I am pursuing trying to launch a Java Webstart JNLP program without striking fear into the hearts of those that use it.
I have a valid certificate and keystore, and launching the JNLP confirms that the certificate side is all OK.
However, like many I seem to be getting the message "Althought the application has a digital signature, the application's associated file(JNLP) does not have one. A digital signature ensures that a file is from the vendor and that it has not been altered."
Reading the JNLP Spec (JSR-56) Section 5.4.1 SIGNING OF JNLP FILES states:
A JNLP file can optionally be signed. A JNLP Client must check if a signed version of the JNLP file
exists, and if so, verify that it matches the JNLP file that is used to launch the application. If it does not
match, then the launch must be aborted. If no signed JNLP file exists, then the JNLP file is not signed,
and no check needs to be performed.
A JNLP file is signed by including a copy of it in the signed main JAR file. The copy must match the JNLP file used to launch the application. The signed copy must be named:JNLP- INF/APPLICATION.JNLP. The APPLICATION.JNLPfilename should be generated in upper case, but should be recognized in any case. The signed JNLP file must be compared byte-wise against the JNLP file used to launch the application. If the two byte streams are identical, then the verification succeeds, otherwise it fails. As described above, a JNLP file is not required to be signed in order for an application to be signed. This is similar to the behavior of Applets, where the Applet tags in the HTML pages are not signed, even when granting unrestricted access to the Applet And I confess much of the paragraph isn't exactly clear to a newbie like me.
So maybe this is extremely basic - but where exactly should the JNLP-INF/APPLICATION.JNLP go ?
I am using eclipse, and I have about 25 jars (ext and lib). Is JNLP-INF some standard folder name and location? My manifest.mf is located in a "build" folder where my ant resides. I have tried copying my jnlp as APPLICATION.JNLP into this directory, but that did not resolve the JNLP not signed message.
I have also created a folder called JNLP-INF where the main class is (and therefore I thought would be signed in the jar) but... no go.
Very frustrating but luckily not a huge deal or priority, I have many more things to learn so JAVA will keep me plenty busy for years to come
JavaWS: Version 6.0.260.2
JavaJRE: Version 1.6.0_26
I was receiving a stack trace error
Caused by: java.lang.SecurityException: Unable to create temporary file
at java.io.File.checkAndCreate(Unknown Source)
at java.io.File.createTempFile(Unknown Source)
at java.io.File.createTempFile(Unknown Source)
... 27 more
which led me to this thread.
I added the folder/jnlp file to my jar and signed it as indicated in the thread.
I still have the problem.
The stack trace starts out as a POIXMLException indicating unable to create a temporary file.
Now I do not get this error when running my application inside of Eclipse or when I run the application jar file directly.
Any help would be appreciated.
And I have checked the POI forums. As far as I can tell all of the external jars I need are up to date.
I believe they must be since the app does work except when launched by a jnlp file.
I'm just guessing, but I don't see any connection to the original problem in this thread.
The stack trace looks like there's a problem in creating a temporary file somewhere, most probably connected to a log file of some kind (see the org.apache.xmlbeans.impl.common.XBeanDebug.log line in the stack trace). It is possible that running your application via JNLP gives it a different security context than running it as a jar file or from IDE. My advice would be to try to figure out what file/directory is the XBeanDebug class trying to write to and verify its permissions, and perhaps also review security settings of your Java installation (if you're on Windows, it's the Java Control Panel).
My apologies. The connection to the thread is that I tried including the jnlp in my app and it didn't solve the problem.
The permission problem seems to be in creating an excel 2007 workbook (POI XSSF) in the users My Documents folder.
And your analysis is in line with my companies IT department but I function as a 'maverick' and have to figure these
things out on my own.
I'll check my java install security settings.
It's a most annoying problem since excel 2003 workbooks (POI HSSF) don't have this problem. Most likely OOXML related.
I have a java application which uses POI XSSF to read and write excel 2007 workbooks to the users 'My Documents' folder.
The application functions as designed when run through eclipse, dos batch file launch or directly (double clicking on the app jar file).
It does not work correctly when launched through jnlp. The final stack trace shows it is a security issue: unable to write temporary file
The jnlp is initiated from my pc. This runs the app jar file which is located on a secured network directory.
or jnlp --> main jar
Note: I have security set to all-permissions in the jnlp.
The solution was to create another java app which, by using dos commands, launches the desired app jar.
So I have jnlp --> intermediate jar --> main jar