Hi all,
This is Servoy 7.2.0 running on Mac OS X. Mac clients with the new Java 7 Update 51 cannot launch Servoy due to:
Missing required permissions manifest attribute in main jar:.... .../lib/j2db.jar
How do I get around this?
Hi Christian,
Is this a custom signed install (with a valid certificate) or a plain Servoy install?
Plain Servoy install…
I just tested it in a VM (Mac OS X 10.9) with Servoy 6.1.6 (custom signed) and I can reproduce the error.
I first loaded up the client before the update, which ran fine. Then updated to update 51 and try to run it again and it failed with the following error (url blanked out):
java.lang.SecurityException: Missing required Permissions manifest attribute in main jar: …/lib/j2db.jar
at com.sun.deploy.security.DeployManifestChecker.verifyMainJar(Unknown Source)
at com.sun.deploy.security.DeployManifestChecker.verifyMainJar(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Thread.java:744)
I suggest you file a bug report in Jira.
We did add that permission attribute in our latest releases (so 7.3.1 should be ok… i will test it asap, didn’t install .51 yet on my windows)
But with the latest sign tester tool all those permissions attributes are also added right? So even in older version of servoy, if you resign with your own certificate it should work fine.
Hi Johan,
jcompagner:
But with the latest sign tester tool all those permissions attributes are also added right? So even in older version of servoy, if you resign with your own certificate it should work fine.
I signed my 6.1.6 install with the latest version of the signtester with the -Dcodebase param so something seems to off. Or am I missing another param when I signed it?
Ouch….
Just tested it on Windows (8.1) and I see the same error.
So in effect Update 51 will break Servoy across the board.
You can consider this case (if there is one) a BLOCKER!.
I confirm: same issue in Windows7.
As a workaround for now move the security slider to the bottom (medium security) and servoy will start again with a self-signed certificate.
If someone can test this workaround on MacOS and let me know I would be very grateful.
Temporary workaround (tested on Mac OS X Mavericks):
Open Java control panel, go to security tab, set security to Medium. Save.
Launch Servoy.
Just tested it on Mavericks and yes, setting the security slider to medium (the lowest setting) then the client will load.
for me the middle (high) security works fine
i deleted everything in the cache, also pressed “restore security promps” in the security tab
and let the slider be in the middle (high)
then i can start servoy fine (i do get then a few prompts most of them will not be seen the second time)
I tried leaving it on “High” and putting my site in the “Exception Site List” but that did not work, so I set security back to “Medium”.
Does the problem occur also when using an official certificate? Or is this an issue only with self-signed ones?
As I understand Christian is using a plain Servoy install, so no resigning done.
Christian is this correct?
but Christian is using an older version of servoy that didn’t have all those manifest entries
that is only fixed in the latest 7.3.1 release
That release should work fine.
ROCLASI:
As I understand Christian is using a plain Servoy install, so no resigning done.
Christian is this correct?
Yes it is plain 7.2.x
No Johan, I’m having the issue with Servoy 7.3.1 on Windows7 using a self-signed certificate and Robert is using a full GlobalSign certificate.
Setting the security mode of java to “medium” allow the smart client to open. In the java console I only get this:
Missing Permissions manifest attribute in main jar: http://servoy.xxxxxxxxxxx.it:8080/lib/j2db.jar
Under WebStart on Java >= 1.6.0_18, the value of the “sun.awt.disableMixing” system property needs to be defined in the JNLP descriptor with value “true” (or “false” if you really want the default behavior). When not set to “true”, the content of the native components may not be displayed.
We are running fine, with 7.3.1 and Java 7 Update 51 signed with our own GlobalSign certificate and Security set to High!
I even set the security to Very High, and everything works fine!
I still get the yellow balloon warning.
but accepting that (once) works fine
Maybe you guys use the browserSuite plugin? which is blocking now, because of the (unsecure) vmargs
[attachment=0]2014-01-15_1614.png[/attachment]
I do use the Browser suite but the only args that I have set in the admin pages are:
-XX:MaxHeapFreeRatio=10 -XX:MinHeapFreeRatio=10