All geek questions in one place

Applet closes automatically

I have a very strange thing with my java application. Thus, the problem is that it sometimes closes after 30-60 seconds of operation.

The specifics of the situation are as follows:

  • The application actually starts in the applet settings, the applet downloads the main jar of the application, saves it to disk, and then launches the real program using reflection. The applet box is signed, the application ATM is not signed, so I had to redefine the security manager. The code is as follows:

    System.setSecurityManager(new SecurityManager() { @Override public void checkPermission(Permission p) {} }); URLClassLoader loader = new URLClassLoader(new URL[] {mainJarFile.toURI().toURL()}, this.getClass().getClassLoader()); Class<?> app = Class.forName("launch.App", true, loader); Method start = app.getDeclaredMethod("start", URL.class, URL.class); start.invoke(app.newInstance(), codeBase, documentBase);

  • A failure only occurs when the applet is launched through a Citrix connection to terminal servers.

  • A crash is not, in fact, a crash. In the log file, I see that the shutdown is completed, as with a normal shutdown.

  • If the applet is running with the java console open and the trace parameter is enabled, I see the following message before shutting down:

     security: JSS is not configured network: Connecting https://javadl-esd-secure.oracle.com/update/baseline.version with proxy=HTTP @ FWR200/192.168.0.246:8080

  • After starting the shutdown hook, the application seems to still be working, and I see exceptions like these in the log:

     2012.11.13 16:20:07.171 | def.pR.run:1639 | class java.lang.NullPointerException : null sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source) java.security.AccessController.doPrivileged(Native Method) sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source) sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) ... // so on, the exception seems to happen in completely regular app code

  • And finally, such a problem did not arise until these Citrix servers started using Java 7 (in particular, java 7 update 9) instead of Java 6 . Lowering java is not like an option.

I am completely lost here. Can someone at least give me some pointers to solve this problem? What could be the reason? Is there a way around these issues?

+4
source share
2 answers

Firstly, I hope that you authenticated the downloaded application correctly before launching it (by downloading it via SSL or verifying it using digital signature, in which case you can also sign the bank).

To the problem. It can be easy because you are working in the JVM applet. The life cycle of the jvm applet is determined by the browser. So, if you still want to use the applet as a launcher, then paste some debugging results into the Applet.destroy() , Applet.stop() methods of your applet subclass and see if this is related to disconnection.

Another solution might be to run it using Java Webstart. This is truly the best way to run Java applications from the Internet.

+1
source

Security admin override: doesn't that mean you really circumvented the whole Java applet security concept ? Publishing an applet that disables the security manager and then loads another application as a really bad idea for me, especially if you don't have the same security checks as Java applets. If someone manages to grab this applet, they can probably use it to download the exploit code from their website, and you can revoke your certificates.

Around Java 7u7, a major security issue has been fixed:

But it has not yet been fully fixed in 7u7:

And in fact there is another one that has not yet been fixed:

Perhaps one of these changes affected your security admin level?

0
source

Source: https://habr.com/ru/post/1446449/

More articles:


All Articles