JDK-6945321 : trusted-library manifest attribute cant load unsigned code without warning.
  • Type: Bug
  • Component: deploy
  • Sub-Component: webstart
  • Affected Version: 6u20
  • Priority: P3
  • Status: Resolved
  • Resolution: Not an Issue
  • OS: generic
  • CPU: x86
  • Submitted: 2010-04-20
  • Updated: 2014-03-18
  • Resolved: 2014-03-18
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7
7-poolResolved
Related Reports
Duplicate :  
JDK-6972284 - trusted-library manifest attribute is not able to load applets without mixed code warning
Description
FULL PRODUCT VERSION :
java version "1.6.0_20"
Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot(TM) 64-Bit Server VM (build 16.3-b01, mixed mode)

ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7600]

A DESCRIPTION OF THE PROBLEM :
I was told that when using the trusted-library=true option in the manifest for our main class that it would be possible to use none signed jars from extensions by using Class.forName with the context classloader, I tried this by using this code:

ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
                            Debug.error("plugin class:" + clazzName.trim() + " is trying to be loaded through the context classloader: " + contextClassLoader +
                                " in the thread: " + Thread.currentThread().getName() + " trusted classloader is: " + getClass().getClassLoader());
                            loadClientPlugin(Class.forName(clazzName.trim(), true, contextClassLoader));

But that still shows up the mixed code dialog:

thread: pool-1-thread-1 trusted classloader is: com.sun.jnlp.JNLPClassLoader@188d92e
ERROR - Debug                      - Error occured loading client plugin class com.servoy.extensions.plugins.scheduler.SchedulerPlugin, error: java.lang.SecurityException: trusted loader attempted to load sandboxed resource from http://localhost:8080/plugins/scheduler.jar
ERROR - Debug                      - Throwable
java.lang.SecurityException: trusted loader attempted to load sandboxed resource from http://localhost:8080/plugins/scheduler.jar
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.check(Unknown Source)
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.access$1400(Unknown Source)
    at com.sun.deploy.security.CPCallbackHandler$ChildElement.checkResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
    at java.net.URLClassLoader$1.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(Unknown Source)
    at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
    at java.lang.ClassLoader.loadClass(Unknown Source)
    at java.lang.ClassLoader.loadClass(Unknown Source)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Unknown Source)
    at com.servoy.j2db.plugins.PluginManager.loadClientPlugins(Unknown Source)

i got the source of the u20 build and i think that it is this code that is run: (from class CPCallbackHandler$ParentCallback.)

private synchronized void check(URL url, boolean trusted) {
        boolean maybeTrustedChild = trustedChild;
        boolean maybeUntrustedChild = untrustedChild;
        if (!trusted && trustedOnly) {
        throw new SecurityException("Trusted-Only loader attempted to load sandboxed resource from " + url);
        }
        if (trusted) {
        maybeTrustedChild = true;
        } else {
        maybeUntrustedChild = true;
        }
            if (maybeTrustedChild && maybeUntrustedChild) {
        String msg = checkAllowed(url, maybeTrustedChild && trustedChild);
        if (msg != null) {
            throw new SecurityException(msg);
        }

so for me this is true:
if (maybeTrustedChild && maybeUntrustedChild)

then it goes into checkAllowed:

 private String checkAllowed(URL url, boolean wasTrusted) {
        if (checkMixedTrust) {
            int result = showMixedTrustDialog();
            if (result == UIFactory.CANCEL) {
                allowMixedTrust = true;
            }
            checkMixedTrust = false;
        }
        if (!allowMixedTrust) {
        if (wasTrusted) {
                return "trusted loader attempted to load sandboxed resource from " + url;
        } else {
                return "sandboxed loader attempted to load trusted resource from " + url;
        }
        }
        return null;
        }
    }

with wasTrusted == true

and then checkMixedTrust is true because i have the default config setting:

private ParentCallback() {
            if (Config.getMixcodeValue() == Config.MIXCODE_ENABLE) {
            checkMixedTrust = true;
        }

So if it comes into checkAllowed() then it will always show me the dialog when i have default setting.

So or i dont have to get into that checkAllowed method but then the 2 booleans shouldnt somehow be true in my case
or checkAllowed shouldnt know that it is a trusted-lib that calls a untrusted class through its own classloader and that should be allowed...

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
a signed jar with trusted-library manifest entry should be able to load unsigned content when it chooses to do it through Class.forName and a special classloader
ACTUAL -
Still the dialog is shown.

REPRODUCIBILITY :
This bug can be reproduced always.

SUPPORT :
YES

Release Regression From : 6u18
The above release value was the last known release where this 
bug was not reproducible. Since then there has been a regression.