I was working with some encryption and SSL handshake errors and I found that the fix was to place new UnlimitedJCEPolicy files in my java7. Two files namely local_policy.jar and US_export_policy.jar needs to be replaced. I don't have write permissions for java folder in my local machine. How can I refer them externally? I would like to add them in eclipse run configuration in arguments tab.
You can refer this link for some more ideas: How to avoid installing "Unlimited Strength" JCE policy files when deploying an application?
But I think the easiest way should be get write permission in your local machine, it will save you lots of time
Related
I am trying to install a jar library in the default server in Web Sphere liberty IBM, I already tried putting it in the folder: ..\wlp\lib but the server doesn't recognize it.
I donĀ“t knoe if I need a xml configuration or some thing like this.
any idea that I may be doing wrong?
the library that i wanna put in the server is: com.ibm.ws.webservices.thinclient_8.5.0.jar
The wlp/lib directory is intended for Liberty feature bundles. If you want to install a JAR file that can be loaded by multiple applications, you will need to create a shared library. Instructions for creating shared libraries are available here: https://www.ibm.com/support/knowledgecenter/SSEQTP_liberty/com.ibm.websphere.wlp.doc/ae/twlp_classloader.html
It is also possible to install a JAR file that can be loaded without needing to make any configuration changes - this is called the global shared library. To make that work, you would need to copy the JAR file to the wlp/usr/servers//lib/global or wlp/usr/shared/lib/global directories. More info here: https://www.ibm.com/support/knowledgecenter/SSEQTP_liberty/com.ibm.websphere.wlp.doc/ae/twlp_classloader_global_libs.html
There are other ways to add JARs to make them available to applications and/or the Liberty runtime called user features and product extensions, but that probably goes beyond what you are looking for. If you want more information on these approaches, you can find them here: https://www.ibm.com/support/knowledgecenter/SSEQTP_liberty/com.ibm.websphere.wlp.doc/ae/twlp_feat_develop.html
For reasons outside my control, I am not allowed to edit the Jre and add the two jce jars to it. Is there anyway I can tell my config server when it starts up that the location of those two jar files is in a custom location?
I have tried the following option-
Added it in the root of application directory.
But. Spring is not able to pick it up.
Thank you in advance.
Not that I know of. This is not a config server problem, but a JRE problem. Later version of the JRE ship with JCE policy files and later even still it's enabled by default https://golb.hplar.ch/p/JCE-policy-changes-in-Java-SE-8u151-and-8u152
It's not a JRE problem (you need to copy the two jce jars to JRE security library. The Oracle website already described the procedure. However, I guess the question was asking, how to do so to the embedded tomcat within a spring boot application.
Read this post for further informations.
I have a Java 8 Wep App on Azure.
I am using the default JRE build in application settings for the webapp. I am running on Tomcat.
I am having trouble installing Java Cryptography Extension to handle some encryption. I dont have access to Java Home to install it, I can only upload the WAR files to web app.
Does anyone know how to install JCE on Azure?
Thanks!
Fab
For people who are still having trouble with this I share my solution by example:
Copy JDK from D:\Program Files (x86)\Java\jdk1.8.0_111 to D:\home\site\jdk1.8.0_111
Download and extract jce policy files from: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
copy files local_policy.jar and US_export_policy.jar to D:\home\site\jdk1.8\jre\lib\security (replace existing files)
Set application setting in Azure portal: JRE_HOME = D:/home/site/jdk1.8.0_111/jre
Now the JDK has JCE enabled. The "Java minor version" selected in the Azure portal is no longer used or this App Service.
On Azure Webapp, you only have the operation permission for the path D:\home\, but no permission for the others include %JAVA_HOME% and Apache Tomcat at the path D:\Program Files (x86)\.
Generally for using some packages, you can directly import these jar files into the directory WEB-INF\lib of the project or the war file. This way is only effective for the current project, and it's safe for the others to avoid clash.
For the file structure of the path D:\home, you can refer to the wiki page https://github.com/projectkudu/kudu/wiki/File-structure-on-azure to know.
However, according to the doc README.txt in the JCE, it seems to be not possible for installing on Azure Webapp, so I think you can try to use other cryptography packages instead of JCE for your app, such as apache commons codec.
In a recent project it was necessary to make adjustments to the java.policy of the IBM Notes Client (9.0.1). You may find the java.policy in a directory similar to:
C:\Program Files\IBM\Domino\jvm\lib\security\
I've added the following line to the main grant{}-block:
permission java.lang.RuntimePermission "getenv.TIKA_CONFIG";
This adjustment must be made to all customer-clients.
My question is:
How can I deploy these changes at the customers environment? Is there a IBM Domino configuration tool or something similar?
Short: don't.
Long: the policy file will be overwritten on every install or upgrade. Create a java.pol file instead. Use LotusScript to deploy. Full instructions here: http://www.wissel.net/blog/d6plinks/SHWL-8JYAT5
We currently have an Java application that can be deployed on clients or run as a shortcut from the server. We have intermittently received ClassNotFound exceptions when running the JAR from the server which looks like Windows dropping the network connection with only part of the classes from the JAR loaded (user opens a different screen then the problem is apparent).
I am currently looking at the Web Start technology to allow us to run a single shortcut.
However the application has several folders it requires to be in the same folder the JAR is launched (for configuration, logs, etc.). These folders will require full access for all users to allow them to write log files. There are lots of configuration files under the configuration folder hierarchy.
The application also requires access to environment user settings (such as getting their user folder). It also requires certain command line parameters (including which folder to use for configuration, log file location, java memory usage, etc.)
Edit
The application also contains a reference to 2 signed JARs. These are:
jh.jar
mail.jar
It looks like these are signed by SUN Microsystems. jh is used for help integration in our application whilst mail is used for email integration.
I have now downloaded the latest versions of these files from java2s.com which do not have the signed equivalents.
end edit
The application is developed in Netbeans which compiles a single JAR file and copies the dependant JARs to the dist/lib folder. I enabled the Web Start functionality in Netbeans for the application and it generates the JNLP file.
Bearing everything in mind is Web Start the way to go for an application like this?
Can you include folders in a Web Start deployment? I could not find anything to do this in the XML structure for a JNLP file.
Cheers,
Andez
Yes, you could use WebStart for this.
Permission:
If you need permission to the file system, you have to sign your jars and put the all-permissions tag in your jnlp.
Arguments:
Arguments can be provided by using the arguments elements in application_desc.
Folders:
I'm don't think you can include folders in the WebStart application, but you could put the config files in a jar and read them from there, or extract them on startup.
ClassNotFoundError:
We have intermittently received
ClassNotFound exceptions when running
the JAR from the server which looks
like Windows dropping the network
connection with only part of the
classes from the JAR loaded
Does not sound plausible to me. per default, all jars will be downloaded before the application starts. If you set "download" to "lazy", the jar will be downloaded when first needed, but I would guess it will be downloaded completly then.
You can provide read-only resources for Java WebStart. Getting the log back is harder. I would suggest looking into a centralized logging solution, using one of the standard appenders in the log framework you use.
For a Java Web Start application it is always advised not to create files or folders in the class path. Recommend user's home directory to store your settings or database files.