I am working in bigbluebutton 0.8.1. I had setup the development environment in my local(ubuntu 10.04) and desktop sharing is working fine.
Later i created new bbb-desktop-applet jar, using the url https://code.google.com/p/bigbluebutton/wiki/081DevelopingBigBlueButton#Developing_Deskshare. And then moved the newly created jar to this location var/www/bigbluebutton/client in ubuntu machine and then restarted the server. I can able to create and join the room, but not able to share my desktop, getting below error. Already I added the url in exception site list in java control panel but still it is not working.i stuck up with this issue.
I'm one of the developers of BigBlueButton.
You need to sign the modified desktop sharing jar file with a valid code signing certificate (not a self-signed certificate); otherwise, the browser will give you a very strong warning (such as the above) that warns the user they are trying to run an untrusted applet.
This is not a security issue with BigBlueButton; rather, it's the absence of a valid certificate signature with your modified desktop sharing applet.
Regards,... Fred
Related
I am creating a Java webstart application which will be downloaded as JNLP and will run at the local machine. Purpose is to read some info about local files.
But the issue is I am getting a warning message for security. After adding the site address to Java control panel, the warning message went off.
I have automated this by altering the exception.sites file located in C:\Users\<username>\AppData\LocalLow\Sun\Java\Deployment\security in Windows OS.
Where this file (exception.sites) exists in LINUX and MAC machine?
The location of the exception site list is set in the deployment.user.security.exception.sites property. The default location is {deployment.user.home}/security/exception.sites.
See http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/exception_site_list.html
Also good to know: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/jcp/properties.html
We are upgrading to Oracle Forms 11gR2. After the upgrade when I open my application in Development its giving me the security warning:
"Do you want to Run this application". Publisher : Unknown.
I explored and found we have to get a signed Certificate from CA (which I believe will cost money). I tried a self-signed certificate but still it's showing the warning message. Can anybody share the steps to get and import self-signed certificate for my Application?
I know only the Development URL and having admin rights. I don't have any source code for JAR.
Java checks from a certain version (I think 1.7 u21) if everything it needs to run that is not local is secure. This mean it needs a valid certificate and not a self signed version.
If however you still want to run your java applet without the signing or a self signed version you can make exceptions in the java control panel in the security tab, there you've got a button edit site list...
If you add here the url you start fe: http://localhost:8888/forms/frmservlet?config=webutil then you can start the forms. You still need to say everything is ok to run it and not block it. But it will work.
If you're using self-signed certificate, then you can import the certificate to java and that would solve the issue.
another way is to change the java.policy file.
I'm self signing my Applet that uses the library JSSC to read a COM Port device's data however that's not enough to allow the applet to access that resource and an exception is thrown when I try to list the COM ports available, I'm testing on my https url.
First I get "Running this application may be a security risk", then it asks me if I want to block the unsafe content (mixed security), I click NO but still the JSSC library won't work.
I don't know what else to try, any advise is much appreciated.
Do you mean this applet?
What is the java version you are using?
Do you use an jnlp file (like this one)?
In the latest java update 7u51 (1.7.0_51) by default you are not able to run self signed applets anymore. So what can you do?
Use an official certificate OR
Decrease the security level in your system properties\Java\Security to medium OR
Add your page to the exception site list
Here is an overview of what changed in the latest java version. Important for you is especially the permissions Manifest attributes (because it is not set in the jssc.jar nor in the jSSC-Terminal.jar file)
Regarding the message with the mixed security could it be that you only signed your applet.jar and not the 3rd party libs (like jssc.jar)?
This is how I solved the problem:
Downloaded Eclise.
Installed this plugin: http://keytool.sourceforge.net.
Used the plugin to generate my own certificate.
Went back on Netbeans where my project was.
Brought up my project properties.
Under "Application" -> "Web Start" I checked "Enable We Start".
On "Signing" i clicked "customize".
Checked "Sign by a specified key"
Clicked "Browse" and searched for the certificate generated on Eclipse.
Entered the certificate password that I assigned on Eclipse and an Alias (any).
Kept "Mixed Code" as "Enable Software Protections".
Downgraded the machine to Java 6 (http://www.oldapps.com/java.php).
Built the project on Netbeans and it signed my jar and the JSSC.jar automatically.
Opened the Java settings and under "Advanced" I checked "Disable veritication".
Deployed the project and launch the applet page, Java displayed a security warning, I checked the box to Always Trust the publisher and the applet now works 100% and without any additional prompts.
I have a Java applet which is using the Apache commons.net API for FTP. I initially ran the applet without signing it, and it threw a
SocketException : Software caused connection abort
I looked this up online and found that my firewall was blocking my applet. So, to confirm this, I disabled my firewall and ran the applet. It worked fine.
Then, I followed the instructions given in another site to self-sign the applet using nnetbeans:
Project Properties -> Enable Web start -> Self-sign using generated key
Still, the same error persists. I can't find anything that explains this particular error.
I have an applet running in jnlp. My single jar file is signed. I accept the permissions prompt each time the JNLP client is launched. I can obtain the BasicService but it still throws a url permission denied exception when I try to follow a URI:
file:///D:\temp\test.txt
The file is present on all the Windows client machines I've tried and there are no security issues with opening it.
The issue happens when using a 32 or 64-bit JRE on the client. The server is 32-bit but I would think this irrelevant. The only clue (or red-herring perhaps) is that I get no security exception when the client and server are on the same host. If I use a remote client then I get the exception.
Whilst I needed to include the jnlp.jar file to compile the code, I assume it is not needed on the client if run using Java WebStart.
What else might you need to know? What else should I try?
Later that day...
Now this may or may not be a bug, it may be something wrong with the parameters in my jnlp file but I suspect that I'm using the wrong approach. Just to reitterate I'm trying to open a file:// url.
Here is what I am now doing:
I assumed that the Desktop facilities were only available in a Desktop Application - not an applet. I was wrong (and the documentation is scant - even on this hallowed site the only reference tells me to use JNLP Services for an Applet and Desktop for an Application) - Wrong (thankfully)
So you can use Desktop (having first checked that Desktop.isDesktopSupported() of course) in an applet - as long as you are running through WebStart not embedded as an applet.
I would propose the following approach to anyone.
See if Desktop is supported and use that.
Desktop.getDesktop().open(file);
If not then see if you can get the Basic JNLP Service.
BasicService bs = (BasicService)ServiceManager.lookup("javax.jnlp.BasicService");
and if that is available the use it with boolean openedOK = bs.showDocument(url);
Finally resort to the applet API.
AppletContext context = applet.getAppletContext();
context.showDocument(url, targetFrame);