Unable to retrieve the previous value when updating
Solution 1
Java 8u25
Warning: These settings expose security vulnerabilities known to Java. Not for the the average user.
I was having a lot of tools blocked by Java. I set the options below and then added to the site exception list. I was then able to run all of my older applets that were previously blocked after a browser restart.
Advanced:
**JNLP File/MIME Association - Always allow
**Secure Execution Environment - Uncheck Show sandbox warning banner, uncheck warn if site certificate does not match hostname, uncheck show site certificate from server even if it is valid
**Mixed code - Disable verification
**Perform certificate revocation checks on - Do not check
**Advanced Security Settings - Uncheck enable blacklist revocation check
Security:
**Add the site to Security tab > edit site list > add button > type URL or IP.
Solution 2
I had issues with running an app signed with MD5 with RSA. I found the following solution worked for me:
all applications signed by MD5withRSA are now treated by "unapproved"
but luckily you can quickly override this by updating C:\Program Files (x86)\Java\jre1.8.0_131\lib\security\java.security
For MACOS X /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/java.security
OR
/Library/Java/JavaVirtualMachines/jdk1.8.0_131.jdk/Contents/Home/jre/lib/security/java.security
i've opened java.security file with notepad and made next few changes (removed MD5 exclusion):
jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024
jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768, \ EC keySize < 224
jdk.tls.legacyAlgorithms= \ K_NULL, C_NULL, M_NULL, \ DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \ DH_RSA_EXPORT, RSA_EXPORT, \ DH_anon, ECDH_anon, \ RC4_128, RC4_40, DES_CBC, DES40_CBC, \ 3DES_EDE_CBC, \ SSL_RSA_WITH_RC4_128_MD5
ig.secureValidationPolicy=\ disallowAlg http://www.w3.org/TR/1999/REC-xslt-19991116,\ disallowAlg http://www.w3.org/2001/04/xmldsig-more#hmac-md5,\ disallowAlg http://www.w3.org/2001/04/xmldsig-more#md5,\ maxTransforms 5,\ maxReferences 30,\ disallowReferenceUriSchemes file http https,\ minKeySize RSA 1024,\ minKeySize DSA 1024,\ noDuplicateIds,\ noRetrievalMethodLoops
Solution 3
If you continue to receive this error after adding the site to the exceptions list of the Java control panel, try editing [JRE install directory]\lib\security\java.policy
Inside the grant block, add
permission java.net.SocketPermission "192.168.50.116:5900", "connect,resolve";
Substitute your host/IP and port.
Solution 4
You can edit the exception site list in a text editor (eg Notepad++). I used Excel to auto-fill a range (eg https://192.168.1.1 -> https://192.168.1.255). I then copied and pasted this into the exception.sites file.
C:\Users\username\AppData\LocalLow\Sun\Java\Deployment\security\exception.sites
The exceptions then show up in the Java Control Panel exception list.
Related videos on Youtube
NVH
Updated on January 04, 2023Comments
-
NVH over 1 year
I just started to convert my project from MongoDB to PostgreSQL by using
sequelize
andsequelize-typescript
and have bumped into a problem:I made with MongoDB an upsert method which simply uses
findOneAndUpdate
. It finds a single user by its userId, if none is found it creates one otherwise it updates it with an object. The returnedvalue
is the record before being updated. Easy right ?upsert: async (userId: string, obj: Partial<UserModel>) => { const { value } = await this._users.findOneAndUpdate( { _id: userId }, { $set: obj }, { upsert: true } ); return value!; },
Now when I want to use
sequelize
, first I have to usefindByPk
(which is the userId) sincefindOrCreate
is fairly slow (my app crashed multiple times already because of timeout) then if a record is found I update it with an object otherwise I use<Model>.create
. The thing is that<Model>.update
does not return the previous value,.previous()
sends empty brackets back.Here is the method I am currently working with:
upsert: async (userId: string, obj: Partial<User>): Promise<User | null> => { const user = await User.findByPk(userId); if (user) { console.log(1, user); if (user.login !== obj.login) { const test = await user.update(obj); console.log(2, test); console.log(3, test.previous()); } return user; } return await User.create(obj) .catch(() => null) .finally(() => null); },
This is the console output:
Am I missing a key point here? Or is it not even possible? I am digging in the docs and overall on Google and I found nothing about that
-
Admin about 10 yearsThis can be controlled by the Java Control Panel Applet. You will require administrator rights to change the setting.
-
Admin about 10 years@Ramhound I have used that applet, and there is no setting on it I can find to allow unsigned apps.
-
Admin over 9 yearsbesides the Java problem: the SDR receiver mentioned in your screenshot and many other using the same software now have a HTML5 mode that does not require Java! Tried with the latest Firefox and runs perfectly. I guess it also works in Chrome.
-
Admin over 9 years@Ale Yeah, I've used it. It's good stuff! Unfortunately, not all of the hosts use the HTML5 version.
-
Admin over 9 years@Ale With the remaining SDR sites on Java, I am able to use them by adding each site individually. I'm still prompted for each part of the application, but at least it works.
-
Admin almost 9 yearsAnother option is to define deployment rules or deployment.properties. docs.oracle.com/javase/8/docs/technotes/guides/deploy/… docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/…
-
-
Brad about 10 yearsI tried "medium", but the app must be requesting full permissions as I still get prompted.
-
Ramhound about 10 yearsRight...The prompts are by design at that level of security
-
Quantum7 over 9 yearsMedium was removed in Java 8. Any workaround?
-
Christophe De Troyer over 9 yearsHow damn annoying. Java disallows me to run software, eventhough I trust it.
-
Ramhound over 9 yearsWhere did you get this information seems strange you provide no context almost like your just copying and pasting fron some source, even if I overlook that problem, the formatting could be improved
-
sunkenruin over 9 yearsDid this work for you though?
-
Canadian Luke over 9 yearsTo edit it, are you just talking about a plain text file, or using a special program?
-
AresAvatar over 9 yearsThis worked for me when nothing else did! Thanks, this solved a huge problem!
-
ApproachingDarknessFish over 8 yearsThank goodness for stackexchange, this was blocking me from doing my homework. +1.
-
mchid over 7 yearsDoesn't work. Why do we even have this plugin if we can't use it. I keep it completely disabled except in the rare instance that I need to use it and I can't. Absolutely useless. I will never use any sun java for any commercial application ever.