Java vs Cisco SDM

Fórumok

Sziasztok!

A következővel akadt némi gondom: A cisco sdm alkalmazás java környezetben fut(na), ha a java nem blokkolná.. Win7, java8 legfrissebb verzió. Explorerben már bent van a pipa, hogy helyi file-ok futtatását is engedélyezem, viszont hiába adom a kivétellistához a router 10.1.1.10 -es címét a file elérési útvonalát a java kivétellistához a létező összes módon, egyszerűen a java folyton blokkolja a biztonsági beállításokra hivatkozva.

Alant a kínjaim log-ba öntve:

Java Plug-in 11.101.2.13
Using JRE version 1.8.0_101-b13 Java HotSpot(TM) Client VM
User home directory = C:\Users\M
----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to
----------------------------------------------------
basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@14b42d9
security: Expected Main URL: file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar
basic: Plugin2ClassLoader.addURL parent called for file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar
network: Cache entry found [url: file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar, version: null]
cache: Adding MemoryCache entry: file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar
cache: Resource file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar has expired.
basic: String: \C:\Program%20Files%20(x86)\Cisco%20Systems\Cisco%20SDM\common\common\jploader.jar
basic: decoded to: \C:\Program Files (x86)\Cisco Systems\Cisco SDM\common\common\jploader.jar
network: ResponseCode for file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar : 200
network: Encoding for file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar : null
CacheEntry[file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar]: updateAvailable=false,lastModified=Fri Mar 24 04:59:02 CET 2006,length=62843
cache: registerReference: com.sun.deploy.cache.MemoryCache$CachedResourceReference@f285cfde: 1
cache: registerReference: com.sun.deploy.cache.MemoryCache$CachedResourceReference@f285cfde: 2
security: Blacklist revocation check is enabled
security: blacklist: created: NEED_LOAD, lastModified: 1473787755544
security: blacklist: check contains skxYbQquYdGyouLy0TvWVSE1EXc=, state now NEED_LOAD
security: blacklist: loadCache
security: blacklist: not found in cache
security: Trusted libraries list check is enabled
security: Trusted libraries list file not found
cache: Create from verifier: JarSigningData{hasOnlySignedEntries=true, hasSingleCodeSource=true, hasMissingSignedEntries=false}
security: Missing Codebase manifest attribute for: file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar
security: Missing Application-Library-Allowable-Codebase manifest attribute for: file:/C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/jploader.jar
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Internet Explorer TrustedPublisher certificate store
security: Loaded certificates from Internet Explorer TrustedPublisher certificate store
security: Loading certificates from Internet Explorer DISALLOWED certificate store
security: Loaded certificates from Internet Explorer DISALLOWED certificate store
security: Validate the certificate chain using CertPath API
security: The certificate has expired, need to check timestamping info
security: Timestamping info is available
security: The certificate has expired, and is timestamped in valid period
security: Start checking TSA certificate path
security: Loading certificates from Internet Explorer ROOT certificate store
security: Loaded certificates from Internet Explorer ROOT certificate store
security: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
security: The certificate has expired, but TSA is not valid
security: Loaded blacklisted.certs file: C:\Users\M\AppData\LocalLow\Sun\Java\Deployment\security\blacklisted.certs
security: SHA-256Certificate finger print: DE17C95C4B269C653A8CEBEFF58A5F5449AEAD42F4D905F3A5DAF0231DD11CE7
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: A2BDF61928644D5A0F5CCC93C9B339E600AD1AD05E4682D86C1477CE39997CFF
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: AB7036365C7154AA29C2C29F5D4191163B162A2225011357D56D07FFA7BC1F72
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: AB7036365C7154AA29C2C29F5D4191163B162A2225011357D56D07FFA7BC1F72
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: Checking if certificate is in Internet Explorer TrustedPublisher certificate store
basic: Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running
basic: Dialog type is not candidate for embedding
security: JUT Record:
plugin2 denied [by security settings]
file://C:\Program Files (x86)\Cisco Systems\Cisco SDM\common\common\runAPP.shtml?USEHTTPS=1?ROUTER=10.1.1.10&SDMONPC=C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM&APP=sdm&GIF=rsdm&APPLET=XDM&proxyCodeBase=https://10.1.1.10/: launchjnlp= app=sdm cachedir=${user.home}/sgzcache/sdm code=com.cisco.nm.util.sgz.Loader gif=rsdm dynapplet=XDMApplet archive=jploader.jar sdmonpc=C:/ProgramFiles(x86)/CiscoSystems/CiscoSDM proxycodebase=https://10.1.1.10/ dynarchives=file:///C:/ProgramFiles(x86)/CiscoSystems/CiscoSDM/sdm/sdm/sdm.sgz,common.sgz errorurl=error.html?APP=sdm codebase=file:///C:/Program%20Files%20(x86)/Cisco%20Systems/Cisco%20SDM/common/common/ cabbase=ieloader.cab width=0 usehttps=1?ROUTER mayscript= applet=XDM height=1 app_model=eJytVM1u00AQnjT9pVUPRVz4kSLUlp/DbsqhoCKrKiGFIpdGSSpxXZxt4sr2Lrvj4vRQiZdA4sAb8B7ceQTElTdAglnbaVJVKhLClrye3Zn55pv57C8/YcYauBWomNk0YT2pIzVkRh6xHa33VU9GUFyVKbjmw3xAW2+FlQjL/rE4ETyRyA/b/lMfFnvSBibUGKoEYaU4jkTS5x00YdInlxWZoUwsObSlVakJpEW4UXimGEZ8xxgx9EOL5Lx0LMy52zs4gyrhRyoQDsDZFR8WYhEmjUjY3GGKgqwMUhPi0NWO8NAnZpyY8YIZJ2Z8xGy1M+FLgDMYYiTLRNM41JTg7pUJuuRDgbMnMukpk0dmmvq55Bgxag2j1nxce7x589cPU4W5PZgfCDtoUPAeTGtlkCiIFAfKlTFCPgrHVQyUxfJ9XhuFKlBRaVeplBLyd3khAMIub2zxllF9I+K1R/VdymZpvZ892XzAG6ENFFmdoUUZ27H9fJ8T01glo8WlXsCiGp2zup6zcnNi53PKPny78+mr+FyFCjGy4anMtJPL+2n3zPKxLDn55BsVynLvCq2tvhqPfKy7qctznzuRxpama7lb50ZdKCtv/58+HFOVoicNIznmmd1jkTqSXUTVCN8nEGs5Xm0CrXYBq3YZyaTJTqvF7ADjaPuw03zZ7bY63sZ2++Cw22x7G3W24e76OoUevG41vH/jt04gnu3F6y/2dj3jXmjDb3a9N3RGGsuGTp/P6CP3BojabnF+Ds1zhZWaQLjtZhm41CyJC2XY/inz84bpv5yfGahdpQX3cZUigBXSkoHlXIDul8KaSRpPHhLYbEFD/wHVpo3k
basic: exception: Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running.
com.sun.deploy.security.BlockedException: Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running
at com.sun.deploy.security.BlockedDialog.show(Unknown Source)
at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Ignored exception: com.sun.deploy.security.BlockedException: Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running
basic: Dialog type is not candidate for embedding
security: Reset deny session certificate store
basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter@14b42d9

Ha bárkinek van bármi ötlete, örömmel venném..

Üdv,
M.

Hozzászólások

Háj!

Nem akarok hülyeséget mondani... de van egy olyan fél emlékem, hogy akkor kezdett el működni, amikor a kivételekhez valami helyi fájl/ktv elérést is hozzáraktad. Nem emlékszem már, hogy honnan szültem ki... de mintha... (az SDM valami helyi mappája kell)

Ott van e:
Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running

--

Ezt olvasd el szerintem:

https://www.java.com/en/download/help/jcp_security.xml

High
This is the minimum recommended (and default) security level setting. Applications that are signed with a valid or expired certificate and include the Permissions attribute in the manifest for the main JAR file are allowed to run with security prompts. Applications are also allowed to run with security prompts when the revocation status of the certificate cannot be checked. All other applications are blocked.

Manifest-Version: 1.0
Created-By: 1.5.0_06 (Sun Microsystems Inc.)

Name: com/cisco/nm/util/sgz/security/CryptixRSAPublicKey.class
SHA1-Digest: zkC8lfKR0WCBarkqpvFlawAJKtE=

Name: com/cisco/nm/util/sgz/security/RawRSAPublicKey.class
SHA1-Digest: TxkaRb7eQ6yWLw+nteM7YgGuCu4=

Name: com/cisco/nm/util/sgz/security/MD5.class
SHA1-Digest: O+ENYJN7lM3L5SM0KGVKisCDmec=

Name: com/cisco/nm/util/sgz/LoaderThread.class
SHA1-Digest: uvEButoXNHEAuZ7cqShnOB2OXYo=

Name: com/cisco/nm/util/sgz/StoredJarEntry.class
SHA1-Digest: Us2YWTWkSOsqpnivKcygytnMf/U=

Name: com/cisco/nm/util/sgz/Httpd$1.class
SHA1-Digest: +8rNxLgV2LRaMFPS1FsxNBPqIbU=

Name: com/cisco/nm/util/sgz/security/Hex.class
SHA1-Digest: 8gEi4QJ44tFD6lj2w0u3UDi+yPw=

Name: com/cisco/nm/util/sgz/Loader.class
SHA1-Digest: 56q5oPYat5rjW0WwJwBoo1/oc94=

Name: com/cisco/nm/util/sgz/EnvIf.class
SHA1-Digest: kdzmVYbB2wmbcXGPpXmGl94KCV4=

Name: com/cisco/nm/util/sgz/SgzReader$1.class
SHA1-Digest: zWx0k/95AWr/hSLjSbm65SXDZv8=

Name: com/cisco/nm/util/sgz/security/BaseRSAPublicKey.class
SHA1-Digest: qh4WPTwX/K2qkasjOgLear9Ei74=

Name: com/cisco/nm/util/sgz/security/Signature.class
SHA1-Digest: +kzHTKIk2eUll+fp1YwKxwFHsRs=

Name: com/cisco/nm/util/sgz/Verifier.class
SHA1-Digest: MvtJUL0oIr9w84v5oz5QiVjmIVE=

Name: com/cisco/nm/util/sgz/CachingInputStream.class
SHA1-Digest: iuCIJEAGrcRtyvJyytAB7I4D5eE=

Name: org/apache/tools/bzip2/CRC.class
SHA1-Digest: F+J32363v8vg0+kVBBohxzlOKW4=

Name: com/cisco/nm/util/sgz/JarEntry.class
SHA1-Digest: m4z8HADE4MiQILlL5Ww20kQi1ss=

Name: com/cisco/nm/util/sgz/security/RSAKey.class
SHA1-Digest: DP8ik0BAsW6hnOidd+tXLflc1zM=

Name: com/cisco/nm/util/sgz/security/RIPEMD160.class
SHA1-Digest: AE/Xy6vwSk7IYZc2ZLIAti0M/d0=

Name: com/cisco/nm/util/sgz/SgzReader.class
SHA1-Digest: VG9iU0CUxrteKbfdMTsYOZ3Ntt8=

Name: com/cisco/nm/util/sgz/security/RIPEMD160_RSA_PKCS1Signature.clas
s
SHA1-Digest: O9RpttfqpMxhNQ/tmn/Fi8+ezk4=

Name: com/cisco/nm/util/sgz/security/RSAFactors.class
SHA1-Digest: +Cpb8Ak5fkb7aMoBuQiAT+ahGVE=

Name: com/cisco/nm/util/sgz/JPClassLoader.class
SHA1-Digest: p74++C1bkCIqNve0DHABbixCego=

Name: com/cisco/nm/util/sgz/security/BI.class
SHA1-Digest: //WbMm/sCpngAhAySsoZbNRbpXA=

Name: com/cisco/nm/util/sgz/Httpd.class
SHA1-Digest: 9wNaEsjIqMlyW9N9LX61qQ2EJKQ=

Name: com/cisco/nm/util/sgz/DeflatedJarEntry.class
SHA1-Digest: vLQ5YjSbHWJ7bZpFYZjcc0GQOzs=

Name: org/apache/tools/bzip2/CBZip2InputStream.class
SHA1-Digest: oVM01Zc1Y+VyI++Hq8tQSvwHHzM=

Name: org/apache/tools/bzip2/BZip2Constants.class
SHA1-Digest: xPLJzT8CE5DnIWbabVgFH9az/og=

Name: com/cisco/nm/util/sgz/security/ArrayUtil.class
SHA1-Digest: B1oR9mdmgxazXLT2Hcd2FkXEhQI=

Name: com/cisco/nm/util/sgz/publickey.t
SHA1-Digest: 0MCCisxGssKGVqK0TIH5GHa6XPA=

Name: com/cisco/nm/util/sgz/security/BlockMessageDigest.class
SHA1-Digest: eVMmMSpAFIzwUH7qpoyhdC3WAYE=

Name: com/cisco/nm/util/sgz/Env.class
SHA1-Digest: iHscZ+bgHs+fK4DkSTi9aXqyVOE=

Name: com/cisco/nm/util/sgz/security/RSAAlgorithm.class
SHA1-Digest: hQ/g2BsH7QRL7tjmdab+c9KMITE=

Name: com/cisco/nm/util/sgz/SgzApplet.class
SHA1-Digest: vp8dx7eZrkKzlX/L7K41glPxDUM=

Name: com/cisco/nm/util/sgz/security/Any_RSA_PKCS1Signature.class
SHA1-Digest: enZ9bOMULOZ/d3Th5htUSJ3JvDc=

Próbáltam a rendszeridőt visszaállítani egészen 2006-ig, de ugyanaz. Kicsit lassabban nyílik meg a hibaüzenet.. :)

Probald meg egy regebbi verzioju java-val (6). Annal meg nem voltak ennyire szigoruk a feltetelek.