airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nadeem Anjum <nadeem.cs....@gmail.com>
Subject Re: [GSoC 2014] Project based on XBaya
Date Thu, 13 Mar 2014 17:12:55 GMT
Hi Heejon,

Please find attached the jar file with permissions attribute set to
all-permissions


On Thu, Mar 6, 2014 at 6:29 AM, Heejoon Chae <heechae@cs.indiana.edu> wrote:

> Hi, Nadeem,
>
> Could you send your modified main jar which has permission attribute in
> it?
> I have our institute's trusted certificate, so I can test the issue with
> removing two reason.
>
> Thank you,
> Heejoon.
>
>
> On Thu, Mar 6, 2014 at 8:59 AM, Nadeem Anjum <nadeem.cs.iit@gmail.com>wrote:
>
>> Hi everyone,
>>
>> This is with reference to Heejon's issue [1] with Xbaya security issue
>> with the jre(51).
>>
>> I was able to recreate this issue on Windows.
>>
>> When the security level in java control panel is set to very high or
>> high, it gives the following error:
>> "Your security settings have blocked a *self-signed application* from
>> running "
>>
>> When the security level is set to medium or the application is added to
>> exception site list, the application is allowed to run with a warning,
>> which displays the *publisher* as "*unknown*"
>>
>> As per [2], there are two possible reasons for this:
>>
>> 1. *Jar file missing Permission Attribute*
>> 2.* Self signed application* (Certificate not from trusted authority)
>>
>> I modified the permissions in the main jar adding *permissions:
>> all-permissions *in the manifest.mf file, but the problem still
>> persists. According to [3], The Permissions attribute is used to verify
>> that the permissions level requested by the RIA when it runs matches the
>> permissions level that was set when the JAR file was created. *This
>> attribute is required in the manifest of the main JAR file for the RIA,
>> secondary JAR files and extensions are not required to have the Permissions
>> attribute*. If the attribute is not present in the main JAR file, then
>> the RIA is blocked
>>
>> So it appears the problem is not due to missing permissions in third
>> party jars.
>>
>> Rather the problem is apparently due to *self-signed signature*, as when
>> providing a self-signed signature (the free kind), the "Publisher" field
>> will always say "UNKNOWN" whether or not it is provided when creating the
>> signature, as per [4]
>>
>> Please share your opinion on this issue.
>>
>> [1]: http://markmail.org/thread/c6exit64mmhhpew7
>> [2]: https://www.java.com/en/download/help/java_blocked.xml
>> [3]:
>> http://download.java.net/jdk8/docs/technotes/guides/jweb/security/manifest.html
>> [4]: https://code.google.com/p/jzebra/issues/detail?id=155
>>
>>
>> On Wed, Feb 5, 2014 at 11:47 PM, Suresh Marru <smarru@apache.org> wrote:
>>
>>> Hi Nadeem,
>>>
>>> We still did not compile the list of GSoC projects for 2014, but
>>> independent of other, I think we certainly can take some help on XBaya and
>>> we have major refactoring needs come up. Let me suggest a list of tasks for
>>> you to get started.
>>>
>>> * Can you subscribe to Airavata User Mailing list[1] and help Heejoon
>>> with this thread [2]
>>>
>>> * Heejoon and his advisor Prof. Sun Kim's research group uses XBaya for
>>> interacting with Amazon EC2 Resources so better packaging of the JNLP will
>>> help them.
>>>
>>> As for the GSoC project itself, it will involve changing the current
>>> XBaya which reads the components in the workflow based on XML Schemas and
>>> WSDL's and we need to migrate that using in development thrift based data
>>> models. This will require also changes to XBaya communications to registry
>>> and workflow interpreter to talk to the new Airavata API. I will clearly
>>> elaborate on the GSoC project, but for now, please start with helping
>>> Heejoon and understanding the inner workings of 5    and 10 minute
>>> tutorials. Stick to Airavata 0.11 version for now. The trunk will be in
>>> rapid development over the next few weeks.
>>>
>>> Suresh
>>> [1] - http://airavata.apache.org/community/mailing-lists.html
>>> [2] - http://markmail.org/thread/c6exit64mmhhpew7
>>> [3] -
>>> http://biohealth.snu.ac.kr/wiki/index.php/BioVLab_:_Biology_Virtual_Collaborative_Lab
>>>
>>> On Feb 5, 2014, at 12:57 PM, Nadeem Anjum <nadeem.cs.iit@gmail.com>
>>> wrote:
>>>
>>> > Hello Everyone,
>>> >
>>> > Over the last few days I have been going through Airavata codebase. I
>>> specifically got interested in XBaya, and it will be great if I could get a
>>> chance to work on a project based on XBaya for GSoC 2014
>>> >
>>> > Thanks,
>>> > Nadeem
>>>
>>>
>>
>

Mime
View raw message