For now, with the DeploymentRuleSet signed by expired or self signed cert. No additional warning information is provided in JCP Rule Set dialog. I think this is no good. steps to reproduce: 1. Download http://sqeweb.us.oracle.com/deployment2/sheldon/webCases/PolicyFileValidation/policy_template/policy_expired.jar 2. rename it to DeploymentRuleSet.jar and install it. 3. Open JCP->Security -> View the active Deployment Rule Set 4. If the rule set is showed, bug is reproducible. Since the policy is expired and invalid, the deployment rule set is not active. We should not show the rule set or at least have some warning information.
|