How to use jars with different certificates and requiring all-permissions
I am trying to create a webstart application that requires an external jar. The external jar requires all permissions and is signed by its owner.
I tried to follow the instructions from Kirill Grouchnikov here http://weblogs.java.net/blog/kirillcool/archive/2005/05/signing_jars_fo....
But is does not seem to work. The user is requested to trust the certificate on my jar, but not the certficate on the external jar.
Please see http://www.pbjar.org/blogs/jxlayer/JXLayer_one.html to test the application.
The first webstart button refers directly to a jxlayer.jar that is signed by me. This works.
The second webstart button refers to the jnlp files below and jxlayer.jar signed by its owner. This throws a security exception.
(Of course, in both cases my own jar file is signed by me)
The working jnlp file:
<?xml version="1.0" encoding="utf-8"?></p> <p> JXLayer wrap test<br /> Piet Blok</p> <p> JXLayer demonstration<br /> JXLayer demo.</p> <p>
The not working jnlp file:
<br /> <?xml version="1.0" encoding="utf-8"?></p> <p> JXLayer wrap test<br /> Piet Blok</p> <p> JXLayer demonstration<br /> JXLayer demo.</p> <p>
The jxlayer.jnlp file:
<br /> <?xml version="1.0" encoding="UTF-8"?></p> <p> JXlayer<br /> Alexander Potochkin</p> <p>
Why does jxlayer.jar not get all permissions? Is it actually possible to refer to extension jnlp files that do require permissions?
Am I doing something wrong?
(From the server log I can verify that the expected files are downloaded)