[Bug 3350] Java applet launched via jnlp web-start cannot load. Fails with "Could not initialize applet"

bugzilla-daemon at icedtea.classpath.org bugzilla-daemon at icedtea.classpath.org
Wed Apr 5 10:46:48 UTC 2017 

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=3350

JiriVanek <jvanek at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|P5                          |P3
             Status|NEW                         |ASSIGNED
           Severity|blocker                     |normal

--- Comment #1 from JiriVanek <jvanek at redhat.com> ---
Hi, this is very cnfusing report.
(In reply to stefan from comment #0)
> Running OpenJDK Java 8 with latest IcedTea-Netx, with a jnlp file version

java8, ok, what is ITW verison? or is it head?

> spec "7.0+" without codebase attribute (Document base).
> Earliest allowed version in the jnlp file is 1.7.0.45 and security

That is something better to not to use, but should work fine.

> "all-permissions". Jar codebase files are signed.
> The file and code has been developed and running in all platforms (Windows
> XP-7-8-10, Mac OS, with various browsers and Oracle Java 7.45+ to latest 8
> versions) and also runs perfectly in Linux with Oracle Java/Web start by
> running

Those should be irrelevant, but other security settings are. Se below.
> javaws 192.168.<rest of IP address>/xxxx.jnlp in the terminal
> 

To fix it in itw (if it is something to fix at all) I need URL where I can
debug, or the snapshot and deploy instructions of your application.

In this case jnlp file may be enough.

> However with IcedTea webstart I get
> 
..

> java.lang.NullPointerException     at
> net.sourceforge.jnlp.security.SecurityDialogs.showMatchingALACAttributePanel(SecurityDialogs.java:405)


This looks like error in ALACA (application allowable  codebase). This may
happen when some mandatory field is missing in jnlp/manifest.  I believe all
coarsenesses were fixed in alaca dialogue, so the NPE should not happen - tahts
why I'm asking for exact version.
The oracle javaws is a bit more benevolent to jnlp specification then ITW is,
but thats not an apologise for ITW.

You should be able to workaround this by disabling security manifest checks: 

cat ~/.config/icedtea-web/deployment.properties
#Netx deployment configuration
#Wed Apr 05 12:51:00 CEST 2017
deployment.manifest.attributes.check=NONE

Maybe add also:
deployment.security.level=ALLOW_UNSIGNED



see:
 ~/icedtea-web-image/bin/itweb-settings --verbose --help |  grep manifest

maybe it will be enough to set to al but ALAC

Anyway this is not solution for your customers, so, help me to help you.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20170405/4dc63740/attachment-0001.html>

More information about the distro-pkg-dev mailing list