JDK-4814016 : extension installation broken in 1.4.1_01: ExtensionInstallationException thrown
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 1.4.1
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2003-02-06
  • Updated: 2003-02-19
  • Resolved: 2003-02-19
Related Reports
Duplicate :  
JDK-4780497 - REGRESSION: 1.4.1_01 signed applets don't work anymore
Description

Name: gm110360			Date: 02/06/2003


FULL PRODUCT VERSION :
java version "1.4.1_01"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.1_01-b01)
Java HotSpot(TM) Client VM (build 1.4.1_01-b01, mixed mode)


FULL OPERATING SYSTEM VERSION :
Microsoft Windows XP [version 5.1.2600]

A DESCRIPTION OF THE PROBLEM :
The use of the extension installation failes when the
extension contains a native exceutable.
The bug was discovered with the sun "Signed Auto
Installation for browsers" jar but it can be reproduced
whith any signed far containing an executable file. It is a
regression in 1.4.1_01 wrt 1.4.1.

During the installation, an exception is thrown and the
installation failes.


REGRESSION.  Last worked in version 1.4.1

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Make an html page with an applet that use the JAI (Java
Advanced imaging) extension. Use the sun "Signed Auto
Installation for browsers" jar available on the JAI download
page.

2. Browse the page, and answer yes to the following question:
Download Request
The applet requires the installation of optional package
"javax.media.jai" from http://xxx/jai_windows-i586.jar
Do you want to continue?

3. An exception is thrown and the following message box appears:
General Exception
Optional package installation is aborted.

EXPECTED VERSUS ACTUAL BEHAVIOR :
The installation should go go.

ERROR MESSAGES/STACK TRACES THAT OCCUR :
Modality popped
User selected: 0
Optional package download granted by user, download from
http://xxxxxxxxxxxxxxxxxxxxxx/jai_windows-i586.jar
Connecting http://xxxxxxxxxxxxxxxxxx/jai_windows-i586.jar with no proxy
Connecting http://xxxxxxxxxxxxxxxxxx/jai_windows-i586.jar with cookie
"JIGSAW-SESSION-ID=J986902630-19"
Loading Root CA certificates from D:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\cacerts
Loaded Root CA certificates from D:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\cacerts
Loading JPI certificates from D:\WINNT\Profiles\qpbl\.java\jpicerts141_01
Loaded JPI certificates from D:\WINNT\Profiles\qpbl\.java\jpicerts141_01
Loading certificates from JPI session certificate store
Loaded certificates from JPI session certificate store
Checking if certificate is in JPI permanent certificate store
Checking if certificate is in JPI session certificate store
Checking if certificate is in Root CA certificate store
Checking if certificate is in Root CA certificate store
Checking if certificate is in Root CA certificate store
sun.misc.ExtensionInstallationException: User deny optional package installer to
be launched.
	at sun.plugin.extension.ExtensionInstallationImpl.verifyJar(Unknown Source)
	at sun.plugin.extension.ExtensionInstallationImpl.access$100(Unknown Source)
	at sun.plugin.extension.ExtensionInstallationImpl$1.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin.extension.ExtensionInstallationImpl.installExtension(Unknown Source)
	at sun.misc.ExtensionDependency.installExtension(Unknown Source)
	at sun.misc.ExtensionDependency.checkExtension(Unknown Source)
	at sun.misc.ExtensionDependency.checkExtensions(Unknown Source)
	at sun.misc.ExtensionDependency.checkExtensionsDependencies(Unknown Source)
	at sun.misc.URLClassPath$JarLoader.parseExtensionsDependencies(Unknown Source)
	at sun.misc.URLClassPath$JarLoader.getClassPath(Unknown Source)
	at sun.misc.URLClassPath.getLoader(Unknown Source)
	at sun.misc.URLClassPath.getResource(Unknown Source)
	at java.net.URLClassLoader$1.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.net.URLClassLoader.findClass(Unknown Source)
	at sun.applet.AppletClassLoader.findClass(Unknown Source)
	at sun.plugin.security.PluginClassLoader.findClass(Unknown Source)
	at java.lang.ClassLoader.loadClass(Unknown Source)
	at sun.applet.AppletClassLoader.loadClass(Unknown Source)
	at java.lang.ClassLoader.loadClass(Unknown Source)
	at sun.applet.AppletClassLoader.loadCode(Unknown Source)
	at sun.applet.AppletPanel.createApplet(Unknown Source)
	at sun.plugin.AppletViewer.createApplet(Unknown Source)
	at sun.applet.AppletPanel.runLoader(Unknown Source)
	at sun.applet.AppletPanel.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)
Modality pushed
Modality popped
Optional package installation failed.
Installation successful

REPRODUCIBILITY :
This bug can be reproduced always.

CUSTOMER WORKAROUND :
Forget the extension mechanism and install the components
manually.
(Review ID: 180926) 
======================================================================
Comments
EVALUATION ###@###.### 2003-02-18 I just received source code of testcase from customer. It looks like this is a regression from JRE 1.4.1_01 to 1.4.1. I don't think this is applicable to Mantis. Arun in CTE group is looking at this issue and try to reproduce this bug in 1.4.1_01. We will have an update soon. Dennis Was able to reproduce the bug in 1.4.1_01. Its failing due to Fix chain certificate validation. Its returning a false for isAllPermissionGranted() which denies to throw a Security Dialog. Basically its failing in checkBasicConstraints(). CA certificate does not include basic constraints extension. It then checks only for Netscape certificate type extension and returns a false. Should clarify with dennis whether this is the expected behaviour! ###@###.### 2003-02-18 ###@###.### 2003-02-19 This issue has been addressed in bug 4780497, which has been fixed in Mantis. Please back port changes to 1.4.1 update release soon. Dennis This is a duplicate of 4780497. Closing as such. CTE should use 4780497 as the bug number for the backport. ###@###.### 2003-02-19
19-02-2003