[webstart] deal with unsigned jars
----------------------------------
Key: MOJO-263
URL: http://jira.codehaus.org/browse/MOJO-263
Project: Mojo
Type: New Feature
Components: sandbox
Reporter: Jerome Lacoste
There are potential issues when dealing with including such already signed jars
in a webstart application.
In particular see:
http://jira.codehaus.org/browse/MOJO-7#action_49160
and the relevant m1 jnlp issues:
http://jira.codehaus.org/browse/MPJNLP-20
http://jira.codehaus.org/browse/MPJNLP-28
According to the feedback I got on the maven user list, I think that, in order
to satisfy everybody, we need to:
- handle already signed jars (MPJNLP-28)
- primarily we need the possibility to unsign a jar. That will probably go to
jar:unsign.
- optionally avoid signing jars that are already signed.
- optionally clean the Manifest (maven1 jnlp feature, to work around SDK 1.3
issue - See MPJNLP-20)
Did I miss something?
Now how do we present that to the user?
We could:
- assume that every jar will be signed by default
- let the user list the operation to perform, maybe using something like:
<sign>
<dname>...</dname>
...
<unsign>
<dependency>...</dependency>
</unsign>
<skipSignedJars>true<skipSignedJars>
<cleanManifest>true</cleanManifest>
</sign>
Does that look correct?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
