Hi, Nadeem, Could you tar all your jars for xbaya jnlp? Actually your v0.12 jar doesn't (I thought I could simply replace it library section in jnlp file) fit my old 0.10, and 0.11 with saying cannot load while verifying process.
Thank you! Heejoon. On Fri, Mar 14, 2014 at 2:12 AM, Nadeem Anjum <[email protected]>wrote: > Hi Heejon, > > Please find attached the jar file with permissions attribute set to > all-permissions > > > On Thu, Mar 6, 2014 at 6:29 AM, Heejoon Chae <[email protected]>wrote: > >> Hi, Nadeem, >> >> Could you send your modified main jar which has permission attribute in >> it? >> I have our institute's trusted certificate, so I can test the issue with >> removing two reason. >> >> Thank you, >> Heejoon. >> >> >> On Thu, Mar 6, 2014 at 8:59 AM, Nadeem Anjum <[email protected]>wrote: >> >>> Hi everyone, >>> >>> This is with reference to Heejon's issue [1] with Xbaya security issue >>> with the jre(51). >>> >>> I was able to recreate this issue on Windows. >>> >>> When the security level in java control panel is set to very high or >>> high, it gives the following error: >>> "Your security settings have blocked a *self-signed application* from >>> running " >>> >>> When the security level is set to medium or the application is added to >>> exception site list, the application is allowed to run with a warning, >>> which displays the *publisher* as "*unknown*" >>> >>> As per [2], there are two possible reasons for this: >>> >>> 1. *Jar file missing Permission Attribute* >>> 2.* Self signed application* (Certificate not from trusted authority) >>> >>> I modified the permissions in the main jar adding *permissions: >>> all-permissions *in the manifest.mf file, but the problem still >>> persists. According to [3], The Permissions attribute is used to verify >>> that the permissions level requested by the RIA when it runs matches the >>> permissions level that was set when the JAR file was created. *This >>> attribute is required in the manifest of the main JAR file for the RIA, >>> secondary JAR files and extensions are not required to have the Permissions >>> attribute*. If the attribute is not present in the main JAR file, then >>> the RIA is blocked >>> >>> So it appears the problem is not due to missing permissions in third >>> party jars. >>> >>> Rather the problem is apparently due to *self-signed signature*, >>> as when providing a self-signed signature (the free kind), the "Publisher" >>> field will always say "UNKNOWN" whether or not it is provided when creating >>> the signature, as per [4] >>> >>> Please share your opinion on this issue. >>> >>> [1]: http://markmail.org/thread/c6exit64mmhhpew7 >>> [2]: https://www.java.com/en/download/help/java_blocked.xml >>> [3]: >>> http://download.java.net/jdk8/docs/technotes/guides/jweb/security/manifest.html >>> [4]: https://code.google.com/p/jzebra/issues/detail?id=155 >>> >>> >>> On Wed, Feb 5, 2014 at 11:47 PM, Suresh Marru <[email protected]> wrote: >>> >>>> Hi Nadeem, >>>> >>>> We still did not compile the list of GSoC projects for 2014, but >>>> independent of other, I think we certainly can take some help on XBaya and >>>> we have major refactoring needs come up. Let me suggest a list of tasks for >>>> you to get started. >>>> >>>> * Can you subscribe to Airavata User Mailing list[1] and help Heejoon >>>> with this thread [2] >>>> >>>> * Heejoon and his advisor Prof. Sun Kim's research group uses XBaya for >>>> interacting with Amazon EC2 Resources so better packaging of the JNLP will >>>> help them. >>>> >>>> As for the GSoC project itself, it will involve changing the current >>>> XBaya which reads the components in the workflow based on XML Schemas and >>>> WSDL's and we need to migrate that using in development thrift based data >>>> models. This will require also changes to XBaya communications to registry >>>> and workflow interpreter to talk to the new Airavata API. I will clearly >>>> elaborate on the GSoC project, but for now, please start with helping >>>> Heejoon and understanding the inner workings of 5 and 10 minute >>>> tutorials. Stick to Airavata 0.11 version for now. The trunk will be in >>>> rapid development over the next few weeks. >>>> >>>> Suresh >>>> [1] - http://airavata.apache.org/community/mailing-lists.html >>>> [2] - http://markmail.org/thread/c6exit64mmhhpew7 >>>> [3] - >>>> http://biohealth.snu.ac.kr/wiki/index.php/BioVLab_:_Biology_Virtual_Collaborative_Lab >>>> >>>> On Feb 5, 2014, at 12:57 PM, Nadeem Anjum <[email protected]> >>>> wrote: >>>> >>>> > Hello Everyone, >>>> > >>>> > Over the last few days I have been going through Airavata codebase. I >>>> specifically got interested in XBaya, and it will be great if I could get a >>>> chance to work on a project based on XBaya for GSoC 2014 >>>> > >>>> > Thanks, >>>> > Nadeem >>>> >>>> >>> >> >
