United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-6595618 Intermittent problems with signed applet certificate verification
JDK-6595618 : Intermittent problems with signed applet certificate verification

Details
Type:
Bug
Submit Date:
2007-08-21
Status:
Resolved
Updated Date:
2012-08-06
Project Name:
JDK
Resolved Date:
2010-07-06
Component:
deploy
OS:
generic,windows_xp
Sub-Component:
plugin
CPU:
x86,generic
Priority:
P2
Resolution:
Fixed
Affected Versions:
5.0u16,6u2,6u4,7
Fixed Versions:

Related Reports
Backport:
Backport:
Backport:
Duplicate:
Duplicate:
Duplicate:

Sub Tasks

Description
It seems that with the current 6u5 (Consumer JRE) and 7 builds, intermittent problems with signed applets are occurring. The symptom is that the applet occasionally acts as though it is unsigned, failing in operations like querying system properties or connecting to a server which it should be allowed to. It is hard to isolate exactly when this problem was introduced, but it seems to be present in 6u5 and 7 and not in what used to be 6u3 b02.

Attached are two stack traces from the Iris application (http://swinglabs.org/iris/). One shows that the (signed) JNLPAppletLauncher, which is used to launch one of the demo's two applets (the Editor applet), is unable to fetch a system property. The other shows that the other signed applet on the page, the Toolbox applet, is unable to connect to Flickr.

These problems don't occur all of the time and seem to be present either mostly or completely on the Firefox browser.

It's unclear whether there might be a new race condition in certificate checking somehow related to the presence of the two signed applets on the page, or something similar.

Removing the Sun certificate from the accepted certificates list seems to fix the problem for the first launch after the removal (when the security dialogs are displayed), but the problem seems to occur afterward.

                                    

Comments
EVALUATION

There is a race condition may happened here, maybe it is introduced during our new thread model in 6u5, I will add synchnozied block to workaround race condition.
                                     
2007-10-04



Hardware and Software, Engineered to Work Together