Reputation: 1
Getting Exception: java.lang.SecurityException: attempted to open sandboxed jar as Trusted-Only
We need to sign all 5 .class java files. That we have done by creating a .jar file and signed it too. But while executing my web application it is showing below error message in Java Console
java.lang.SecurityException: attempted to open sandboxed jar https://xxxxxxxxxxx.com/xxxx/JavaApplet.jar as Trusted-Only
at com.sun.deploy.security.CPCallbackHandler$ParentElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Exception: java.lang.SecurityException: attempted to open sandboxed jar https://xxxxxxxxxxx.com/xxxx/JavaApplet.jar as Trusted-Only*
I am not sure about this error. I have signed Jar 3-4 times after getting this error but I am getting same error again again.
Please can anybody help me if I am doing something wrong?
Upvotes: 0
Views: 9208
Answers (1)
Reputation: 157
Check your Manifest.mf file of jar. This should contain the Trusted-Library: true if you are using MixedCode(Applet called from the javascript) and your files are self signed. oracle has released latest security updates in Java 7 update 21. According to the release notes you must sign your code with CA certificates only, else JRE will treat your code as malicious. oracle is totally deprecating the Mixedcode. Please check the release notes of latest updates. But before adding the attribute Trusted-Library: true in manifest.mf make sure you are aware of the effects of the attribute.
Upvotes: 1
Related Questions
- Security Exception: Attempted to to open a sandboxed jar as a Trusted-Library
- Signed JAR being blocked by Java Security
- jarsigner error: java.lang.RuntimeException: keystore load: Keystore was tampered with, or password was incorrect
- jarsigner: The signer’s certificate chain is not validated
- Java Webstart attempt to sandboxed jar as "Trusted-Library"
- Error with signing jar files using jarsigner with a real certificate
- jarsigner: This jar contains entries whose certificate chain is not validated
- Getting java.lang.SecurityException: attempted to open sandboxed jar as a Trusted-Library
- Some users gets Security Exception: Attempted to to open a sandboxed jar as a Trusted-Library
- Jarsigner: "This jar contains entries whose certificate chain is not validated."