Liveconnect Applet problems

java javascript applet
10,774

Solution 1

Today I ran into this problem on Ubuntu 14.10, Firefox 35.0.1 & Oracle Java JRE 1.8.0_31. It is related in some way to JRE utility class in deploy.jar which doesn't work properly on Linux (NativeMixedCodeDialog). On Windows, when you try to access Liveconnect (which implies MIXED security mode) a dialog is shown by this class to kindly ask you for a confirmation. This, for some unknown reasons, doesn't happen on Linux.

You can easily try to check this, by running this command: 

/usr/lib/jvm/java-8-oracle/jre/bin/java -cp /usr/lib/jvm/java-8-oracle/jre/lib/deploy.jar com.sun.deploy.uitoolkit.ui.NativeMixedCodeDialog "Some Aplet" "Web Site:" "https://localhost" "Publisher:" "Some publisher" "Do not show this again for this app and web site."

My solution was to use Deployment Rule Set to force Java to trust my app. This might be a no-go for production use, but it let me develop further until this NativeMixedCodeDialog gets fixed.

So straight to the point:

  1. Create a file named ruleset.xml

  2. Fill it with content according to this documentation, for ex.

    <?xml version="1.0" encoding="UTF-8"?>
<ruleset version="1.0+">
  <rule>
    <id location="https://localhost/" />
    <action permission="run" version="SECURE" />
  </rule>
</ruleset>

  3. Put this into jar

    jar cvf DeploymentRuleSet.jar ruleset.xml

  4. Sign this jar with certificate valid in cacerts, it might be self-signed certificate, but it needs to be found in java cacert file, not just trusted in control panel

    jarsigner -verbose -keystore ~/selfsigned.p12 -storetype pkcs12 DeploymentRuleSet.jar selfsigned

  5. Copy signed jar to /etc/.java/deployment/

  6. Possibly restart your browser everything should be working fine

Solution 2

The answer from @Seba was fantastic, but I can add some commands that you might need:

Create self signed certificate:

~/CERTIFICATE $ keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -validity 360 -keysize 2048

Export the key from the keystore:

keytool -exportcert -alias selfsigned -keystore keystore.jks -rfc -file selfsigned.cer

Export/Convert the jks keystore into PKCS12 keystore (possibly redundant if you can sign with the ".jks" keystore instead of ".p12" in later step, I did not try):

keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -deststoretype PKCS12

Find the cacerts keystore for your java:

locate cacerts
...
/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts

Import key into cacerts:

sudo keytool -import -alias selfsigned -file selfsigned.cer -keystore /usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts

And now you create the ruleset.xml file (omit location for "everything", which obviously defeats the security):

<?xml version="1.0" encoding="UTF-8"?>
<ruleset version="1.0+">
  <rule>
   <id />
   <action permission="run" />
  </rule>
</ruleset>

Jar it up:

jar cvf DeploymentRuleSet.jar ruleset.xml

Sign it:

jarsigner -verbose -keystore ~/CERTIFICATE/keystore.p12 -storetype pkcs12 DeploymentRuleSet.jar selfsigned

And finally, even though there is a .java/deployment directory in your user's directory, you DO need to copy it to the (possibly non-existent) directory /etc/.java/deployment

At least for Firefix, you do not need to restart the browser, as long as you kill the java-process that the browser has started. If it is the only java-process around, then running the following command should do it:

 killall java
Share:
10,774
Mattos
Author by

Mattos

Updated on June 04, 2022

Comments

  • Mattos
    Mattos almost 2 years

    Cannot call applet methods from javascript. A error appears on the log

    -> liveconnect: Security Exception: JavaScript from http:url:port/application attempted to access a resource it has no rights to.

    Manifest-Version: 1.0
Application-Name: application
Created-By: Apache Maven 3.0.4
Caller-Allowable-Codebase: *
Application-Library-Allowable-Codebase: *
Build-Jdk: 1.7.0_72
Permissions: all-permissions
Codebase: *

    The java security setting is set to meddium

    JRE Version 1.8.0_25-b17

    Applet Signed by a trusted source, and the applet jar is downloaded from the same domain as the calling page.

    If I try to call the applet method from firebug javascript console another error shows up: Error: Liveconnect call for Applet ID 4 is not allowed in this JVM instance

    The applet TAG:

      <applet id="applet" code="applet.core.AppletBootstrap" codebase="/applet" archive="applet.jar" width="650" height="500" mayscript="mayscript">
<param name="cache_archive" value="applet.jar"/>
<param name="cache_version" value="2.4.17.2,2.4.17.2,2.4.17.2,2.4.17.2,2.4.17.2"/>
<param name="conversationId" value="e00ed781a56a4378a285d7839a9925bf"/>
<param name="userAgent" value="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65 Safari/537.36" />
<param name="java_status_events" value="true"/>
<param name="separate_jvm" value="true"/>
<param name="classloader_cache" value="false"/>
<param name="java_arguments" value="-Xmx128m -Djnlp.packEnabled=true "/>
</applet>

    EDIT: @Seba JDK-8058697 is a OpenJDK bug related to this issue, unfortunately it is not accessible to me - You can see a duplicate of it: here

    EDIT 2: Java 8 update 40 is working again

  • Seba
    Seba about 9 years
    JDK-8058697 is a OpenJDK bug related to this issue, unfortunately it is not accessible to me - You can see a duplicate of it: here
  • stolsvik
    stolsvik about 9 years
    Thanks - lifesafer! I added some extra commands to this in my own answer (how to generate the selfsigned cert etc)
  • Mattos
    Mattos about 9 years
    It worked, im gonna mark your answer as the right one, and upvote the @stolvik answer.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Will my Java Applets run on Chrome 45?
Calling Javascript functions from a Java Applet
How to access USB device in chrome?
Javascript to Java Applet communication
Accessing scanner at client side from a web page without applet
Not able to resolve JSObject in a java applet project
How to call an applet method from JavaScript
IE 11 can't find Java Plugin to run Applet
How can I embed a Java applet dynamically with Javascript?
Javascript for form reset not working after being forwarded through Java Servlet