I am creating a Java webstart application which will be downloaded as JNLP and will run at the local machine. Purpose is to read some info about local files.
But the issue is I am getting a warning message for security. After adding the site address to Java control panel, the warning message went off.
I have automated this by altering the exception.sites file located in C:\Users\<username>\AppData\LocalLow\Sun\Java\Deployment\security in Windows OS.
Where this file (exception.sites) exists in LINUX and MAC machine?
The location of the exception site list is set in the deployment.user.security.exception.sites property. The default location is {deployment.user.home}/security/exception.sites.
See http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/exception_site_list.html
Also good to know: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/jcp/properties.html
Related
I set up a new server windows 2012R2 in a VM machine. The latest active-mq and Apache-ant are downloaded. Oracle JDK 8u192 is used. After installation and setup of the WSO2 IoT application, I cannot enroll an android device.
I installed the WSO2IOT by following the instructions in the online documentations for version 3.3.0.
CARBON_HOME and JAVA_HOME are set up in environment variables already.
The process of steps that I go are as follows:
I start the activemq by running it inside a cmd window as instructed by the documentation.
I start broker.bat in another cmd window
I start iot-server.bat in another cmd window
I start analytics.bat in another cmd window
Everything starts and I end up with the text "Carbon .. has stared in ** milliseconds.
I open my management console on https port 9443\devicemgt and login as admin no problem.
After that I connect my galaxy A5 2016 model with android 7.0 to the same network via WiFi. Download the app via QR code from my PC screen to the mobile phone. Install the app and try to register. The IP which I enter is static in the VM and of course I add 8280 port in the wso2 management app on the phone. Then I login with admin/admin credentials which logins successfully but right after that it posts an message on the phone that it is receiving policy and here it stops. The little circle spins (loading) and nothing happens for few minutes after which I get an error "Enrollment failed. Contact the administrator. Enrollment failed." no other message or anything.
On the analytics cmd window I got the following error inside my VM:
[2018-12-20 11:00:00,037] [IoT-Analytics] ERROR {org.wso2.carbon.ntask.core.impl.TaskQuartzJobAdapter} - Error in executing task: nulljava.lang.NullPointerException
at org.wso2.carbon.analytics.spark.core.CarbonAnalyticsProcessorService.executeQuery(CarbonAnalyticsProcessorService.java:256)
at org.wso2.carbon.analytics.spark.core.CarbonAnalyticsProcessorService.executeScript(CarbonAnalyticsProcessorService.java:206)
at org.wso2.carbon.analytics.spark.core.AnalyticsTask.execute(AnalyticsTask.java:60)
at org.wso2.carbon.ntask.core.impl.TaskQuartzJobAdapter.execute(TaskQuartzJobAdapter.java:67)
at org.quartz.core.JobRunShell.run(JobRunShell.java:213)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
And that is basically it I cant move on forward from here. I tried with different java jdk versions as old as 8u144 and I tried with openJDK 8 LTSu191 to no avail.
Other things like creating policies in the devicemgt portal, creating users and browsing the portal works fine.
Did anyone encounter this issue and manage to solve it?
Thanks.
I used WM windows10. The situation fully corresponded to that described by you, with only one difference - I also had an error on the page with the preservation of policies for Android. I also saw that the default policies for windows are reflected in the platform configuration section, and the android policies are missing and cannot be saved due to the error you described. However, in the wso2 home directory I found the Android configuration file in which the default policy !!! was done.
Next, I used ADB to watch the log from the Android device, at the time of binding (enrollment). He only confirmed the previously received information. I saw a 404 http error at the time the device attempted to get a policy agreement. Point.
Unexpected outcome. I downloaded version 3.1.0 instead of the current version 3.3.0. I started the batch file. I went to the platform configuration section, to the Android configuration - the default agreement policy was displayed correctly and you can change it and save the changes. The binding procedure (enrollment) passed without problems - the policy was obtained by the device and then everything went according to official instructions. I fully realize that this is not the answer to the question you raised, but at the same time it can help with a quick start. I hope.
p.s. I tried versions 3.3.1 and 3.3.0 - in both there is a similar problem with the enrollment. Version 3.1.0 does not have this problem. Versions tested on Ubuntu and WM Windows10.
Of course it would be great if the developer representatives tell you where to dig, to use a more current version. Have a nice day.
additionaly - also good work with 3.2.0
I am working in bigbluebutton 0.8.1. I had setup the development environment in my local(ubuntu 10.04) and desktop sharing is working fine.
Later i created new bbb-desktop-applet jar, using the url https://code.google.com/p/bigbluebutton/wiki/081DevelopingBigBlueButton#Developing_Deskshare. And then moved the newly created jar to this location var/www/bigbluebutton/client in ubuntu machine and then restarted the server. I can able to create and join the room, but not able to share my desktop, getting below error. Already I added the url in exception site list in java control panel but still it is not working.i stuck up with this issue.
I'm one of the developers of BigBlueButton.
You need to sign the modified desktop sharing jar file with a valid code signing certificate (not a self-signed certificate); otherwise, the browser will give you a very strong warning (such as the above) that warns the user they are trying to run an untrusted applet.
This is not a security issue with BigBlueButton; rather, it's the absence of a valid certificate signature with your modified desktop sharing applet.
Regards,... Fred
I'm self signing my Applet that uses the library JSSC to read a COM Port device's data however that's not enough to allow the applet to access that resource and an exception is thrown when I try to list the COM ports available, I'm testing on my https url.
First I get "Running this application may be a security risk", then it asks me if I want to block the unsafe content (mixed security), I click NO but still the JSSC library won't work.
I don't know what else to try, any advise is much appreciated.
Do you mean this applet?
What is the java version you are using?
Do you use an jnlp file (like this one)?
In the latest java update 7u51 (1.7.0_51) by default you are not able to run self signed applets anymore. So what can you do?
Use an official certificate OR
Decrease the security level in your system properties\Java\Security to medium OR
Add your page to the exception site list
Here is an overview of what changed in the latest java version. Important for you is especially the permissions Manifest attributes (because it is not set in the jssc.jar nor in the jSSC-Terminal.jar file)
Regarding the message with the mixed security could it be that you only signed your applet.jar and not the 3rd party libs (like jssc.jar)?
This is how I solved the problem:
Downloaded Eclise.
Installed this plugin: http://keytool.sourceforge.net.
Used the plugin to generate my own certificate.
Went back on Netbeans where my project was.
Brought up my project properties.
Under "Application" -> "Web Start" I checked "Enable We Start".
On "Signing" i clicked "customize".
Checked "Sign by a specified key"
Clicked "Browse" and searched for the certificate generated on Eclipse.
Entered the certificate password that I assigned on Eclipse and an Alias (any).
Kept "Mixed Code" as "Enable Software Protections".
Downgraded the machine to Java 6 (http://www.oldapps.com/java.php).
Built the project on Netbeans and it signed my jar and the JSSC.jar automatically.
Opened the Java settings and under "Advanced" I checked "Disable veritication".
Deployed the project and launch the applet page, Java displayed a security warning, I checked the box to Always Trust the publisher and the applet now works 100% and without any additional prompts.
I have an applet running in jnlp. My single jar file is signed. I accept the permissions prompt each time the JNLP client is launched. I can obtain the BasicService but it still throws a url permission denied exception when I try to follow a URI:
file:///D:\temp\test.txt
The file is present on all the Windows client machines I've tried and there are no security issues with opening it.
The issue happens when using a 32 or 64-bit JRE on the client. The server is 32-bit but I would think this irrelevant. The only clue (or red-herring perhaps) is that I get no security exception when the client and server are on the same host. If I use a remote client then I get the exception.
Whilst I needed to include the jnlp.jar file to compile the code, I assume it is not needed on the client if run using Java WebStart.
What else might you need to know? What else should I try?
Later that day...
Now this may or may not be a bug, it may be something wrong with the parameters in my jnlp file but I suspect that I'm using the wrong approach. Just to reitterate I'm trying to open a file:// url.
Here is what I am now doing:
I assumed that the Desktop facilities were only available in a Desktop Application - not an applet. I was wrong (and the documentation is scant - even on this hallowed site the only reference tells me to use JNLP Services for an Applet and Desktop for an Application) - Wrong (thankfully)
So you can use Desktop (having first checked that Desktop.isDesktopSupported() of course) in an applet - as long as you are running through WebStart not embedded as an applet.
I would propose the following approach to anyone.
See if Desktop is supported and use that.
Desktop.getDesktop().open(file);
If not then see if you can get the Basic JNLP Service.
BasicService bs = (BasicService)ServiceManager.lookup("javax.jnlp.BasicService");
and if that is available the use it with boolean openedOK = bs.showDocument(url);
Finally resort to the applet API.
AppletContext context = applet.getAppletContext();
context.showDocument(url, targetFrame);
i am trying to access MQ queues using JMS. i am getting the below
java.lang.UnsatisfiedLinkError: no mqjbnd05 in java.library.path
i am passing
-Djava.library.path="C:\Program Files\IBM\WebSphere MQ\java\lib"
as the VM argument while running the program in eclipse. This issue is discussed quite a lot on the net but with out any conclusion. Has anyone resolved this? TIA.
As I had to deal with this error myself; and it took me a lot of time to find the right answer, I'd like to share it with the next one, who comes along this thread...
Actually the solution to the problem was very simple (at least in my case). It was not related to any CLASSPATH, java.library.path or installation issues.
I simply forgot to switch the MQConnectionFactory into the Client mode.
This has to be done, by simply calling
cf.setTransportType(WMQConstants.WMQ_CM_CLIENT);
or
cf.setTransportType(WMQConstants.WMQ_CM_BINDINGS_THEN_CLIENT);
or any other connection type, that fits your needs.
By default, the ConnectionFactory is in "Binding" mode (WMQ_CM_BINDINGS), which is intended for local server installations, as it is is stated in the IBM Documentation:
To connect to a queue manager in bindings mode, a WebSphere MQ classes for JMS application must run on the same system on which the queue manager is running.
This transport type is the same as the XMSC_WMQ_CONNECTION_MODE (WMQConstants.WMQ_CONNECTION_MODE) property, when using JNDI or the JmsFactoryFactory.
The same should apply to the other ConnectionFactory types: MQQueueConnectionFactory, MQTopicConnectionFactory, MQXAConnectionFactory, MQXAQueueConnectionFactory and MQXATopicConnectionFactory
Check the IMB Knowledge Center for more information about the different connection/binding options:
https://www.ibm.com/support/knowledgecenter/SSFKSJ_7.5.0/com.ibm.mq.dev.doc/q031720_.htm
https://www.ibm.com/support/knowledgecenter/SSFKSJ_7.5.0/com.ibm.mq.dev.doc/q030560_.htm
You probably have some older MQ jar files either in your CLASSPATH, in the lib or in the EAR.
Remove them and you should be fine.
You should not put MQ files in your EAR or in the WEB-INF/lib folders. They should be in the classpath of your appserver.
I came across this while connecting using IBM MQ api.
I didn't find this issue to be related to classpath either.
This happened to me when I instantiated MQQueueManager before setting MQEnvironment's hostname and channel.
Just ensure that your code does not do that and that it instantiates the manager after the environment is set. Something like..
MQEnvironment.hostname = "mq hostname";
MQEnvironment.channel = "mq channel";
..more code..
this._queueManager = new MQQueueManager(qManager);
(Observed that it's OK to set MQEnvironment.port after MQQueueManager is initialized, but one would probably initialize everything related to MQEnvironment together)
This can happen if you actually installed MQ Client instead of MQ Server.
IBM has even written a whole help page about it:
WebSphere MQ Client installation missing mqjb*.dll files
Problem(Abstract)
You install the WebSphere MQ Client and notice three dll's are missing from the \Program Files\IBM\WebSphere MQ\Java\lib\ directory.
Symptom
The following dlls appear in the directory on a server install, but are not part of the Java™ client:
03/17/2003 10:59a 19,456 mqjbdf02.dll
03/17/2003 10:59a 57,856 mqjbnd05.dll
03/17/2003 10:59a 36,864 MQXAi02.dll
The subdirectory \jdbc\ appears on the server, but not on the client machine.
03/17/2003 10:59a 61,440 jdbcdb2.dll
03/17/2003 10:59a 61,440 jdbcora.dll
Cause
The files are missing because they are not provided nor needed in a client install.
Resolving the problem
The files are only included in the WebSphere MQ Server product.
Here is an easy recipe: Tell the Java VM to Load the DLL. Is your code similiar, e.g. do you use System.loadLibrary to load mqjbnd05.dll?
If yes - does it work outside eclipse, like starting the application from the command line? If this is the case, you could try starting the whole eclipse IDE with that library path.
And sometimes we have trouble with pathnames that contain spaces. Copy the dll to C:\, put that on the lib path and try again.
Ah, that's the problem, the specified dll is missing. This blog has a solution. Good luck!
In my case when I set the transport type , the error goes away. I was using MQConnectionFactory
mQQueueConnectionFactory.setTransportType( JMSC.MQJMS_TP_CLIENT_MQ_TCPIP);