JDK-6646578 : Confusing ClassNotFoundExceptions caused by insecure JVM command-line argument specification
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 6u10
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2008-01-02
  • Updated: 2010-09-08
  • Resolved: 2008-06-13
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
6u10 b11Fixed
The ClassNotFoundExceptions thrown which are related to the specification of insecure JVM command-line arguments are confusing in the default case where the codebase_lookup parameter is not set to false. In this case the ClassNotFoundException which indicates that the class wasn't loaded because it was unsigned is squelched and another ClassNotFoundException is raised which indicates that it wasn't found because it wasn't on the web server. We need to preserve the CNFE raised from the first check and re-raise it later if necessary.

SUGGESTED FIX http://sa.sfbay.sun.com/projects/deployment_data/6u10/6646578.0 testcase: http://j2se.east.sun.com/deployment/www/tests/1.6.0_10/6646578/

EVALUATION Propagated the ClassNotFoundException indicating the unsigned status of the class out of the doPrivileged block, throwing it in the correct place to indicate the real reason for failing to load the class.