JDK-5109575 : Authenticating Proxy causes NoSuchMethodError when using pre-1.4 jre's
- Type: Bug
- Component: deploy
- Sub-Component: webstart
- Affected Version: 5.0
- Priority: P2
- Status: Resolved
- Resolution: Fixed
- OS: windows_xp
- CPU: x86
- Submitted: 2004-09-30
- Updated: 2004-10-13
- Resolved: 2004-10-12
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| Other | JDK 6 |
|---|---|
| 5.0u1Fixed | 6 b08Fixed  |
Description
Name: gm110360 Date: 09/30/2004
FULL PRODUCT VERSION :
java version "1.5.0-rc"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-rc-b63)
Java HotSpot(TM) Client VM (build 1.5.0-rc-b63, mixed mode, sharing)
ADDITIONAL OS VERSION INFORMATION :
Windows XP Service Pack2
EXTRA RELEVANT SYSTEM CONFIGURATION :
Internet access by HTTP Proxy with basic authentication
A DESCRIPTION OF THE PROBLEM :
Tried to launch ArgoUml
http://argouml.tigris.org/files/documents/4/0/argouml-0.16.1/jws/argouml-en.jnlp
with Java Web Start 1.5.0rc. Downloaded all necessary files
(proxy log shows that) and then nothing happened.
Application wants all permissions, so next a security warning should pop up.
But it never pops up.
If I choose "direct internet connection" in preferences of Application Manager
of Java Web Start, and then launch ArgoUML again, this time a
Security Warning pops up, telling me, that the certificate could not be verified and the application cannot be started. This is not the usual security warning, where I can accept the certificate or deny it.
Here it tells me, that there is an invalid RSA modulus size.
Testing the launch on another computer with 1.4.2_05 installed, it works,
no such certificate exception occurs.
To summarize, there are two possible bugs:
1. Security warning is not shown, if proxy with basic auth is used
(Here launch stops without any further message).
2. Certificate is not validated, and exception "Invalid RSA modulus size" occurs.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Use a http proxy with basic authentication on.
2. Launch http://argouml.tigris.org/files/documents/4/0/argouml-0.16.1/jws/argouml-en.jnlp
(will download all files, but does not anything else)
3. Set direct internet connection in.
4. Launch http://argouml.tigris.org/files/documents/4/0/argouml-0.16.1/jws/argouml-en.jnlp
(will show a security warning with exception "Invalid RSA modulus size".)
5. Launch with j2sdk1.4.2_05
(works as expected).
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Launches application.
ACTUAL -
Does not launch application. Stops without any warning, or (with direct internet
connection) shows a warning about invalid certificate.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
In the "direct connection" case:
(Sorry, it was not possible to copy paste).
java.security.CertificateParsingException: java.io.IOException: subject key, Unknown key spec: Invalid RSA modulus size.
Stack trace shows last position, where javaws is used:
com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess
com.sun.javaws.LaunchDownload.checkSignedResourcesHelper
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
not needed.
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Use j2sdk1.4.2 to launch.
(Incident Review ID: 315536)
======================================================================
###@###.### 10/4/04 22:46 GMT
Comments
|