当我的JDK版本升级到u45时,我收到有关缺少安全信息的警告。因此,我使用以下安全更新作为使用webstart-maven-plugin进行webstart签名的一部分
<plugin>
<groupId> org.codehaus.mojo</groupId>
<artifactId>webstart-maven-plugin</artifactId>
<version>1.0-beta-4</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>jnlp-inline</goal>
<!-- use jnlp, jnlp-inline or jnlp-single as appropriate -->
</goals>
</execution>
</executions>
<configuration>
<!--outputDirectory></outputDirectory -->
<!-- not required?? -->
<!-- Set to true to exclude all transitive dependencies. Default is
false. -->
<excludeTransitive>false</excludeTransitive>
<!-- The path where the libraries are stored within the jnlp structure.
not required. by default the libraries are within the working directory -->
<libPath>lib</libPath>
<!-- resourcesDirectory>${project.basedir}/src/main/jnlp/resources</resourcesDirectory -->
<!-- default value -->
<!-- JNLP generation -->
<jnlp>
<!-- default values -->
<!-- inputTemplateResourcePath>${project.basedir}</inputTemplateResourcePath -->
<!--inputTemplate>src/main/jnlp/template.vm</inputTemplate -->
<!-- relative to inputTemplateResourcePath -->
<outputFile>xxxx.template</outputFile>
<!-- defaults to launch.jnlp -->
<!-- used to automatically identify the jar containing the main class. -->
<!-- this is perhaps going to change -->
<mainClass>XXXXXX</mainClass>
</jnlp>
<!-- SIGNING -->
<!-- defining this will automatically sign the jar and its dependencies,
if necessary -->
<sign>
..................
</sign>
<!-- BUILDING PROCESS -->
<pack200>
<enabled>false</enabled>
</pack200>
<gzip>true</gzip>
<!-- default force when pack200 false, true when pack200 selected
?? -->
<!-- causes a version attribute to be output in each jar resource
element, optional, default is false -->
<outputJarVersions>true</outputJarVersions>
<!--install>false</install -->
<!-- not yet supported -->
<verbose>true</verbose>
<updateManifestEntries>
<Application-Name>cccccc</Application-Name>
<Trusted-Library>true</Trusted-Library>
<Permissions>all-permissions</Permissions>
<Codebase>*</Codebase>
<Trusted-Only>true</Trusted-Only>
</updateManifestEntries>
</configuration>
这里
<updateManifestEntries>
<Application-Name>cccccc</Application-Name>
<Trusted-Library>true</Trusted-Library>
<Permissions>all-permissions</Permissions>
<Codebase>*</Codebase>
<Trusted-Only>true</Trusted-Only>
</updateManifestEntries>
在启动时中断应用程序。依赖注入没有发生。我必须添加更新的清单信息,即使是与Spring相关的jar。
我尝试用
做同样的事情<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<inherited>true</inherited>
<configuration>
<archive>
<manifest>
<addDefaultImplementationEntries>true</addDefaultImplementationEntries>
<addDefaultSpecificationEntries>true</addDefaultSpecificationEntries>
</manifest>
</archive>
</configuration>
</plugin>
但似乎没有工作。
自上周以来我一直在尝试这一点,感谢你的即时回复
问题出在webstart-maven-plugin(1.0-beta-4)上,其中
<updateManifestEntries>
<!-- <Permissions>all-permissions</Permissions>
<Application-Name>catsvision</Application-Name>
<Trusted-Library>true</Trusted-Library>
<Codebase>*</Codebase>
<Trusted-Only>true</Trusted-Only> -->
</updateManifestEntries>
没有按预期工作。
当我尝试用
做同样的事情时<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<inherited>true</inherited>
<configuration>
<archive>
<addMavenDescriptor>false</addMavenDescriptor>
<manifestFile>
src/main/resources/META-INF/MANIFEST.MF
</manifestFile>
<manifest>
<addDefaultImplementationEntries>false</addDefaultImplementationEntries>
<addDefaultSpecificationEntries>false</addDefaultSpecificationEntries>
</manifest>
</archive>
</configuration>
</plugin>
其中MANIFEST.MF有以下条目
Permissions: all-permissions
Application-Name: CATS Vision
Codebase: *
Trusted-Library: true
Trusted-Only: true
为我工作。但这是针对特定的JAR。如何更新一组JAR的清单条目(我的意思是我的webstart包)?除了maven-webstart-plugin
之外还有其他插件吗?答案 0 :(得分:2)
这似乎是maven-webstart-plugin
的一个漏洞http://jira.codehaus.org/browse/MWEBSTART-224
我解决了这个问题: