Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8058782

Deployment Rule Set run Application without signing

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: 7u67, 8u20
    • Fix Version/s: 8u40
    • Component/s: docs
    • Subcomponent:
    • CPU:
      x86_64
    • OS:
      linux

      Description

      A DESCRIPTION OF THE PROBLEM :
      The documentation about Deployment Rule Set ( http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/deployment_rules.html ) describes clearly, that an Application does not need to be signed if the rule grants the permission run.
      So I have created a rule like

      <rule>
           <id location="https://my.url"/>
           <action permission="run"/>
       </rule>

      but my Applications don't start when they are not signed.

      This effects also Java 8 ( http://docs.oracle.com/javase/8/docs/technotes/guides/deploy/deployment_rules.html )

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      In the documentation should be written, that applications need to be signed to be started also it has the permission run.

      OR:

      Change the implementation so that Applications can really be started without being signed.
      ACTUAL -
      In the documentation is actually written, that applications can start without being signed if it has the permission run.

      URL OF FAULTY DOCUMENTATION :
      http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/deployment_rules.html

        Attachments

          Activity

            People

            Assignee:
            jgordon Joni Gordon (Inactive)
            Reporter:
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Due:
              Created:
              Updated:
              Resolved: