来自Java7& 8的清单属性的Java applet问题

时间:2015-09-15 14:56:42

标签: java applet java-security security-warning

我的应用程序将使用java applet viewer显示文档,它与Java6完美配合。从Java7及以上版本,我无法查看文档,因为applet无法加载文档。我正在使用的属性如下所述。任何人都可以向我建议所需的更改

ANT脚本:

<target name="build.applet.manifest">
    <tstamp>
        <format property="build.time" pattern="MMMM dd yyyy" />
    </tstamp>

    <manifest file="${vfiles}/work/MANIFEST.MF">
        <attribute name="Built-By" value="${user.name}" />
        <attribute name="Class-Path" value="" />
        <attribute name="Trusted-Library" value="true" />
        <attribute name="Permissions" value="all-permissions" />
        <attribute name="Codebase" value="*" />
        <attribute name="Application-Name" value="${product.cea}" />
        <attribute name="Caller-Allowable-Codebase" value="*.com *.net" />
        <attribute name="Application-Library-Allowable-Codebase" value="*" />
        <attribute name="Implementation-Vendor" value="${imp-vendor}" />
        <attribute name="Implementation-Title" value="${product.cea}" />
        <attribute name="Implementation-Version" value="${project.version} build ${buildNumber} ${build.time}" />
    </manifest>
</target>

Java控制台输出:

network: Cache entry found [url: http://11.22.33.44:8080/myapplication_penn/mudoc/image/redact-view_disabled.png, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: http://11.22.33.44:8080/myapplication_penn/mudoc/image/redact-view_disabled.png
cache: Resource http://11.22.33.44:8080/myapplication_penn/mudoc/image/redact-view_disabled.png has expired.
network: Connecting http://11.22.33.44:8080/myapplication_penn/mudoc/image/redact-view_disabled.png with proxy=DIRECT
network: Connecting http://11.22.33.44:8080/myapplication_penn/mudoc/image/redact-view_disabled.png with cookie "JSESSIONID=7567CD6257EE33B405C94F2C4B14EAE0"
network: ResponseCode for http://11.22.33.44:8080/myapplication_penn/mudoc/image/redact-view_disabled.png : 304
network: Encoding for http://11.22.33.44:8080/myapplication_penn/mudoc/image/redact-view_disabled.png : null
network: Disconnect connection to http://11.22.33.44:8080/myapplication_penn/mudoc/image/redact-view_disabled.png
cache: registerReference:com.sun.deploy.cache.MemoryCache$CachedResourceReference@a86d6866: 1
 liveconnect: Security Exception: JavaScript from             http://11.22.33.44:8080/myapplication_penn/daeja/show?CwI4rkFs%2FPfsP3Iv9TKaY6kyx3ki8t4UTxVQFbMj7Bx9V7QRa%2BKhCKhvOKvd7oKUIHoTjWvV9GdnZJQzjDR%2FNtR6%2B3%2Bkud0dI%2FQIh3J%2FrSIkctHBhAiV7mkZH0uCuty0 attempted to access a resource it has no rights to. -a1> 4 ji.v1event.k$a -a1 - jiDocumentEvents 15 Sep 2015, 15:58:13, IST (000000000/000000000): Error processing : null
netscape.javascript.JSException: JavaScript error while calling "handleEvent"
            at sun.plugin2.main.client.MessagePassingJSObject.newJSException(Unknown Source)
            at sun.plugin2.main.client.MessagePassingJSObject.waitForReply(Unknown Source)
            at sun.plugin2.main.client.MessagePassingJSObject.call(Unknown Source)
            at ji.applet.support.d.a(Unknown Source)
            at ji.applet.support.d.a(Unknown Source)
            at ji.applet.ViewONE_AppletImpl.a(Unknown Source)
            at ji.applet.ViewONE_AppletImpl.b(Unknown Source)
            at ji.applet.ViewONE_AppletImpl.javaScriptUpdate(Unknown Source)
            at ji.document.t.b(Unknown Source)
            at ji.document.t.a(Unknown Source)
            at ji.v1event.k.c(Unknown Source)
            at ji.v1event.k.a(Unknown Source)
            at ji.v1event.k$a.a(Unknown Source)
            at ji.v1event.k$a.run(Unknown Source)
            at java.lang.Thread.run(Unknown Source)
            at ji.awt.y.run(Unknown Source)
network: Cache entry found [url: http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_enabled.png, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_enabled.png
cache: Resource http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_enabled.png has expired.
network: Connecting http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_enabled.png with proxy=DIRECT
network: Connecting http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_enabled.png with cookie "JSESSIONID=7567CD6257EE33B405C94F2C4B14EAE0"
network: ResponseCode for http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_enabled.png : 304
network: Encoding for http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_enabled.png : null
network: Disconnect connection to http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_enabled.png
 cache: registerReference: com.sun.deploy.cache.MemoryCache$CachedResourceReference@4b156f58: 1
network: Cache entry found [url: http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_disabled.png, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_disabled.png
cache: Resource http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_disabled.png has expired.
network: Connecting http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_disabled.png with proxy=DIRECT
network: Connecting http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_disabled.png with cookie "JSESSIONID=7567CD6257EE33B405C94F2C4B14EAE0"
network: ResponseCode for http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_disabled.png : 304
network: Encoding for http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_disabled.png :  null
network: Disconnect connection to http://11.22.33.44:8080/myapplication_penn/mudoc/image/annot-prev_disabled.png
cache: registerReference:         com.sun.deploy.cache.MemoryCache$CachedResourceReference@286491db: 1

1 个答案:

答案 0 :(得分:2)

来自Oracle Java 7 docs

  

Caller-Allowable-Codebase属性用于标识JavaScript代码可以在没有安全提示的情况下调用RIA的域。

当你从 ip:8080 调用你的applet时,你的清单中有* .com和* .net。该错误出现在日志中。

作为短期修复,您应该将您的IP包含在清单中的属性列表中。作为长期修复,您应该真正指定受信任的域并从那里运行您的applet。

仅供参考此属性已被添加,以降低您的applet被盗并从其他网站运行的风险。