Java Web Start Woes: “JAR resources in JNLP file are not signed by same certificate”

I ran into a problem with Java Web Start yesterday. I created my JNLP file (see below) and everything was working fine.

<%@ page contentType="application/x-java-jnlp-file" %>

<%
	// Force a Last-Modified timestamp into the HTTP header so that the client will reload
	response.setDateHeader("Last-Modified", System.currentTimeMillis());

	String url = request.getRequestURL().toString();
	String codebase = url.substring(0, url.lastIndexOf("/"));
%>

<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="<%= codebase %>" href="<%= url %>">
	<information>
		<title>Most Excellent Application</title>
		<vendor>ACME</vendor>
		<homepage href="http://www.acme.com"/>
		<description>Provides the answer to the question: What is the meaning of life, the universe and everything else?</description>
		<description kind="short">Application</description>
	</information>
	<security>
		<all-permissions/>
	</security>
	<resources>
		<j2se version="1.3+"/>
		<jar href="investorClient.jar"/>
		<jar href="jaxrpc.jar"/>
		<jar href="axis.jar"/>
		<jar href="commons-logging.jar"/>
		<jar href="commons-discovery-0.2.jar"/>
		<jar href="saaj.jar"/>
		<jar href="wsdl4j-1.5.1.jar"/>
	</resources>
	<application-desc main-class="ca.i-proving.cool.Application">
		<argument><%= codebase %>/services/</argument>
	</application>
</jnlp>

Then I wanted to include some functionality in my application that relied on classes in activation.jar. So I added the reference to application.jar in my jnlp and redeployed… only to have Java Web Start complain when I tried to launch the application that “JAR resources in JNLP file are not signed by same certificate”. An initial search on i-proving.ca turned up nothing, so I did a Google search and found the solution.

Java Web Start provides a way to refer to another jnlp file via an “extension” mechanism.
So rather than adding

<jar href="activation.jar"/>

to my jnlp file, I created a new jnlp file called “activation.jsp”

<%@ page contentType="application/x-java-jnlp-file" %>

<%
	// Force a Last-Modified timestamp into the HTTP header so that the client will reload
	response.setDateHeader("Last-Modified", System.currentTimeMillis());

	String url = request.getRequestURL().toString();
	String codebase = url.substring(0, url.lastIndexOf("/"));
%>

<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="<%= codebase %>" href="activation.jsp">
   <information>
      <title>Activation</title>
      <vendor>Sun Microsystems, Inc.</vendor>
      <offline-allowed/>
   </information>
   <security>
      <all-permissions/>
   </security>
   <offline-allowed/>
   <resources>
      <jar href="activation.jar"/>
   </resources>
   <component-desc/>
</jnlp>

and referred to it from the main jnlp file as follows:

...
		<jar href="saaj.jar"/>
		<jar href="wsdl4j-1.5.1.jar"/>
		<extension name="activation" href="activation.jsp"/>
	</resources>
...

Works like a charm.

It's only fair to share...
Share on FacebookGoogle+Tweet about this on TwitterShare on LinkedIn

Leave a Reply