You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@airavata.apache.org by Heejoon Chae <he...@cs.indiana.edu> on 2014/02/03 08:40:31 UTC
Re: Authentication required when XBaya JNLP used.
Hi Saminda,
The JNLP(XBaya) security issue also happens in Windows. It seems last time
when I checked this in Windows, I added the our web server as trusted site,
so it didn't give error messages and this is not ideal solution(this even
still gives error on MAC).
This time the XBaya give same error meesge saying "cannot run application"
as I mentioned before and also saying "Permission attributes is missing in
manifest in main jar...".
I digged a little bit more and found JAR security related manual saying "If
the Security Level slider in the Java Control Panel is set to Very High or
High, the Permissions attribute is required in the main JAR file for the
RIA. If the attribute is not present, then the RIA is blocked." from below
site.
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions
Since the default JAVA security level is High in Java 7, the JNLP based
application(XBaya) seems to be blocked even though I signed all jars with
trusted certificates.
So, I guess putting Permission attributes in manifest file is worth to try
to solve this problem.
Could you simply put the Permission attributes( 'Permissions:
all-permissions') to menifest file and rebuild the jars?
Thank you,
Heejoon.
Following is error message I got.
java.lang.SecurityException: Missing required Permissions manifest
attribute in main jar:
http://epigenomics.snu.ac.kr/temp/mmia_web_test/xbaya_jnlp/lib/airavata-xbaya-gui-0.10.jar
at com.sun.deploy.security.DeployManifestChecker.verifyMainJar(Unknown
Source)
at com.sun.deploy.security.DeployManifestChecker.verifyMainJar(Unknown
Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
On Mon, Jan 20, 2014 at 3:51 PM, Saminda Wijeratne <sa...@gmail.com>wrote:
> Please feel free to reply back if you do find another way to solve it. Few
> of the forums I looked at mentioned adding the url to the list of java
> security exceptions which apparently not a full proof way in your case.
> Thanks for raising these issues in the mailing list Heejoon. This will
> definitely benefit other users.
>
>
>
> On Sun, Jan 19, 2014 at 9:26 PM, Heejoon Chae <he...@cs.indiana.edu>wrote:
>
>> Okay,
>>
>> This only happens on Mac with recent JRE(51). I could run without error
>> and without authentication pop up on Window.
>>
>> One way to avoid this on Mac is lower the default security level as (High
>> -> Medium) which seems not ideal solution.
>> I hope there is another way to work around this.
>>
>> Thank you,
>> Heejoon.
>>
>>
>>
>> On Mon, Jan 20, 2014 at 4:12 AM, Suresh Marru <sm...@apache.org> wrote:
>>
>>> is this on a Mac? OS X has been nasty with changing these behaviors
>>> rapidly (as a mitigation to security exploits).
>>>
>>> Suresh
>>>
>>> On Jan 19, 2014, at 1:46 PM, Saminda Wijeratne <sa...@gmail.com>
>>> wrote:
>>>
>>> > I'm still not able to reproduce the issue. Probably because I'm using
>>> java 1.6. Is it possible for you to check with java 1.6 or 1.7?
>>> >
>>> > Upon googling I saw similar problems were present due to self signed
>>> certificates. But since you didn't have the problem earlier before the
>>> authentication issue I unable to pinpoint where the problem could be.
>>> >
>>> >
>>> > On Sat, Jan 18, 2014 at 11:10 PM, Heejoon Chae <he...@cs.indiana.edu>
>>> wrote:
>>> > First I click the JNLP it shows downloading application.
>>> >
>>> > Then shows the security warning saying "Do you want to run this
>>> application" pops up.
>>> >
>>> > Then, I check accept and click Run then the error comes in.
>>> >
>>> > I am using recent version of JRE (51) and to avoid block by security
>>> setting of recent default setting of JRE, I added
>>> http://biohealth.snu.ac.kr as exception site through JAVA control panel.
>>> >
>>> > Thank you,
>>> > Heejoon.
>>> >
>>> >
>>> >
>>> > On Sun, Jan 19, 2014 at 3:52 PM, Saminda Wijeratne <sa...@gmail.com>
>>> wrote:
>>> > I was able to run the jnlp you sent without the authentication issue
>>> or any other error. Can you tell me at what point or what you were doing in
>>> XBaya when you got this error?
>>> >
>>> >
>>> > On Sat, Jan 18, 2014 at 10:33 PM, Heejoon Chae <he...@cs.indiana.edu>
>>> wrote:
>>> > Thank you for the quick answer.
>>> >
>>> > Now I get new error like attached figure and below. Did I miss
>>> something? I also attached my JNLP as well.
>>> >
>>> > java.lang.SecurityException: Missing required Permissions manifest
>>> attribute in main jar:
>>> http://biohealth.snu.ac.kr/biovlab_mmia_ngs/xbaya_jnlp/lib/airavata-xbaya-gui-0.10.jar
>>> > at
>>> com.sun.deploy.security.DeployManifestChecker.verifyMainJar(Unknown Source)
>>> > at
>>> com.sun.deploy.security.DeployManifestChecker.verifyMainJar(Unknown Source)
>>> > at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
>>> > at com.sun.javaws.Launcher.run(Unknown Source)
>>> > at java.lang.Thread.run(Thread.java:744)
>>> >
>>> >
>>> > Thank you,
>>> > Heejoon.
>>> >
>>> >
>>> > On Sun, Jan 19, 2014 at 2:53 PM, Saminda Wijeratne <sa...@gmail.com>
>>> wrote:
>>> > Please find Chathuri's blog entry[1] which explains how to fix this,
>>> >
>>> > 1.
>>> http://chathuriwimalasena.blogspot.com/2013/08/getting-rid-of-extra-authentication.html
>>> >
>>> >
>>> > On Sat, Jan 18, 2014 at 6:55 PM, Heejoon Chae <he...@cs.indiana.edu>
>>> wrote:
>>> > Hi, Saminda,
>>> >
>>> > I will just attached my JNLP and keep the server running, so you can
>>> check with it.
>>> >
>>> > Thank you!
>>> > Heejoon
>>> >
>>> >
>>> > On Sat, Jan 18, 2014 at 4:12 PM, Saminda Wijeratne <sa...@gmail.com>
>>> wrote:
>>> > This is interesting... does this get popped up before XBaya get
>>> launched? i.e. during the file download/verification step of the webstart?
>>> >
>>> >
>>> > On Fri, Jan 17, 2014 at 10:42 PM, Heejoon Chae <he...@cs.indiana.edu>
>>> wrote:
>>> > Hi,
>>> >
>>> > I am using JNLP based XBaya and whenever I launch, it keep show
>>> authentication dialog as attached figure. I know if I check 'save', it will
>>> not ask anymore, but can I just remove that process?
>>> >
>>> > The XBaya is still launched even I clicked 'cancel'.
>>> >
>>> > Is there ways I can remove that dialog?
>>> > I tried to give options through JNLP like below
>>> >
>>> > <argument>-registryUserName</argument>
>>> > <argument>admin</argument>
>>> > <argument>-registryPassphrase</argument>
>>> > <argument>admin</argument>
>>> >
>>> > but it doesn't work.
>>> >
>>> >
>>> > Thank you,
>>> > Heejoon.
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >
>>>
>>>
>>
>