Applet tst notinitialized
0
 
LVL 92

Expert Comment

by:objects
ID: 8200186
> i got the error if you change a filename extension , the file may be unusable

You can ignore that error.

> the error i got is  Applet tst notinitialized


Thats your problem, you didn't include all the classes in your jar, use folloowing to build jar:

jar cvf tst.jar *.class


0
 

Author Comment

by:Jasbir21
ID: 8200539
Trying out

Thanks
0
 

Author Comment

by:Jasbir21
ID: 8200568
I included all the class files, classes12.zip and nls_charset12.zip in the tst.jar.

When i clicked the html file, a window that pops up and asks whether i would like to grant the applet the permission , i click yes.

An then an error message pops up java.security.AccessControlException:access denied (java.net.SocketPermission 216.53.120.14.1521 connect,resolve),
thats the error that i usually get when i have NOT signed the applet.
0
 
LVL 92

Expert Comment

by:objects
ID: 8200608
> I included all the class files, classes12.zip and nls_charset12.zip in the tst.jar.

Including the zips in the jar will not work.
You have to either extract the classes and include them in the jar, or change the zip's to jar's and sign each. I recomend the latter.

> An then an error message pops up java.security.AccessControlException:access denied

Yes I'd say that is because you haven't signed the jdbc driver.
0
 
LVL 92

Expert Comment

by:objects
ID: 8200621
You'll also need to change your html:

<OBJECT
classid="clsid:CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA"
WIDTH = 700 HEIGHT = 550
codebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab#Version=1,4,0,30">
<PARAM NAME = CODE VALUE = "tst.class" >
<PARAM NAME = ARCHIVE VALUE = "tst.jar,classes12.jar,nls_charset12.jar" >

<PARAM NAME="type" VALUE="application/x-java-applet;jpi-version=1.4.0_03">
<PARAM NAME="scriptable" VALUE="false">
<PARAM NAME = "JdbcDriver" VALUE ="oracle.jdbc.driver.OracleDriver">
<PARAM NAME = "JdbcUrl" VALUE ="jdbc:oracle:thin:@216.53.126.14:1521:KLM">
<PARAM NAME = "User" VALUE ="combtest">
<PARAM NAME = "Password" VALUE ="combtest">

<COMMENT>
<EMBED
type="application/x-java-applet;jpi-version=1.4.0_03"
CODE = "tst.class"
ARCHIVE = "tst.jar,classes12.jar,nls_charset12.jar"
WIDTH = 700
HEIGHT = 550
JdbcDriver = "oracle.jdbc.driver.OracleDriver"
JdbcUrl = "jdbc:oracle:thin:@216.53.126.14:1521:KLM"
User = "combtest"
Password = "combtest"
scriptable=false
pluginspage="http://java.sun.com/products/plugin/index.html#download">
<NOEMBED>

</NOEMBED>
</EMBED>
</COMMENT>
</OBJECT>



0
 

Author Comment

by:Jasbir21
ID: 8200786
->You have to either extract the classes and include them in the jar,

is it winzip classes12.zip , extract to classes12.jar
0
 

Author Comment

by:Jasbir21
ID: 8200789
In the classes12.jar, there is 2 folders, one is called javax, and another oracle.Each of folder, contain folders in it.
0
 
LVL 92

Expert Comment

by:objects
ID: 8200791
Just rename classes12.zip to classes12.jar, and then sign classes12.jar.
0
 

Author Comment

by:Jasbir21
ID: 8200872
When i tried doing that, had the error cannot rename classes12.zip :There has been a sharing violation
0
 
LVL 92

Expert Comment

by:objects
ID: 8200892
Something must have it open, possibly the applet.
Restart your machine, and then rename it.
Or just take a copy.
0
 

Author Comment

by:Jasbir21
ID: 8201056
I can't believe it , it is really working.Thanks a lot.
Actually , i am going to load it to the server now, so i am afraid , i might need help on that.
  I will post the question as "Loading the applet to server", plssssssssssssss look into it.Thanks again.Thanks

God bless
Jasbir
0
 

Author Comment

by:Jasbir21
ID: 8201061
Thanks again and God bless you
0
 
LVL 92

Expert Comment

by:objects
ID: 8201083
:-)
0
 
LVL 14

Expert Comment

by:kennethxu
ID: 8203148
>>  or change the zip's to jar's and sign each. I recomend the latter.
objects, isn't that what I said? and you assumed and thought I was wrong?
0
 
LVL 92

Expert Comment

by:objects
ID: 8205840
I didn't say you were wrong, it just wasn't the cause of the problem.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

INTRODUCTION Working with files is a moderately common task in Java.  For most projects hard coding the file names, using parameters in configuration files, or using command-line arguments is sufficient.   However, when your application has vi…
Java functions are among the best things for programmers to work with as Java sites can be very easy to read and prepare. Java especially simplifies many processes in the coding industry as it helps integrate many forms of technology and different d…
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
Suggested Courses
Course of the Month10 days, 10 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question