尝试打开沙盒jar作为可信代码,但jar已正确签名

时间:2017-06-02 09:48:08

标签: java code-signing java-web-start

我在使用Java Web Start应用程序时遇到了一种非常奇怪的行为。

在一台特定的机器上(Windows 7 64位,java SE运行时环境(版本1.7.0-b147)),应用程序拒绝启动以下错误:

attempted to open sandboxed jar https://example.com/jnlp/lib/LHC.jar as Trusted-Code

该文档表明此特定jar包含"不可信任的组件"。我不知道什么是不受信任的组件,但经过一些搜索后,它似乎表明它与未在jar中签名的特定类或资源相关联。

因为我使用jarsigner实用程序得到了这个结果,所以情况并非如此:

s       6501 Fri Jun 02 11:12:50 CEST 2017 META-INF/MANIFEST.MF
        6359 Fri Jun 02 11:12:50 CEST 2017 META-INF/COMPANYBE.SF
        4115 Fri Jun 02 11:12:50 CEST 2017 META-INF/COMPANYBE.RSA
        0 Fri Jun 02 11:12:02 CEST 2017 META-INF/
        0 Fri Jun 02 11:12:02 CEST 2017 META-INF/maven/
        0 Fri Jun 02 11:12:02 CEST 2017 META-INF/maven/com.companygroup/
        0 Fri Jun 02 11:12:02 CEST 2017 META-INF/maven/com.companygroup/TestConnector/
        0 Fri Jun 02 11:12:02 CEST 2017 conf/
        0 Fri Jun 02 11:12:02 CEST 2017 Elevation/
        0 Fri Jun 02 11:12:02 CEST 2017 com/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/entity/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/gui/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/exception/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/server/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/server/http/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/actions/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/actions/list/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/main/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/thread/
        0 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/util/
        0 Fri Jun 02 11:12:02 CEST 2017 JNLP-INF/
        0 Fri Jun 02 11:12:02 CEST 2017 images/
        0 Fri Jun 02 11:12:02 CEST 2017 unlimitedJCE/
        0 Fri Jun 02 11:12:02 CEST 2017 unlimitedJCE/UnlimitedJCEPolicyJDK8/
        0 Fri Jun 02 11:12:02 CEST 2017 unlimitedJCE/UnlimitedJCEPolicyJDK7/
        0 Fri Jun 02 11:12:02 CEST 2017 modules/
sm     14850 Fri Jun 02 11:12:02 CEST 2017 META-INF/maven/com.companygroup/TestConnector/pom.xml
sm       119 Fri Jun 02 11:12:02 CEST 2017 META-INF/maven/com.companygroup/TestConnector/pom.properties
sm     19759 Fri Jun 02 11:12:02 CEST 2017 conf/axis2.xml
sm      1108 Fri Jun 02 11:12:02 CEST 2017 Elevation/elevate.cmd
sm      4023 Fri Jun 02 11:12:02 CEST 2017 Elevation/elevate.vbs
sm      1565 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/entity/LHCSeries_Instance.class
sm       452 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/entity/RefStatus.class
sm      2259 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/entity/RefStatus$Status.class
sm      6239 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/entity/LHCSeries_Transfer.class
sm      1880 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/entity/TransferType.class
sm      2367 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/gui/JWSTrayIcon.class
sm       916 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/gui/JWSTrayIcon$1.class
sm       870 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/exception/SystemTrayUnsupportedException.class
sm      1404 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/server/http/HttpServer$DefaultTempFileManagerFactory.class
sm      3633 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/server/http/HttpServer$ClientHandler.class
sm     10900 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/server/http/HttpServer.class
sm      1715 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/server/http/HttpServer$MimeType.class
sm       263 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/server/http/HttpServer$1.class
sm      1506 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/actions/list/ListFiles$1.class
sm     15039 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/actions/list/ListFiles.class
sm      3100 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/main/ServiceMessageContainer.class
sm       652 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/main/ServiceMessage.class
sm      1739 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/main/TransferProgressUpdateMessage.class
sm     17313 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/main/Main.class
sm       742 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/main/Main$1.class
sm      1922 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/thread/CompanyThreadManager.class
sm     21190 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/thread/LHCSeries_TransferThread.class
sm      3101 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/thread/LHCSeries_TransferThread$1.class
sm       862 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/thread/LHCSeries_TransferThread$2.class
sm     14261 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/thread/JobUpdaterThread.class
sm      6683 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/util/SevenZipUtil.class
sm      2612 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/util/SevenZipUtil$MyBZ2CreateCallback.class
sm      2343 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/util/SevenZipUtil$MyExtractCallback.class
sm      5733 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/util/CompanyConfiguration.class
sm      2071 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/util/SevenZipUtil$MyBZ2TARExtractCallback.class
sm      2328 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/util/SevenZipUtil$MyBZ2TARExtractCallback$1.class
sm      2796 Fri Jun 02 11:12:02 CEST 2017 com/companygroup/companyclient/util/SevenZipUtil$MyExtractCallback$1.class
sm      3864 Fri Jun 02 11:12:02 CEST 2017 STAR_companygroup_com2.jks
sm      3128 Fri Jun 02 11:12:02 CEST 2017 keystore.jks
sm      5413 Fri Jun 02 11:12:02 CEST 2017 JNLP-INF/APPLICATION_TEMPLATE.jnlp
sm      1804 Fri Jun 02 11:12:02 CEST 2017 truststore.jks
sm       636 Fri Jun 02 11:12:02 CEST 2017 images/bulb.gif
sm      1656 Fri Jun 02 11:12:02 CEST 2017 log4j.properties
sm      3023 Fri Jun 02 11:12:02 CEST 2017 unlimitedJCE/UnlimitedJCEPolicyJDK8/US_export_policy.jar
sm      3035 Fri Jun 02 11:12:02 CEST 2017 unlimitedJCE/UnlimitedJCEPolicyJDK8/local_policy.jar
sm      2487 Fri Jun 02 11:12:02 CEST 2017 unlimitedJCE/UnlimitedJCEPolicyJDK7/US_export_policy.jar
sm      2500 Fri Jun 02 11:12:02 CEST 2017 unlimitedJCE/UnlimitedJCEPolicyJDK7/local_policy.jar
sm      4149 Fri Jun 02 11:12:02 CEST 2017 STAR_companygroup_com2.pkcs12
sm      9657 Fri Jun 02 11:12:02 CEST 2017 modules/rampart-1.6.2.mar

如果我在我的jar的manifest.MF中删除Trusted-Only:true,我会收到以下错误:

java.lang.SecurityException: attempted to open sandboxed jar https://example.com/jnlp/lib/bcprov-jdk15on.jar as a Trusted-Library

在bouncycastle提供商上用我的证书重新签名。

这个罐子也根据jarsigner正确签名。

我很茫然,不知道如何从这里前进。

1 个答案:

答案 0 :(得分:-1)

用户面临类似的问题。请参考

Some users gets Security Exception: Attempted to to open a sandboxed jar as a Trusted-Library

Security Exception: Attempted to to open a sandboxed jar as a Trusted-Library

相关问题
最新问题