JDK-8015640 : REGRESSION: Security boxes appear 2 times with uppercase jnlp codebase
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 7u21,7u40
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: windows_7
  • CPU: x86
  • Submitted: 2013-05-29
  • Updated: 2014-10-20
  • Resolved: 2013-06-11
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
7u25Fixed 8Fixed
There is a regression with 7u21 and 7u40b26 (on Windows 7 with 32 bit).

If the host name of the jnlp codebase is written in uppercase (see the attached jnlp file) then the security box appear 2 times. Also the selecting of ever accepting the certificate has no effect. The 2 security boxes occur on every start. If the host name in lower letter written then all is working.

The only effect is that you can delete it 2 times in the system control. This is another bad things.
covered by existing testbase: vmargs::testHostUpperCase

I can reproduce it now. Looks like the problem becomes visible after the combination of two conditions: - uppercase hostname - additional parameters in JNLP to force relaunch (sun.java2d.noddraw=true)

This seems very magic. Have test 2 server now. One with BLN2 and the other with VB4. Both are hostname from web servers that hold the signed jar files for the jnlp. All clients have problems with BLN2 but not with VB4. That it doesn't depends on the client. Now have adde4d an entry in the hosts file to redirect BLN2 to VB4 server. The jnlp file with BNL2 has still going problems. That it depends not on the server. It seems only to depends on the host name. Very magic. Can test it with the follow hosts entry: bln2

I can't reproduce this issue so far (tested with 7u40 b26). The test case from the customer (at http://BLN2/...) isn't available and I created local sample (codebase is http://LOCALHOST/...) and it works fine to me - the security dialog appears one time (screenshot of the dialog attached - UPPERCASE_CODEBASE.png)

The problem occur after an update to 7u21. In version 7u21, add the feature that the same certificate must accepted for every host name separately. Now there is bug that depends on the spelling of the host name. 100% clear that this is a regression in version 7u21. And the security boxes and the details of the box are 100% identical.

Checking with the submitter if it can also be reproduced with 7u25 latest build and previous 7u update releases.