3

My company uses an applet which needs JNI to access some PKI features.

This is a very stable (+4 years) solution and is already in production in several clients.

It's a signed (Thawte Certificate) applet and it worked fine until JRE7 21 - now a security exception has popped (all Applet JNI solutions we have are presenting the same issue).

I checked Java applet stopped working after update to JRE 7u21 and Cannot launch applet using Java 7u21. I've checked Java 7 Update 21 Security Improvements in Detail, but it doesn't mention anything about JNI.

I've already tried using TurstedLibrary and recompiling it with JDK7 21 but it still pops the security exception.

I'd like to check with you guys if you had the same issue and if someone is able to use Java + JNI again (don't know if there's some new stuff to sign the DLL or something like that)..

Update:

Working - got it through http://docs.oracle.com/javase/6/docs/technotes/guides/jweb/mixed_code.html#trusted_library

Adding the correct Trusted Library manifest make it stop prompting the error - remembering that you need to use JDK7 21.

Community
  • 1
  • 1
Cadu
  • 101
  • 1
  • 2
  • 7
  • *"It's a signed applet"* Is it a *self signed* applet? I.E. did you generate a certificate using the JDK as opposed to buy one from a CA? – Andrew Thompson Apr 22 '13 at 01:53
  • Andrew, we use a real Thawte Certificate, it's not a selfsigned one. – Cadu Apr 22 '13 at 11:26
  • That is disconcerting. Have a look through the [bug database](http://bugs.sun.com/) & if you don't see anything similar, raise a new one. Then we can see what Oracle has to say about it. – Andrew Thompson Apr 22 '13 at 12:07
  • Andrew, not sure if this is a bug. Really think is Oracle blocking JNI from the browser due to the last security issues. Don't you? – Cadu Apr 22 '13 at 12:38
  • Neither am I, but your report does not fit my expectation of the new security environment either. If Oracle were to close the report as 'not a bug' I would take that as the authoritative end to it, hoping they would clarify their position in the notes. But like I said, let's get it 'straight from the horses mouth' either way. – Andrew Thompson Apr 22 '13 at 12:43

0 Answers0