0

We've got a signed java applet that is called from as aspx via javascript (We're not really a Java development shop, were mainly C# devs).

I'm needing to debug through this applet but I'm having an isue that is not beeing seen on my colleagues machines.

To attach the netbeans debugger to the applet we've traditionally removed all certifcates from the 'Trusted Certificates' store via the Java Control panel, deleted any cached applets (via the Java Control Panel) and then when the applet is downloaded and run, we see the security warning. At this point we able to attach the netbeans debugger, okay the security warnings (not checking the 'always trust' checkbox) and then having hit a breakpoint within the applet code, debug from there.

However, whatever I do I'm not seeing the security warnings, which makes it a bit hard to attach to the applet. I've removed our certificate, zapped any cached applets, I've even 'clutched at straws' and removed and reinstalled the JDK (we're using 1.6 update 7, update 10 and update 20; all updates we know work with our implementation). I just can't get the security warning to appear.

It's like I've got an 'always trust' flag permanently switched on.

Any ideas gratefully received.

Weevie
  • 97
  • 1
  • 1
  • 8

3 Answers3

0

You might try launching the applet using (non-embedded) Java Web Start. Launching with JWS you will lose JS functionality, but should regain easy control over the permissions.

Community
  • 1
  • 1
Andrew Thompson
  • 168,117
  • 40
  • 217
  • 433
  • Thanks for that, I'm a little unfamilliar wth the Java ecosystem. Don;t suppose you know of a good tutorial explaining how best to use JWS to debug through an applet do you. – Weevie Mar 21 '11 at 11:21
0

The security warning comes only when the applet is signed. Otherwise the applet does not have any privileges, so it is not considered necessary to show the warning.

You could simply sign your applet with a new (untrusted, self-signed) key, maybe this helps.

Paŭlo Ebermann
  • 73,284
  • 20
  • 146
  • 210
  • We're signing the app with a cert we issue (Our users are supposed to trust us ) but I could generate a new cert and sign the applet with that and that ought to produce the warning. Thanks, I might try that if using the suspend option menioned in another answer doesn't pan out – Weevie Mar 21 '11 at 12:47
  • I self-signed the applet in the end just to get the security warning up. That worked so thanks for your help! Now I can't get the debugger to attach but that's another question (and it is: [link](http://stackoverflow.com/questions/5380118/getting-shmembase-attach-failed-the-system-cannot-find-the-file-specified-when) ) – Weevie Mar 21 '11 at 16:23
0

Sorry, not a direct answer to your question, but if what you want is to pause the JVM at startup for debugging, you could use the suspend=n option in the JVM options, as in something like:

-Djava.compiler=NONE -Xnoagent -Xdebug -Xrunjdwp:transport=dt_socket,address=2502,server=y,suspend=n

That way, the JVM suspends automatically, waiting for a connection from the debugger.

Sami Koivu
  • 3,640
  • 3
  • 24
  • 23
  • I've got the following in the JRE's run time parameters '**-agentlib:jdwp=transport=dt_shmem,address=jdbconn,server=y,suspend=n**' and it doesn't appear to be suspending. – Weevie Mar 21 '11 at 12:49
  • I just tried it with suspend=y and no luck there either. I'm a bit out of my depth with the runtime params. So ny further help would be appreciated. – Weevie Mar 21 '11 at 14:07