Maven + jarsigner + test classes = error

Question

I have a Maven project that includes some test cases. Today I tried adding the jarsigner plugin and now the tests fail with:

java.lang.SecurityException: class "types.AccountType"'s signer information does not match signer information of other classes in the same package

The test classes are in the same package to have access to package-private methods etc. I believe that this error is happening because the junit test classes are not being signed while the classes being tested are.

Does anyone have a suggestion on how to avoid this problem? I had some ideas but don't know how to implement them:

1. Cause the testing phase to use the classes instead of the jar file.
2. Put the test classes into their own jar file and sign it.

Answer 1

I ran into this issue today and the problem is as you guessed it many years ago (signing order issue). This was the fix for me (change the phase to install):

        <plugin>
            <artifactId>maven-jarsigner-plugin</artifactId>
            <version>${maven-jarsigner-plugin.version}</version>
            <executions>
                <execution>
                    <id>sign</id>
                    <!-- note: this needs to be bound after integration tests or they will fail re: not signed -->
                    <phase>install</phase>
                    <goals>
                        <goal>sign</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <tsa>http://sha256timestamp.ws.symantec.com/sha256/timestamp</tsa>
                <keystore>${project.basedir}/.conf/Keystore</keystore>
                <alias>Alias</alias>
                <storepass>{1234}</storepass>
            </configuration>
        </plugin>

Jars are still signed and integration tests once again work.