Menu
I am using Mac 10.7 running Java 1.7.0_21. I am trying to run a Java applet application that is signed and towards the end of the application I get a mixed mode security popup saying "Block potentially unsafe components from being run?". All the jars that I am using are signed.
I am able to run the same applet application on Mac 10.6 running Java 6 and I don't get the mixed mode warning. I am also able to run the application on windows without the mixed mode warning coming up.
Why do I get this keep getting this error when all my jars are signed?
I googled mixed mode warning and found this link.
http://docs.oracle.com/javase/6/docs/technotes/guides/jweb/mixed_code.html#manifest
and after reading this link, I am a little confused. According to this link it looks like I need to have either "Trusted-Only" or "Trusted-Library" attribute mentioned inside my manifest file. I looked at my manifest file and they don't have these attributes so should I put them in or just the fact that the jars is signed should have been enough.
Can someone please help me understand why I am getting this error even when everything is signed?
499
Re-launch the web browser. Go to the Java applet. When the "Security Warning" window asking "Do you want to run this application?" appears, if there is a "I accept the risk and want to run this app." option, checkmark it ON first then --> Click the "Run" button. The Java applet should load OK now.
In the Java Control Panel, click on the Security tab. Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser. Click Apply.
Control Panel - JAVA - Security Tab or on Home screen you will see the option to add the website. Once you add the website you will get security pop ups just select allow or yes and your error will be fixed.
Setting the Security levels through the Java Control PanelIn the Java Control Panel, click on the Security tab. Select the desired Security level. Click Apply. Click OK to save changes made to the Java Control Panel.
Update 21 of Java 7 is a strong security update that brings a certain number of breaking changes.
You should have a look to its release notes, there are two paragraphs and two known issues related to signed jars.
Your problem consists in this one:
Area: deploy/plugin
Synopsis: Security popup while closing application
Starting in JDK 7u21, JavaScript code that calls code within a signed applet running with all permissions is treated as mixed code and warning dialogs are raised if the signed JAR files are not tagged with the
Trusted-Library=trueattribute. See Mixing Code With Permissions and Code Without Permissions(doc link)'.For a signed applet running with all permissions to JavaScript call, no security dialog (with mixed code warning) should pop up. However mixed code warning is being shown in some scenarios.
The good news: there is a workaround:
As a workaround, if the applet jar is running with all-permissions and uses "Trusted-library:true" attribute as manifest entry, the mixed code warning will not popup.
177
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
