Problems With Java - Plug-In

I'm having problems with the Java<sup>®</sup> plug-in. What advice can you give?
I'm having problems with the Java ® plug-in. What advice can you give?
When connecting to the OS MasterMap® service for the first time the system will load up a Java applet to enable you to display the mapping on the data
selection screen. In doing this, the system will check to see what browser you are using. This determines the way in which the Java applet is loaded.
You may experience problems during this process. The following provides a summary of these problems.
Problem Result Solution

When using Internet Explorer, The customer will notice that the Java plug-in has not The Java plug-in can be downloaded manually to rectify
the Java plug–in is downloaded been installed properly because: most problems. See below for how to do this and how to
via a URL. Problems can occur check that you have the correct version.
either the main screen has a grey panel rather
when:
than the mapping; or
the plug-in does not the customer's browser crashes when
download; and attempting to log in to the service.
the download is
corrupted in some way.
The Java plug-in is installed The customer will notice that the Java plug-in has not This problem is due to a conflict between the Java plug-in
correctly but a problem with the been installed properly because the main screen has a and Microsoft ® Proxy Server (v2) running on the customer's
user's environment does not white panel rather than the mapping, usually with the PC. The customer's IT department needs to install Proxy
allow it to run properly. overview of Great Britain visible. Server client on the affected PC.
When using Internet Explorer, The customer will notice that the Java plug-in has not The customer needs to contact their IT department.
the access rights on the PC do been installed properly because:
not allow Java plug-in
either the main screen has a grey panel rather
downloads and/or use.
than the mapping; or
the customer's browser crashes when
attempting to log in to the service.
It should also be noted that problems have also been experienced due to the JAVA plug-in not refreshing its own cache with the most current files, and to
force a refresh this cache should be cleared. To clear the cache you need to access the plug-in's control panel pop–up. This can be achieved by double-
clicking on the plug-in icon, which is generally displayed in the control panel screen, that is start > setting > control panel.
Further trouble-shooting with the Java plug-in

Problem 1: User experiences difficulty when installing the Java plug-in. Problem likely to be caused because of the way their system
is configured for locating temporary files.
See How to check you have the correct plug-in.
Problem 2: Internet Explorer 6 on Windows® 2000 does not attempt to download and install the Java plug-in when the user is on the
http://www.ordnancesurvey.co.uk/oswebsite/products/osmastermap/faqs/service012.html[5/21/2009 6:18:32 PM]

main OS MasterMap map page.

Problem 3: Java plug-in has seemingly been installed correctly, but the browser crashes out when attempting to log in to site.
Problem 4: Customer's network infrastructure uses NTLM authentication. The Java applet fails to load and the Java Console contains
a message like 'java.io.IOException: Unable to tunnel through proxy'. Proxy returns 'HTTP/1.0 407 Proxy authentication
required'.
Problem 5: When downloading the Java applet a warning stating that the security certificate is issued by a company that is not
trusted.
Windows is a registered trademark of Microsoft Corporation
Solution to problem 1: Manually download the plug-in installer and run the installer locally.
Before proceeding, you should check you have the necessary Windows profile permissions to install software on your machine. Your IT support
department will be able to tell you this. An indication may be not having the ability to see the JAVA console or system control panel.
Steps to achieve solution to problem 1 (please note that these instructions relate specifically to Java plug-in installation on a Windows platform):
1. Open a web browser.

2. Paste the following into the address box:
http://java.sun.com/j2se/1.4.2/download.html
(Please note: If the above link is not compatible with your software, you can download an earlier version of the Java plug-in by pasting the
following link into your web browser address box http://java.sun.com/j2se/1.4.1/download.html)
3. Select '32-bit/64-bit for Windows/Linux/Solaris SPARC'. Select the 'JRE' option and click on download.
4. You will be presented with a 'Keep Informed' page. Either complete the form and select 'accept' or select 'No thank you continue'.
5. You will be presented with a licence conditions page. Select the 'ACCEPT' button.
6. You will be presented with the download page. Double–click on:
Download Windows Installation, Multi-language (j2re-1_4_2_03-windows-i586-p-iftw.exe, 1.35 Mb)
7. You will be presented with a dialogue box from which you can choose to either open the file named in the dialogue box, or save the file to a
convenient place on your hard disk. The 7.64 Mb download may take a few minutes. If you choose to open the file the installation will be
automatic following the download.
8. If you chose to save the file, when download is complete use Windows Explorer to go to where you saved the file, and double–click on the file
to run it.
9. When installation is complete, you may have to reboot your machine.
10. Log into the OS MasterMap website. The plug-in should now function.
Please note: During downloading, a dialogue box requesting to disconnect from the Internet may appear. If this happens, click 'continue'.
Top of page
Solution to problem 2: Repair installation of Internet Explorer 6 on Windows 2000

Steps to achieve solution to problem 2:
1. Go to the Windows Control Panel.

2. Click on 'Add/Remove Programs' icon.
3. Select 'Repair Installation' option for Internet Explorer 6.
4. Log in to the OS MasterMap website.
5. Select 'Estimates'.
6. In the 'Options' panel select 'New estimate' -> 'User defined area'.
7. You will then be directed to a page that contains a Java applet for displaying maps. The browser will download the Java plug-in when it reaches
this page.
If the problem still occurs: Clear your temporary Internet files, cookies and Java cache, then do this:
1. Open Internet Explorer.

2. Click 'Tools' on the menu bar.
3. Click 'Internet Options' on the drop down menu.
4. Click on the 'General' tab.
5. Click the 'Delete files' button in order to delete temporary Internet files.
6. Click the 'Delete Cookies' button.

7. To clear the Java cache, go to 'Start', 'Settings', 'Control panel'.

8. Double click on the Java icon. Select the 'Cache' tab and click on 'Clear cache', 'Yes' then 'Apply'.
9. Now return to the OS MasterMap website again.
Top of page
Solution to problem 3: Check whether the Java plug-in is corrupted, uninstall then reinstall
Steps to achieve solution to problem 3:
1. Go to the Windows Control Panel.

2. Double-click on the 'Java Plug-in 1.4.2_03' icon. If the Java plug-in Control Panel does not appear, the download may not have been successful.
3. Click on 'Add/Remove Programs' icon.
4. Select 'Add/Remove' option for 'Java 2 runtime environment standard edition v1.4.2_03'. Select yes to question about whether you want to
remove the installation.
5. Follow solution to problem 1 to reinstall the Java plug-in by hand.
Solution to problem 4: Install the latest Java plug-in version

As the NTLM authentication mechanism is not supported by Java plug-in versions prior to 1.4.2_02, the latest version needs to be installed.
1. Install the latest Java plug-in version available from
(Solution 1 details download procedure)
2. Log into the OS MasterMap website.

3. Enter your user name (local network user name, for example, jbloggs) and password.
4. The user name should be preceeded by the domain name (local network domain) in the form domain\username (for example, OS\jbloggs)
Top of page
Solution to problem 5: Install the latest Java plug-in version

Manually download and install a later version of the Sun ® Java Plug-in from the following website:
(Solution 1 details download procedure)
Top of page
How to check you have the correct JAVA plug-in. (version 1.4 or later)
1. Start a web browser session and in the 'File Edit View….' bar either select:
'View->Java Console' or 'Tools->Sun Java Console'.
2. Log on to the OS Mastermap data selector.
3. Select 'Estimates'.
4. In the 'options' panel select 'New estimate' -> 'User defined area'
5. You will then be directed to a page that contains a Java applet for displaying maps.
In the bottom right-hand corner of your screen, in the system tray, will appear either of the the icons shown below:

6. Double-click on the icon and a console window will appear:

7. If you do not have the required Java plug-in you will be prompted via a pop-up box to download the correct version. Just click on 'ok' and the
download and installation should take just a few minutes, and will not require any intervention.
Note: If there are problems in downloading this software extension to the Java run-time environment on your machine, then it is likely that
there is a security issue with your site.
Any errors will be reported in this console window. If you cannot access the window there may be a security issue with your machine.
8. To view the plug-ins installed on your machine go to 'Start->Settings->Control Panel.
9. Double-clicking on the plug-in name will bring up the control panel for the plug in.

Note : If you cannot see the control panel or access the plug-in control panel then your machine probably does not have enough privileges.
10. For Internet Explorer you should also check that your browser's HTTP1.1 settings are set as follows:
Java and Sun are registered trademarks of Sun Microsystems, Inc. Microsoft and Windows are registered trademarks of Microsoft Corporation.

Java Plug-in: FAQ
Can I continue to use OBJECT tags to call my applets?
Yes. Even though the Java Plug-in has been enhanced to support APPLET tags, it is fully backward compatible with an existing
web pages that use OBJECT tags to launch applets. Moreover, the JRE/Java Plug-in continues to ship with the HTML
Converter for those developers who want to invoke their applets using OBJECT rather than APPLET tags.
I have been using <object> for previous version of Java Plug-in. In this release, <applet> is also supported. I am
very confused - which one should I use?
Java Plug-in supports both <applet> and <object> for Internet Explorer.
If you are trying to target Internet users, usually you have less control over the users' environment. Also, bandwidth can be an
important consideration. Thus, we recommend that <applet> be used for mass deployment purposes.
If you are targeting Intranet users, usually you have a more controlled environment. In this case, we recommend that
<object> be used for fine versioning control.
Are there compatibility issues with using the Java 2 Platform?
In the large majority of cases, there are no compatibility issues to be concerned about when moving from JDK 1.1 to the Java 2
Platform. The documentation for a given Java 2 Platform release describes all known incompatibilities, most of which are in the
category of "corner cases." For example, known compatibility issues in version 1.3 of the Java 2 Platform are described at
http://java.sun.com/j2se/1.3/compatibility.html.
Some old class files generated by early bytecode compilers do not strictly conform to the proper class-file format, and the Java
2 Runtime Environment may not load such classes. For more information, see Updating Old Class Files.
In addition to compatibility issues between different releases of the Java platform, there is the question of incompatibilities
between Sun's Java runtime environment and other Java runtime environments, for example the one included with some
Internet Explorer browsers. Sun has made a great effort to minimize such incompatibilities. Among the steps that Sun as taken
in this JRE/Java Plug-in are the following:
The classloader sharing policy in Java Plug-in has been changed to minimize incompatible behavior in applets that
depend explicitly on the classloader sharing policy of the Microsoft VM. See Class Loader Issues for information about
ensuring this change doesn't affect your applets' behavior.
The image and sound resource lookup sequence in Java Plug-in has been changed to give resources specified with the
HTML archive paramater priority over those on the codebase URL. This change was made to minimize incompatible
behavior for applets that rely explicitly on the resource lookup sequence employed by the Microsoft VM.
The implementation of Applet.getParameter() has been modified to strip off leading and trailing whitespace from
parameters before they are returned to the applet. This is the behavior of the Microsoft VM in some Internet Explorer
browsers, and this change was made to eliminate possible incompatibile behavior in applets that rely explicitly on that
behavior.
The sun.audio package was accessible to applets in JDK 1.1. However, the applet sandbox was closed up beginning
with version 1.2 of the Java 2 Platform, so applets that try to access any class libraries in the sun.audio packages would
result in a SecurityException. To provide maximum applet compatibility, the applet sandbox in Java Plug-in has been
opened up to all applets to access the sun.audio package again.
Java Plug-in no longer checks the HTML MAYSCRIPT parameter, used in previous versions to enable applets to access
JavaScript. Applets may access JavaScript in all cases, even without the MAYSCRIPT parameter.
The HTTP User-Agent string used by Java Plug-in during HTTP connection requests has been changed to be similar to
that used by the browser. This means that most web servers will recognize connection requests made from applets
running in Java Plug-in.
Q: The file Java Runtime Environment 1.3.1_0x (an ActiveX Control) in the WINNT/Downloaded Program Files
directory says it's "Damaged." What does this mean? What can I do about it?
A: This is a cosmetic bug; you won't run into any actual problems with the Java Runtime Environment. It does not mean that
anything is damaged or that the installation failed. However, if you would still like to make it read "installed" instead of
"damaged", you can edit the windows registry. First double-click on the ActiveX Control that is "damaged" (Java Runtime
Environment 1.3.1_0x) and check the ID value. Go to Start->Run, type regedit and hit "Ok". Traverse to the following
registry key: HKEY_LOCALE_MACHINE//Software//Microsoft//Code Store
Database//Distribution Units//{ID}//DownloadInformation, where ID is the value of the ID. Double click on the
http://java.sun.com/products/plugin/1.3.1_01a/faq.html[5/21/2009 6:22:05 PM]

Java Plug-in: FAQ
INF registry string, delete the string contents, and hit "Ok". The status of the previously "damaged" ActiveX control should now
say "installed".
What security model does Java Plug-in use?
JRE/Java Plug-in is a product in the Java 2 Platform family, and it uses the new Java 2 Platform's security model. This security
model is more flexible and configurable than the security model used by JDK 1.1. For more information,s ee the Java 2
Platform's security documentation at http://java.sun.com/j2se/1.3/docs/guide/security/index.html.
I ran an applet but encountered the following messages in the Java Console: "Netscape security model is no
longer supported. Please migrate to the Java 2 security model instead.". What should I do?
You may want to start from here:

http://java.sun.com/j2se/1.3/docs/guide/security/index.html http://java.sun.com/products/plugin/1.3/docs/rsa_signing.html
Note that applets that rely explicitly on proprietary technology in the security model of the Microsoft VM may not work with Java
Plug-in.
What registry keys are created by Java Plug-in on Microsoft Windows?
The registry keys created by JRE/Java Plug-in during installation are located at
HKEY_LOCAL_MACHINE\Software\JavaSoft\Java Runtime Environment and are summarized in the document at
http://java.sun.com/j2se/1.3/runtime_win32.html. JRE/Java Plug-in does not support registry keys created and
used by the Microsoft VM located at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Java VM. For example, registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Java VM\Classpath sets the class path for the Microsof VM, but this
class path is not recognized by JRE/Java Plug-in. (Nor should you put the Microsoft VM class path on the Java Plug-in class
path as doing so risks breaking applets or producing unexpected behavior in applet function.)
Will Java Plug-in overwrite my installed Microsoft VM?
No. Although Java Plug-in will take over the <applet> support in Internet Explorer, Java Plug-in does not overwrite any
Microsoft VM binaries. In addition, Java Plug-in only overrides the Microsoft VM when <applet> is used, so other applications
which rely on the Microsoft VM explicitly will continue to work.
Can I install JRE 1.3.1_01a when I already have JRE 1.3.1_01 installed?
The installer for 1.3.1_01a will allow you to do this, but JRE 1.3.1_01a will be installed in the same directory as JRE 1.3.1_01,
and that can lead to improper operation or crashes. Therefore, you should uninstall previous installations of 1.3.1 software prior
to installing JRE 1.3.1_01a or Java 2 SDK 1.3.1_01a.
After I completed the auto download process, I got the message "Can,t run 16-bit Windows program". What's
wrong?
This may cause by some unsuccessful download of the bits. You may want to retry the download process from
http://java.sun.com/getjava, or download the binary manually from http://java.sun.com/j2se/1.3.1/jre/.
I want to deploy Java Plug-in on multiple machines but don't want to repeat the auto install process. What should
I do?
You may want to download the binary manually from http://java.sun.com/j2se/1.3.1/jre/.
How can I switch between Java Plug-in and the Microsoft VM for handling the <applet> tags?
Under Advanced tab in Internet Explorer's control panel, you may toggle the option through "Use Java 2". The change will be in
effect after you restart the browser
http://java.sun.com/products/plugin/1.3.1_01a/faq.html[5/21/2009 6:22:05 PM]

Java 2 Platform Compatibility
Sun Java Solaris Communities My SDN Account Join SDN
» search tips Search

APIs Downloads Products Support Training Participate
SDN Home > Products & Technologies > Java Technology > Java Platform, Standard Edition (J2SE) > Core Java > J2SE 1.3.1 >
Reference > Documentation >
Documentation
Print-friendly Version
SDK Documentation
Java 2 Platform v1.3

Compatibility with Previous Releases
Contents
This document contains information on the following topics:
Binary Compatibility
Source Compatibility
Incompatibilities in the Java 2 Platform, Standard Edition, v1.3
For information about incompatibilities between versions 1.2 and 1.1 of the Java platform, see the compatibility documentation for the Java 2
Platform, v1.2.
For information about incompatibilities between versions 1.0 and 1.1 of the Java platform, see the compatibility documentation for the JDK 1.1
software.
See the Clarifications and Amendments document for a summary of changes that have been made to the specification of the Java
programming language since the publication of the original Java Language Specification.
Binary Compatibility
The Java 2 SDK, v1.3 is upwards binary-compatible with Java 2 SDK, v1.2 except for the incompatibilities listed below. This means that, except
for the noted incompatibilities, class files built with version 1.2 compilers will run correctly in the Java 2 SDK, v1.3.
As long as the Javac compiler's '-target 1.2' command-line option is not used, downward binary compatibility is generally supported, though not
guaranteed. That is, class files built with a Java 2 SDK compiler, but relying only on APIs defined in versions 1.0 or 1.1 of the Java platform, will
generally run on 1.0 and 1.1 versions of the Java virtual machine, but this "downwards" compatibility has not been extensively tested and
cannot be guaranteed. Of course, if the class files depend on any new Java 2 Platform APIs, those files will not work on earlier platforms.
In general, the policy is that:
Maintenance releases (for example 1.2.1, 1.2.2) within a family (1.2.x) will maintain both upward and downward binary-compatibility with
each other.
Functionality releases (for example 1.2, 1.3) within a family (1.x) will maintain upward but not necessarily downward binary-compatibility
with each other.
Some early bytecode obfuscators produced class files that violated the class file format as given in the virtual machine specification. Such
improperly formatted class files will not run on the Java 2 SDK's virtual machine, though some of them may have run on earlier versions of the
virtual machine. To remedy this problem, regenerate the class files with a newer obfuscator that produces properly formatted class files.
Source Compatibility
The Java 2 SDK versions 1.2 and 1.3 are upwards source-compatible with JDK software versions 1.0 and 1.1, except for the incompatibilities
http://java.sun.com/j2se/1.3/compatibility.html[5/21/2009 6:22:20 PM]

listed below. This means that, except for the noted incompatibilities, source files written to use the language features and APIs defined for 1.0
and 1.1 can be compiled and run in the Java 2 SDK (v1.2 and 1.3).
Downward source compatibility is not supported. If source files use new language features or Java 2 Platform APIs, they will not be usable with
an earlier version of the Java platform.
In general, the policy is that:
Maintenance releases do not introduce any new language features or APIs, so they maintain source-compatibility in both directions.
Functionality releases and major releases maintain upwards but not downwards source-compatibility.
Deprecated APIs are methods and classes that are supported only for backwards compatibility, and thecompiler will generate a warning
message whenever one of these is used, unless the -nowarn command-line option is used. It is recommended that programs be modified to
eliminate the use of deprecated methods and classes, though there are no current plans to remove such methods and classes entirely from the
system.
Some APIs in the sun.* packages have changed. These APIs are not intended for use by developers. Developers importing from sun.*
packages do so at their own risk. For more details, see Why Developers Should Not Write Programs That Call sun.* Packages.
Incompatibilities in the Java 2 Platform, Standard Edition, v1.3

J2SE 1.3 is strongly compatible with J2SE 1.2 and 1.2.2. Almost all existing programs should run on J2SE 1.3 without modification. However,
there are some minor potential incompatibilities that involve rare circumstances and "corner cases" that we are documenting here for
completeness.
1. New class java.util.Timer has been added in version 1.3 of the Java 2 Platform, making two classes named Timer:
java.util.Timer
javax.swing.Timer
The introduction of java.util.Timer will cause a source-level incompatibility in existing code that has these two import statements:
import java.util.*;
import javax.swing.*;
and refers to javax.swing.Timer by its unqualified name, as in, for example
Timer t;
The ambiguous reference to class Timer can be resolved in favor of javax.swing.Timer by adding a third import statement:
import javax.swing.Timer;
With this third import statement in place, the source code will compile and have the same behavior as in previous versions of the platform.
2. The implementation of method java.lang.Double.hashcode has been changed in Java 2 SDK, v1.3 to conform to the API
specification. A typographical error in the specification has also been corrected. The specification for method hashcode previously
contained the following sentence:
"That is, the hashcode is the value of the expression:
(int)(v^(v>>>32))
where v is defined by:
long v = Double.doubleToLongBits(this.longValue());"
The last line in this sentence has been corrected in the 1.3 API specification to read
long v = Double.doubleToLongBits(this.doubleValue());
The method's implementation in the SDK has been changed to return
(int)(bits ^ (bits >>> 32))
in conformance with the specification, where bits is doubleToLongBits(value). In previous versions of the SDK, method hashcode
returned
(int)(bits ^ (bits >> 32))
This change in implementation is not expected to affect the behavior of existing applications because hashcode returns a truncated

integer value.
3. New Permission class java.sql.SQLPermission has been added in version 1.3 of the Java 2 Platform. The SecurityManager will
check the SQLPermission when code that is running in an applet calls any of the following methods:
java.sql.DriverManager.setLogWriter
java.sql.DriverManager.setLogStream (deprecated)
javax.sql.DataSource.setLogWriter
javax.sql.ConnectionPoolDataSource.setLogWriter
javax.sql.XADataSource.setLogWriter
Under J2SE 1.3, an exception will be thrown when an applet without the appropriate SQLPermission attempts to set the log writer.
4. The internal implementation of the Java Sound APIs (in class com.sun.media.sound.SimpleInputDevice) in version 1.3 checks
javax.sound.sampled.AudioPermission. The new check means that, under 1.3, applets must be given the appropriate
AudioPermission to access audio system resources, whereas this was not the case in previous versions of the platform.
5. JInternalFrames are no longer visible by default. Beginning with version 1.3 of the Java 2 Platform, developers need to set the visibility of
each JInternalFrame to true in order to have it show up on the screen. In previous versions of the platform, the visibility of
JInternalFrames was true by default.
Why the change? The rule for default visibility in Swing is that only top-level components, such as JFrame and JDialog, have default
visibility false; the remaining components have default visibility true. This is so that once a JFrame is constructed, one call to
setVisible(true) on the JFrame will show it and all of its contents.
Although JInternalFrame is not really a top-level component, it needs to behave like a JFrame in many ways. In particular, it needs to fire
JInternalFrame events corresponding to Window events on JFrames. One such event, INTERNAL_FRAME_OPENED, is fired in response to
the initial visibility change from false to true; with no such change prior to version 1.3, the event wasn't being fired.
In order to fix this bug, and to make JInternalFrame more compatible with its heavyweight cousin JFrame, the default visibility of
JInternalFrame has been changed to false beginning with version 1.3 of the Java 2 Platform. Therefore, to show an internal frame, just
add the call to setVisible(true) after adding the frame to its parent.
To ensure that your JInternalFrames are visible on 1.2.x or 1.3, you need to be sure to call setVisible. There is no penalty for making
this call on 1.2 even though the frames will be visible by default.
6. In version 1.3, the TableColumn.getHeaderRenderer method returns null by default. Because of that, it cannot be used to get the
default header renderer. Instead, you can use the new JTableHeader.getDefaultRenderer method to get the default header
renderer.
In cases where you need the same code to work on 1.2.x and 1.3, you can do so. In places where you were counting on the
getHeaderRenderer method to return the default renderer, you can instead create a new renderer. An example is shown below. This will
work on 1.2.x and 1.3.
/*Original code*/
DefaultTableCellRenderer hr =
(DefaultTableCellRenderer)column.getHeaderRenderer();
hr.setHorizontalAlignment(SwingConstants.LEFT);
/*Fixed code*/
DefaultTableCellRenderer hr = new DefaultTableCellRenderer();
hr.setHorizontalAlignment(SwingConstants.LEFT);
column.setHeaderRenderer(hr);
7. Because JTable's default text editor is smarter in version 1.3 about data types, it now gives setValueAt objects of the appropriate type,
instead of always specifying strings. For example, if setValueAt is invoked for an Integer cell, then the value is specified as an Integer
instead of a String. If you implemented a table model, then you might have to change its setValueAt method to take the new data type
into account. If you implemented a class used as a data type for cells, make sure that your class has a constructor that takes a single

String argument.
8. In releases 1.2.x it was possible for sufficiently trusted code to modify final fields by first calling Field.setAccessible(true) and then
calling Field.set(). This was clearly a bug since the specification for Field.set() stated that an IllegalAccessException would
be thrown in this case. This bug has been fixed in 1.3, and program code should not attempt to rely on the improper behavior that was
formerly possible because of the bug.
9. A bug (bugID 4250960) in versions 1.2, 1.2.1 and 1.2.2 of the Java 2 SDK and Java 2 Runtime Environment allowed sufficiently trusted
code to change the value of final fields by first calling java.lang.reflect.Field.setAccessible(true) and then calling
Field.set(). The ability to modify final fields in this manner is a bug because it is a violation of the specification for Field.set(),
which states that an IllegalArgumentException should be thrown when an attempt is made to modify a final field.
This bug is fixed in version 1.3, and program code should not attempt to rely on the improper behavior that was formerly possible because
of the bug.
Note that non-static final fields can still be set through the JNI Set<type>Field routines.
10. The specification and behavior of the constructors BasicPermission(String name) and
BasicPermission(String name, String actions) in class java.security.BasicPermission have been modified in version
1.3 of the Java 2 Platform. When the name parameter is null, the constructors now throw a NullPointerException. When name is an
empty string, the constructors now throw an IllegalArgumentException. This change of behavior is inherited by subclasses of
BasicPermission.
The change also affects the behavior of java.lang.System.getProperty() and java.lang.System.setProperty() whose
implementations construct an instance of PropertyPermission, a subclass of BasicPermission. Under the change, a call to
getProperty or setProperty with an empty property name (that is, getProperty("") or setProperty("", value)) will result in
an IllegalArgumentException. In previous versions of the platform, such a call would return quietly with no exception.
11. The behavior of java.net.URL has changed slightly for cases in which a URL instance is constructed from a String. In previous versions
of the Java platform, a final slash ('/') would be added to a URL when the URL was constructed without one. For example, consider this
code:
URL url = new URL("http://www.xxx.yyy");

System.out.println(url.toString());
In previous releases, this code would produce the following output.
http://www.xxx.yyy/
In 1.3, the trailing slash is not automatically appended, so that the output of the above code is now
http://www.xxx.yyy
The previous behavior was technically a bug, and it is not expected that this change will cause any compatibility problems with previous
releases.
12. The introduction of a new implementation of the javac compiler in version 1.3 has the following compatibility ramifications.
Inherited Members of an Enclosing Class are Now Accessible

The Java Language Specificaton, Second Edition, states that inherited members of a class are accesible within that class, including
any nested classes. In 1.1 and 1.2 versions of the Java 2 SDK, the compiler considered a member accessible within a nested class
only if it was actually declared in an enclosing class. The new compiler in the Java 2 SDK, v1.3 has been brought into conformance
with the specification.
Hiding of Local Variables and Parameters

The Java Language Specification requires that an error be reported when a local variable or catch clause parameter is declared within
the scope of a like-named method parameter, local variable, or catch clause parameter. However, the old compiler enforced it
somewhat erratically. The specification has been clarified so that the rule applies only to variables and parameters belonging to a
single method. Where a method is nested within another method, e.g., as a member of a local class, local variables and parameters
of the inner method may freely shadow those of the outer method.
Name Conflicts Between Types and Subpackages

According to section 7.1 of the Java Language Specification, Second Edition, it is illegal for a package to contain a class or interface
type and a subpackage with the same name. This rule was almost never enforced prior to version 1.3. The new compiler now

enforces this rule consistently. A package, class, or interface is presumed to exist if there is a corresponding directory, source file, or
class file accessible on the classpath or the sourcepath, regardless of its content.
Qualified Names in Constant Expressions

According to section 15.28 of the Java Language Specification, Second Edition, a qualified name that is a constant expression must
be of the form TypeName.identifier. Thus, regardless of whether the field foo itself is a constant, an expression x.foo, where x is a
variable or any other expression, may not be used in a context where a constant expression is required. Prior to version 1.3, javac
silently accepted such constructions, treating x as if had been replaced by its type, and ignoring any side effects that the expression
might peform.
Member Classes of Interfaces are Now Inherited by Implementing Classes

Prior to version 1.3, member classes of interfaces were not inherited by implementing classes. This was an oversight in the
implementation. The specification requires that the member classes be inherited, in keeping with the principle that they should be
treated analogously to fields.
13. In version 1.3, java.io.ObjectInputStream has been optimized to buffer incoming data for improved performance. As a side effect of
this change, ObjectInputStream calls the multi-byte read(byte[], int, int) method of the underlying stream more often than it
did previously. Consequently, underlying stream classes that implement this method incorrectly are more likely to trigger serialization
failures. To avoid the possibility of unexpected behavior, it is critical that the underlying stream implement both the single-byte read() and
multi-byte read(byte[], int, int) methods properly.
14. Version 1.2 of the Java 2 Runtime Environment included a client side adapter for the Internet-Intranet Input Method Protocol (IIIMP), a Sun
Microsystems technology which enables the use of server-based input methods over the network. This adapter was included to allow the
evaluation of this protocol at a time when there was no public interface that would let users install the adapter into a Java runtime
environment as a separate software component. Version 1.3 of the Java 2 platform provides a public input method engine SPI, so that the
adapter, like other input systems, can now be developed and distributed as a separate product and installed into any implementation of
the Java 2 platform. A version of the IIIMP adapter that uses the SPI is currently being developed by Sun Microsystems. To obtain current
information, go to the Solaris Developer Connection and search for "IIIM".
Environments set up to allow text entry using a server-based input method should use instead another solution such as host input methods
or the IIIMP client-side adapter from Sun.
15. The previous versions of JVMs and native libraries in the JDK were compiled in C++ "-compat=4" mode so as to be compatible with
native C++ code that was written in the ARM-based pre-ANSI/ISO C++ (such as used with Sun Workshop SC4.2 and earlier C++
compilers). Starting from J2SE 1.3.0 onwards, the JVM and native libraries are compiled using the "standard" mode corresponding to
ANSI/ISO C++. This change means that existing native C++ source code that uses the old pre-ANSI/ISO C++, and which used to work
with the old versions of the JVMs, will be incompatible with J2SE 1.3.0, especially if you use C++ exceptions. Such native C++ code should
be ported to "standard" ANSI C++ mode to work with J2SE 1.3.0 and later.
Version 1.3.0 of the Java virtual machine for Solaris Operating Environment was built under Solaris 2.6 using Sun Workshop 5.0 C++
compiler in "standard" (ANSI/ISO C++) mode using ""classic" iostreams.
16. Prior to J2SE 1.3.0, the javac compiler for Microsoft Windows platforms treated directory names in package paths in a case-insensitve
manner. Beginning with J2SE 1.3.0, the javac compiler treats directory names in a case-sensitive manner. The javac compiler in J2SE
1.3.0 will emit a "cannot resolve symbol" error if directory names in a package path are not letter-for-letter case matched to package
names.
A Sun Developer Network

About Sun | About This Site | Newsletters | Contact Us | Site
Employment
How to Buy | Licensing | Terms of Use | Privacy | Trademarks
Unless otherwise licensed,
code in all technical manuals

herein (including articles,

Copyright 1994-2009 Sun Microsystems, Inc. FAQs, samples) is provided
under this License.
Sun Developer RSS Feeds

Java Plug-in: What's New

SDN Home > Products & Technologies > Java Technology > Java Platform, Standard Edition (J2SE) > Desktop Java > Java Plug-in >
Reference > Documentation >
Documentation
What's New in Java Plug-in 1.3.1_01a Developer

Docs
Contents
Support for the APPLET Tag
Compatibility with the OBJECT Tag
Supported Platforms and Browsers
Class Loader Issues
Updating Old Class Files
Other Enhancements
Fixed Bugs
Support for the APPLET Tag

Java Plug-in now supports the HTML APPLET tag for launching applets on Microsoft Windows platforms. Users may configure
their browsers so that JRE 1.3.1_01a is the default runtime environment for handling APPLET tags.
For developers, the Java Plug-in enhancements enable you to deploy your applet web pages without the need for an HTML
Converter or the use of OBJECT tags, while still being able to ensure that your users will have the latest JRE/Java Plug-in for
running your code. In outline form, the new model for launching an applet is as follows.
1. User accesses web page which employes APPLET tags (not OBJECT tags) to launch an applet.
2. The web page invokes a script that determines whether the latest, enhanced JRE/Java Plug-in is installed on the user's
machine.
3. If the latest, enhanced JRE/Java Plug-in is not installed on the user's machine, the script initiates an auto-download process
for the JRE/Java Plug-in if the user's machine is a Microsoft Windows platform. For other platforms, the script sends the
user to a web page that directs the user to manually download JRE/Java Plug-in.
4. If the latest JRE/Java Plug-in from Sun is installed on the user's machine, Java Plug-in checks whether the user has
selected it as the default runtime environment for running applets. If so, then the applet is launched on Sun's JRE. If not, the
browser's internal Java runtime environment (if it has one) will be used to run the applet.
Even though Java Plug-in now supports the APPLET tag, it does not support applets that make use of proprietary technologies.
Examples of such technologies are
CAB files
Authenticode signing
Java Moniker
Compatibility with the OBJECT Tag

This release of Java Plug-in supports the use of APPLET tags for launching applets from web pages on Microsoft Windows
http://java.sun.com/products/plugin/1.3.1_01a/new.html#update[5/21/2009 6:22:39 PM]

platforms. However, it is also fully backward compatible with previous Java Plug-in releases in its support of the OBJECT tag for
launching applets. Developers have the option of using the 1.3.1_01a HTML Converter to set up their applet web pages to use
the OBJECT tag as before.
For more information about using OBJECT tags to launch applets on Java Plug-in, see Java Plug-in HTML Specification and
Using the HTML Converter.
Supported Platforms and Browsers

The support for the APPLET tag in JRE/Java Plug-in 1.3.1_01a is intended for use on the following Microsoft Windows operating
systems:
Windows 95
Windows 98 (1st and 2nd editions)
Windows ME
Windows NT 4.0
Windows 2000
In addition, JRE/Java Plug-in 1.3.1_01a has been tested on pre-releases of Windows XP and is expected to work with the final release of
Windows XP.
JRE/Java Plug-in 1.3.1_01a provides support for the APPLET tag on the following web browsers:
Internet Explorer 4.0 (4.01 recommended), 5.0 (5.01 recommended),

5.5 (Service Pack 2 recommended), 6.0
Netscape 6.0, 6.1
Class Loader Issues

Prior to version 1.3.1_01a, Java Plug-in would use a single class loader to load multiple applets during a browser session. This
practice allowed the multiple applets to share information with each other through static variables.
In order to maximize compatibility with the Java virtual machines embedded in Microsoft Internet Explorer browsers, beginning
with version 1.3.1_01a Java Plug-in uses separate class loaders for applets that differ in their codebase and/or the value of the
ARCHIVE parameter in the APPLET tags that invoke the applets. Only if two or more applets share the same codebase and have
the same value for their ARCHIVE parameter will the same class loader be used.
Applets that rely explicitly on the old Java Plug-in behavior with respect to class loaders may be incompatible with the new Java
Plug-in. That is, applets that rely on the ability to share information afforded by a single class loader may fail to work properly if
the new Java Plug-in uses separate class loaders for each applet. If this compatibility issue applies to your applets, you can
force Java Plug-in to use a single class loader for multiple applets by simply ensuring that all applets have the same codebase
and that the APPLET tags used to launch the applets each has the same value for the ARCHIVE parameter.
Updating Old Class Files

In some cases, the new Java Runtime Environment associated with this Java Plug-in release will not run class files that were
generated with old compilers. The usual symptom is a java.lang.ClassFormatError that the virtual machine throws when it
attempts to load such a class file. This failure has nothing specifically to do with the changes in this release. Rather, old
bytecode compilers did not strictly adhere to proper class-file format in all situations when generating class files. Recent virtual
machines are implemented to be strict in enforcing proper class file format, and this can lead to errors when they attempt to load
old, improperly formatted class files. Some typical problems in some older class files are (this list is not exhaustive):
There are extra bytes at the end of the class file;

The class file contains method or field names that do not begin with a letter;
The class attempts to access private members of another class;
The class file has other format errors, including illegal constant pool indices and illegal UTF-8 strings;
Some early (third-party) bytecode obfuscators produced class files that violated proper class-file format.
You can avoid this type of problem by recompiling your classes with the Javac bytecode compiler from the current Java 2 SDK. If
you choose to use a third-party obfuscator, be sure to use one that produces class files that respect proper class-file format.
Other Enhancements
In addition to the support for the APPLET tag described above, the Java Plug-in has many performance and architecture

enhancements that will make it more suitable for widespread use on consumer client machines that typically are not as powerful
as client platforms in an enterprise environment. Some of these enhancements are summarized below.
Memory management
Dynamic maximum heap size is scaled down from 128 MB to 96MB to avoid unnecessary paging on the system.
Classloader implementation has been tuned to allow memory to be reclaimed more often by the garbage collector.
Potential memory leak issue is addressed by using JNI/COM smart pointers in implementation.
Performance
Applet download time is significant reduced by relying on browser caching when possible. No connection will be
opened on the server side unless it is absolutely necessary.
Applet lifecycle is controlled asynchronously to allow very fast page switch.
Sped up classloader object reclaim by removing its finalize() method.
HTTPS read has been made significantly faster by increasing buffer size.
HTTPS calls are significant faster by statically linking Microsoft's Wininet instead of dynamic function lookup every
time.
JavaScript performance is greatly enhanced by eliminating BeanInfo lookup over the network.
Java Console performance is enhanced by using the Console Writer thread to avoid blocking System.out and
System.err when possible.
Design
Default JavaScript/Java interaction is changed from "not-scriptable" to "scriptable", allowing any applets running
through the APPLET tag to be used from JavaScript without modification.
JDK 1.1 compatibility

Java Plug-in can now access the sun.audio package.
Some of applets are compiled with compilers that don't generate proper class file format which conforms the class-file
specification. Such appletss may result in a ClassFormatError when Java Plug-in attempts to load them. To help
address this problem, PluginClassLoader provides a bytecode scanner to transform bad class files to conforming
on-the-fly to allow the applets to run. Currently, only the bad class filse with the following errors may be transformed
Local variable name has bad constant pool index
Extra bytes at the end of the class file
Code segment has wrong length
Illegal Field/Method name
Illegal field/method modifiers
Invalid start_pc/length in local var table
See also Updating Old Class Files above.
Fixed Bugs
For a list of bugs fixed in this release of Java Plug-in, see
http://java.sun.com/j2se/1.3.1/ReleaseNotes.html

Employment
under this License.


JDK 1.3.1 Security-related APIs & Developer Guides -- from Sun Microsystems
Documentation Contents
Security
JavaTM 2 Platform Security Introduced:
Policy-based, easily-configurable, fine-grained access control. When code is loaded, it is assigned

"permissions" based on the security policy currently in effect. Each permission specifies a permitted
access to a particular resource (such as "read" and "write" access to a specified file or directory,
"connect" access to a given host and port, etc.). The policy, specifying which permissions are
available for code from various signers/locations, can be initialized from an external configurable
policy file. Unless a permission is explicitly granted to code, it cannot access the resource that is
guarded by that permission.
These new concepts of permission and policy enable the Java 2 Platform to offer fine-grain, highly
configurable, flexible, and extensible access control. Such access control can now not only be
specified for applets, but also for all Java code, including applications, beans, and servlets.
Certificate interfaces for parsing and managing certificates, and X.509 v3 implementation of the
certificate interfaces.
Three new tools: keytool is used to create public/private keys; to display, import, and export
certificates; and to generate X.509 v1 self-signed certificates. jarsigner signs JAR (Java Archive
Format) files, and verifies the signature(s) of signed JAR files. policytool creates and modifies the
external policy configuration files that define your installation's Java security policy.
Security enhancements for Java TM 2 SDK, Standard Edition, v 1.3
Lists the enhancements and changes to Java TM 2 Platform Security introduced with this release.
Security Guides
Security Architecture
Cryptography Architecture
How to Implement a Provider for the Java Cryptography Architecture
Policy Permissions
Default Policy Implementation and Policy File Syntax
New API for Privileged Blocks
X.509 Certificates and Certificate Revocation Lists
Security Managers and the JavaTM 2 SDK
Security API Specification

(javadoc)
java.security Package
java.security.cert Package
java.security.interfaces Package
java.security.spec Package
http://java.sun.com/j2se/1.3/docs/guide/security/[5/21/2009 6:22:43 PM]

Security Tools
Security Tools Summary
keytool (for Solaris) (for Windows)
jarsigner (for Solaris) (for Windows)
policytool (for Solaris) (for Windows)
For More Information

Located on the Java Software web site:
The JavaTM 2 Platform Security trail of the Java Tutorial

The Security Home Page
Copyright © 1995-99 Sun Microsystems, Inc. All Rights Reserved.
Please send comments to: java-security@sun.com. This is not a subscription list.

Java Software
http://java.sun.com/j2se/1.3/docs/guide/security/[5/21/2009 6:22:43 PM]

Documentation Contents
Security
JavaTM 2 Platform Security Introduced:
Policy-based, easily-configurable, fine-grained access control. When code is loaded, it is assigned

"permissions" based on the security policy currently in effect. Each permission specifies a permitted
access to a particular resource (such as "read" and "write" access to a specified file or directory,
"connect" access to a given host and port, etc.). The policy, specifying which permissions are
available for code from various signers/locations, can be initialized from an external configurable
policy file. Unless a permission is explicitly granted to code, it cannot access the resource that is
guarded by that permission.
These new concepts of permission and policy enable the Java 2 Platform to offer fine-grain, highly
configurable, flexible, and extensible access control. Such access control can now not only be
specified for applets, but also for all Java code, including applications, beans, and servlets.
Certificate interfaces for parsing and managing certificates, and X.509 v3 implementation of the
certificate interfaces.
Three new tools: keytool is used to create public/private keys; to display, import, and export
certificates; and to generate X.509 v1 self-signed certificates. jarsigner signs JAR (Java Archive
Format) files, and verifies the signature(s) of signed JAR files. policytool creates and modifies the
external policy configuration files that define your installation's Java security policy.
Security enhancements for Java TM 2 SDK, Standard Edition, v 1.3
Lists the enhancements and changes to Java TM 2 Platform Security introduced with this release.
Security Guides
Security Architecture
Cryptography Architecture
How to Implement a Provider for the Java Cryptography Architecture
Policy Permissions
Default Policy Implementation and Policy File Syntax
New API for Privileged Blocks
X.509 Certificates and Certificate Revocation Lists
Security Managers and the JavaTM 2 SDK
Security API Specification

(javadoc)
java.security Package
java.security.cert Package
java.security.interfaces Package
java.security.spec Package
http://java.sun.com/j2se/1.3/docs/guide/security/index.html[5/21/2009 6:22:45 PM]

Security Tools
Security Tools Summary
keytool (for Solaris) (for Windows)
jarsigner (for Solaris) (for Windows)
policytool (for Solaris) (for Windows)
For More Information

Located on the Java Software web site:
The JavaTM 2 Platform Security trail of the Java Tutorial

The Security Home Page
Copyright © 1995-99 Sun Microsystems, Inc. All Rights Reserved.
Please send comments to: java-security@sun.com. This is not a subscription list.

Java Software
http://java.sun.com/j2se/1.3/docs/guide/security/index.html[5/21/2009 6:22:45 PM]

How to Sign Applets Using RSA Certificates

SDN Home > Products & Technologies > Java Technology > J2SE > Desktop Java > JAI > Reference > FAQs >
Java Plug-in 1.3 Documentation

Since Java Plugin 1.2.2, RSA signed applets have been supported to make deploying signed applets much easier. However, signing applets
through RSA is still difficult for most novice applet developers, and prevents them from fully taking advantage of this feature of Java Plug-in.
This document provides step-by-step instructions for signing applets using RSA certificates, so novice applet developers will be able to sign
their applets in Java Plug-in without fully understanding all the complex security related terminology.
To sign an applet, several things are needed:
1. Signing tools.
2. An RSA keypair and a certificate chain for the public keys.
3. The applet itself and all its class files, bundled as JAR files.
Signing tools
Two types of signing tools are currently supported in Java Plug-in to sign RSA applets:
1. Jarsigner -- a tool that is shipped as part of the Java 2 Software Development Kit.
2. Netscape Signing Tool -- a tool that is provided by Netscape for signing applets in Navigator/Communicator. The latest version of the
signing tool may be download from http://developer.netscape.com/software/signedobj/jarpack.html. Please notice that Netscape no longer
makes older version of the signing tool available for download.
RSA certificates
RSA certificates may be purchased from a Certificate Authority (CA) that supports RSA, such as VeriSign and Thawte. Some CAs (such as
VeriSign) implement different protocols for issuing certificates, depending on the particular signing tool you are using.
Jarsigner
At the time this document was written, we have demonstrated interoperability of Jarsigner with VeriSign and Thawte. To use jarsigner to sign
applets using RSA certificates, obtain the Sun Java Signing certificate from VeriSign, or Java Code Signing certificate from Thawte, or a similar
certificate from other CAs. During the process of certificate enrollment, you will be asked to provide the certificate signing request (CSR). To
generate the CSR, follow these steps:
1. Use keytool to generate an RSA keypair (using the "-genkey -keyalg rsa" options). Make sure your distinguished name contains all the
components mandated by VeriSign/Thawte. e.g.
C:\>C:\jdk1.3\bin\keytool -genkey -keyalg rsa -alias MyCert

Enter keystore password: *********
What is your first and last name?
[Unknown]: XXXXXXX YYY
What is the name of your organizational unit?
[Unknown]: Java Software
What is the name of your organization?
[Unknown]: Sun Microsystems
What is the name of your City or Locality?
[Unknown]: Cupertino
What is the name of your State or Province?
[Unknown]: CA
What is the two-letter country code for this unit?
[Unknown]: US
Is <CN=XXXXXXX YYY, OU=Java Software, O=Sun Microsystems,
http://java.sun.com/products/plugin/1.3/docs/rsa_signing.html[5/21/2009 6:23:00 PM]

L=Cupertino, ST=CA, C=US> correct?

[no]: yes
Enter key password for <MyCert>
(RETURN if same as keystore password): *********
2. Use "keytool -certreq" to generate a certification signing request. Copy the result and paste it into the VeriSign/Thawte webform. For
example,
C:\>C:\jdk1.3\bin\keytool -certreq -alias MyCert

Enter keystore password: *********
-----BEGIN NEW CERTIFICATE REQUEST-----
MIIBtjCCAR8CAQAwdjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwE
AYDVQQHEwlDdXBlcnRpbm8xGTAXBgNVBAoTEFN1biBNaWNyb3N5c3RlbX
MxFjAUBgNVBAsTDUphdmEgU29mdHdhcmUxEzARBgNVBAMTClN0YW5sZXk
gSG8wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALTgU8PovA4y59eb
oPjY65BwCSc/zPqtOZKJlaW4WP+UhmebE+T2Mho7P5zXjGf7elo3tV5uI
3vzgGfnhgpf73EoMow8EJhly4w/YsXKqeJEqqvNogzAD+qUv7Ld6dLOv0
CO5qvpmBAO6mfaI1XAgx/4xU/6009jVQe0TgIoocB5AgMBAAGgADANBgk
qhkiG9w0BAQQFAAOBgQAWmLrkifKiUYtd4ykhBtPWSwW/IKkgyfIuNMML
dF1DH8neSnXf3ZLI32f2yXvs7u3/xn6chnTXh4HYCJoGYOAbB3WNbAoQR
i6u6TLLOvgv9pMNUo6v1qB0xly1faizjimVYBwLhOenkA3Bw7S8UIVfdv
84cO9dFUGcr/Pfrl3GtQ==
-----END NEW CERTIFICATE REQUEST-----
3. The CA (e.g. VeriSign/Thawte) will send you a certificate reply (chain) by email. Copy the chain and store it in a file. Use "keytool -import"
to import the chain into your keystore. e.g.
C:\>C:\jdk1.3\bin\keytool -import -alias MyCert -file

VSSStanleyNew.cer
4. Your RSA certificate and its supporting chain have been validated and imported into your keystore. You are now ready to use the
jarsigner to sign your JAR file.
Note that you must use the same alias name for all the above steps (or no alias name, in which case the alias name defaults to "mykey").
Netscape Signing Tool

At the time this document was written, most CAs (e.g. VeriSign/Thawte) are known to support Netscape Signing Tool. To use the Netscape
Signing Tool to sign applets using RSA certificate, obtain the Netscape Object Signing certificate from Verisign, or Netscape Object Signing
certificate from Thawte, or a similar certificate from other CAs. During the process of enrollment, you will be asked about your
personal/company information because the CA will need to verify your information before the certificate is issued. This process may take from
several hours to several days.
Once the RSA certificate is issued, it usually consists of three files:
cert7.db
key3.db
secmod.db
Depending on the CA, the certificate may be issued and stored in a floppy diskette or be stored directly in the security modules of Netscape
Navigator/Communicator. Once it is done, you are ready to use the Netscape Signing Tool to sign your JAR file.
Java Applets
To sign applets with RSA certificates with Jarsigner, the applets must be bundled as JAR files. Jar tool is provided as part of the Java 2
Software Development Kit. For example,
C:>C:\jdk1.3\bin\jar cvf C:\TestApplet.jar .

added manifest
adding: TestApplet.class (in = 94208) (out= 20103)(deflated 78%)
adding: TestHelper.class (in = 16384) (out= 779)(deflated 95%)
This example creates a JAR file C:\TestApplet.jar, and it contains all the files under the current directory and its sub-directories.
After the JAR file is created, you should verify its content using Jar tool again. e.g.
C:>C:\jdk1.3\bin\jar tvf TestApplet.jar

0 Mon Mar 06 18:02:54 PST 2000 META-INF/
68 Mon Mar 06 18:02:54 PST 2000 META-INF/MANIFEST.MF
94208 Wed Mar 10 11:48:52 PST 2000 TestApplet.class

16384 Wed Mar 10 11:48:52 PST 2000 TestHelper.class
This ensures that the class files are stored with the proper path within the JAR file.
To sign applets with RSA certificates with Netscape Signing Tool, the applets must be placed in a directory, and the Netscape Signing Tool will
bundle it as JAR file after the process of signing.
Signing applets
Once we have the RSA certificates, the signing tool and the applet's JAR files, we are ready to sign the applets.
Signing applets using jarsigner

To sign applets using jarsigner, follow these steps:
1. Use jarsigner to sign the JAR file, using the RSA credentials in your keystore that were generated in the previous steps. Make sure the
same alias name is specified. e.g.
C:\>C:\jdk1.3\bin\jarsigner C:\TestApplet.jar MyCert

Enter Passphrase for keystore: ********
2. Use "jarsigner -verify -verbose -certs" to verify the jar files
C:>C:\jdk1.3\bin\jarsigner -verify -verbose

-certs d:\TestApplet.jar
245 Wed Mar 10 11:48:52 PST 2000 META-INF/manifest.mf

187 Wed Mar 10 11:48:52 PST 2000 META-INF/MYCERT.SF
968 Wed Mar 10 11:48:52 PST 2000 META-INF/MYCERT.RSA
smk 943 Wed Mar 10 11:48:52 PST 2000 TestApplet.class
smk 163 Wed Mar 10 11:48:52 PST 2000 TestHelper.class
X.509, CN=XXXXXXX YYY, OU=Java Software,
O=Sun Microsystems, L=Cupertino,
ST=CA, C=US (mycert)
X.509, CN=Sun Microsystems, OU=Java Plug-in QA,
O=Sun Microsystems, L=Cupertino, ST=CA, C=US
X.509, EmailAddress=server-certs@thawte.com,
CN=Thawte Server CA, OU=Certification
Services Division, O=Thawte Consulting cc,
L=Cape Town, ST=Western Cape, C=ZA
s = signature was verified

m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar verified.
3. Your applet has been signed properly. You are now ready to deploy your RSA signed applet.
Signing applets using Netscape Signing Tool

To sign applets using signtool, follow these steps:
1. Use "signtool -L" to determine the certificate nickname that should be used in signing. e.g.
C:\signtool13WINNT40\signtool -L -d a:\cert
using certificate directory: a:\cert
S Certificates
- ------------
AT&T Certificate Services
Thawte Personal Premium CA
GTE CyberTrust Secure Server CA
Verisign/RSA Commercial CA
AT&T Directory Services
BelSign Secure Server CA
BelSign Class 1 CA
GTIS/PWGSC, Canada Gov. Web CA
Thawte Personal Freemail CA
Thawte Server CA
GTIS/PWGSC, Canada Gov. Secure CA
MCI Mall CA
VeriSign Class 3 Primary CA
KEYWITNESS, Canada CA
BelSign Class 2 CA
BelSign Object Publishing CA

* Sun Microsystems, Inc.

VeriSign Class 3 CA - Commercial Content/Software
Publisher - VeriSign, Inc.
Verisign/RSA Secure Server CA
BBN Certificate Services CA Root 1
Thawte Personal Basic CA
* Sun Microsystems, Inc.'s VeriSign, Inc. ID
CertiSign BR
Canada Post Corporation CA
Integrion CA
IBM World Registry CA
BelSign Class 3 CA
Uptime Group Plc. Class 1 CA
Thawte Premium Server CA
GTE CyberTrust Root CA
- ------------
Certificates that can be used to sign objects
have *'s to their left.
2. Create an empty directory. e.g.
mkdir signdir
3. Put all the applet class files into it.

4. Use "signtool -Z" to sign the applet. e.g.
C:\signtool13>signtool -k"Sun Microsystems, Inc.'s VeriSign, Inc.

ID" -d a:\cert -Z c:\TestApplet.jar c:\signdir
Generating c:\signdir/META-INF/manifest.mf file..
--> TestApplet.class
adding c:\signdir/TestApplet.class to c:\TestApplet.jar...
(deflated 57%)
--> TestHelper.class
adding c:\signdir/TestHelper.class to c:\TestApplet.jar...
(deflated 43%)
Generating zigbert.sf file..
adding c:\signdir/META-INF/manifest.mf to c:\TestApplet.jar...
(deflated 44%)
adding c:\signdir/META-INF/zigbert.sf to c:\TestApplet.jar...
(deflated 46%)
adding c:\signdir/META-INF/zigbert.rsa to c:\TestApplet.jar...
(deflated 40%)
tree "c:\signdir" signed successfully
5. Use "signtool -w" to verify the archive. e.g.
C:\signtool13>signtool -w c:\TestApplet.jar -d a:\cert

Signer information:
nickname: Sun Microsystems, Inc.'s VeriSign, Inc. ID
subject name: C=US, ST=CA, L=Palo Alto, OU=Java Software,
CN=Sun Microsystems, OU=Digital ID Class 3 - Netscape
Object Signing, OU="www.verisign.com/repository/RPA Incorp.
by Ref.,LIAB.LTD(c)99", OU=VeriSign Trust Network,
O="VeriSign, Inc."
issuer name: CN=VeriSign Class 3 CA - Commercial Content/Software
Publisher, OU="www.verisign.com/repository/RPA Incorp.
by Ref.,LIAB.LTD(c)98", OU=VeriSign Trust Network,
O="VeriSign, Inc."
6. Your applet has been signed properly. You are now ready to deploy your RSA signd applet.
Deploying RSA signed applets

To deploy RSA signed applets:
1. Reference the JAR from the HTML page using ARCHIVE=xyz.jar in the EMBED/OBJECT tag.
2. Put the JAR file and the HTML page on the web server.

When users of Java Plug-in encounter an RSA signed applet, the Plug-in will verify that the applet is correctly signed, and that the RSA
certificate chain and the root CA are valid. If these are all valid, the Plug-in will pop up a security dialog that tells the user who signed the
applet and provides four options:
1. Grant always: If selected, the applet will be granted "AllPermission". Any signed applet that is signed using the same certificate will be
trusted automatically in the future, and no security dialog will pop up again when this certificate is encountered again. This decision can
be changed from the Java Plug-in Control Panel.
2. Grant this session: If selected, the applet will be granted "AllPermission". Any signed applet that is signed using the same certificate will
be trusted automatically within the same browser session.
3. Deny: If selected, the applet will be granted the applicable permissions from the security policy of the Java runtime. By default, the
permissions granted would be those for untrusted applets.
4. More Info: If selected, users can examine the attributes of each certificate in the certificate chain in the JAR file.
Once the user selects an option from the security dialog, the applet will be run in the corresponding security context. Please notice that all
these decisions are determined on the fly, and no preconfiguration is required.
Common Problems
If the JAR file is not signed properly, if the RSA certificate has expired, or if the RSA certificate is a self-generated self-signed certificate,
Java Plug-in may fail silently and will not pop up the security dialog. The applet will be treated as unsigned.
The Netscape Signing Tool is very particular about JAR file format. In Netscape Signing Tool, it expects the MANIFEST file to be at the
end of the JAR file, whereas Jarsigner puts it at the beginning. The standard does not mandate where the MANIFEST should be in the
JAR file. Therefore, if you create a JAR file using Jar tool, the Netscape Signing Tool may complain about "Invalid Jar File Format". On the
other hand, Jarsigner is not picky; it can verify JAR files regardless of whether their MANIFEST is at the beginning or at the end. To
workaround this problem when using Netscape Signing Tool, you should generate the JAR file and sign it through the tool itself.
Java Plug-in 1.2.2 supports signed applets signed using Netscape Signing Tool 1.2. However, Java Plug-in 1.2.2 fails to authenticate any
signed JAR files generated by Netscape Signing Tool 1.3, due to changes in the signature block file of those JAR files. Note that
interoperability with Netscape Signing Tool 1.3 has been restored in Java Plug-in 1.3, which also interoperates with Netscape Signing
Tool 1.2.

Employment
under this License.

Java 2 Runtime Environment Notes for Win32

SDN Home > Products & Technologies > Java Technology > J2SE > Core Java > J2SE 1.3.1 > Reference > Documentation >
Documentation
The Java 2 Runtime Environment

on Microsoft Windows Platforms
These notes contain information for developers who are deploying the Java 2 Runtime Environment on Microsoft Windows
platforms. For general platform-independent information about the Java 2 Runtime Environment, see Java 2 Runtime
Environmnet Notes for Developers.
Installation of Application Launchers

The Java 2 Runtime Environmnet for Win32 platforms is bundled with its own installer program. By default, the installer places a
copy of the runtime environment in the C:\Program Files\JavaSoft\JRE\1.3 directory. In addition, the installer puts
copies of the java and javaw application-launcher executables at the following locations:
C:\winnt\system32 on Windows NT and Windows 2000 systems

C:\windows\system on Windows 95 and Windows 98 systems
These directories are on the default system path of the operating systems, so users of your software won't need to modify any
paths in order for the launchers to be available for your application. You need only provide users with a command line of the
form
javaw -classpath <path to classes or jar file> <main class>
or
javaw -jar <jar file>
Registry Settings
The installation program for the Microsoft Windows version of the Java 2 Runtime Environment uses the registry to record path
and version information. The application launchers in the C:\windows\system directory (Windows 95/98) or
C:\winnt\system32 (Windows NT and Windows 2000) use the registry settings to obtain the location of the Java Runtime
Environment they are to use when launching an application.
You can consider using the registry settings in the deployment of your applications in the following ways:
If your application has an installation program, you can have that program check the registry to determine which version, if
any, of the runtime environment already exists on the platform on which your software is being installed. If an appropriate
version of the JRE is not already installed, you can prompt the user to download and install the Java 2 Runtime
Environment, or your installation program can install a copy of the Java 2 Runtime Environment that you redistribute with
your application.
If you choose to use your own custom application launcher rather than the application launchers that come with the Java 2
Runtime Environment, you can nevertheless have your launcher check the runtime environment's registry settings for the
location and version of the runtime environment on the local machine.
When installed, the Java 2 Runtime Environment creates the following registry key:
HKEY_LOCAL_MACHINE\Software\JavaSoft\Java Runtime Environment
http://java.sun.com/j2se/1.3/runtime_win32.html[5/21/2009 6:23:17 PM]

This key contains the following string value which is set to the major.minor version of the installed Java 2 Runtime
Environment:
Name Default Value
CurrentVersion 1.3
In addition, identical registry subkeys are created using the both the major and minor version number of the installed Runtime
Environment. For example, the first release of the 1.3 Runtime Environment creates these two keys:
HKEY_LOCAL_MACHINE\Software\JavaSoft\Java Runtime Environment\1.3

HKEY_LOCAL_MACHINE\Software\JavaSoft\Java Runtime Environment\1.3.1
Each of these keys contain the following string values which contain settings information for use by the runtime environment:
Name Default Value
JavaHome C:\Program Files\JavaSoft\JRE\1.3.1
RuntimeLib C:\Program Files\JavaSoft\JRE\1.3.1\bin\hotspot\jvm.dll
MicroVersion 1
JavaHome is set to the full path name of the directory in which the Java 2 Runtime Environment was installed. RuntimeLib
contains the full path name of the Java runtime DLL to use. MicroVersion identifies the micro-version of the Java 2 Runtime
Environment. For the Java 2 Runtime Environment, v1.3, the value will be 0, for v1.3.1 it would be 1, etc.
In addition, the following key are created for the Java Plug-in product:
HKEY_LOCAL_MACHINE\Software\JavaSoft\Java Plugin\1.3.1
This key contains the value

JavaHome="C:\Program Files\JavaSoft\JRE\1.3.1"
Native Language Support

If native code support is required on Win32 platforms, the native library must be located in the executable search PATH.
Icons for Jar-Packaged Applications

You can give your application's Jar file a customized icon. The easiest way to do so is to create a Windows shortcut for your
application and set its icon to be your custom icon. This can be done by your application's installer program. You can create a
custom icon using any icon editor. An icon editor is contained in many commercial development environment such as Visual
C++.

Employment
under this License.


Download Free Java Software - Sun Microsystems
Java
Java in Action Downloads Help Center
Search
Free Java Download

Download Java for your desktop computer now!
Version 6 Update 13
Free Java Download
What is Java? | Do I have Java? | Need Help?
Why download Java?

Java technology allows you to work and play in a secure computing environment.
Java allows you to play online games, chat with people around the world, calculate your mortgage interest,
and view images in 3D, just to name a few.
After you've downloaded Java, visit java.com to check out Java in Action in your daily life.
Java software for your computer, or the Java Runtime Environment, is also referred to as the Java Runtime,
Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, or Java
download.
Attention PC OEMs
Include Java software with your PCs! Find out how to distribute Java on your Windows PCs.
All Java Downloads
If you want to download Java for another computer or Operating System, click the link below.
All Java Downloads
Select Language | Java Wear | Newsletter | About Java | Partner with Us | Developers | java.com
Changes
Privacy | Terms of Use | Trademarks | License | Disclaimer | Support
Sun Microsystems
http://java.sun.com/getjava/index.jsp[5/21/2009 6:23:22 PM]

Java 2 Platform, Standard Edition 1.3

SDN Home > Products & Technologies > Java Technology > Java Platform, Standard Edition (Java SE) > Core Java >
Core Java
J2SE 1.3.1
Related Links
Downloads
On Windows, Linux, Solaris 9, and Solaris 10 J2SE 1.3.1
Popular Downloads
has completed the Sun End of Life (EOL) process. The
- J2SE 1.4.2
EOL transition period was from Oct 25, 2004 until the General
- Java Web Services
Reference Availability (GA) of Java SE 6 on December 11th, 2006. With this
Developer Pack 1.3
- API Specifications notice, customers are strongly encouraged to migrate to the current
- Documentation release, Java SE 6. » Read More. A paid Java Vintage Support
Products &
- Technical Articles & Tips Offering is available for those customers who are interested in
Technologies
- Compatibility continuing to obtain support for the release. Please contact your Sun
- J2SE 5.0
sales representative for details.
Sun Resources
Community On Solaris 8 - J2SE 1.3.1 is continuing in the Sun End of
- Professional Training
- Bug Database Life (EOL) process. The EOL transition period began Oct 25,
- Professional Certification
- Forums 2004 and will continue until the the end of the Solaris 8 five year
- JavaOne Online
Vintage Support Period. During this EOL transition period, the
- Developer Technical
products will continue to be supported on Solaris 8 per existing
Support
customer support agreements.
Learning - Downloads for Application
- Tutorials & Code Camps Development
For developer needs, all products that have completed the EOL
- Online Sessions & Courses transition period will be moved to the Archive area.
- Instructor-Led Courses
J2SE 1.3 Updates
You can download J2SE 1.3.x, review the release notes, and see a
summary of features and changes in this earlier release.
Regional Sites
Community
-
Subscribe to Newsletters.
Looking for an Older Release?
Sun provides some older product and technology releases as a courtesy
to developers for problem resolution. These releases and products have
completed the Sun "end-of-life" (EOL) process and are no longer
supported under standard support contracts. However, you can access
them via our archives.

Employment
http://java.sun.com/j2se/1.3.1/index.jsp[5/21/2009 6:23:37 PM]

Java 2 Platform, Standard Edition 1.3

under this License.
http://java.sun.com/j2se/1.3.1/index.jsp[5/21/2009 6:23:37 PM]

Glossary
Quick Start Guide
What is Business Contact Glossary

Manager for Outlook?
Install
Account
Troubleshoot Installation
A business or organization with whom you do
How Accounts, Business business. If a service is being provided, such as
Contacts, Opportunities, and
History Items are Related dental or medical services, then an account can also
Using Business Contact Manager
be a customer.
for Outlook
Account record
How to:
Where information about the account is stored,
Create an Account
including information that is entered on the Account
Create a Business Contact
form, linked records, and history items.
Create an Opportunity
Link History Items to a Administrator
Record The person in charge of managing a Windows
Add Product and Service
Items to an Opportunity computer. The administrator is responsible for
Auto-link E-mail Messages installing software, assigning passwords, and
Generate Reports managing files.
Adding Business Data
Business Contact
How to:
The person with whom you do business at a
Import Business Data from
Another Program company or organization.
Import a Product and Service
Items List Business Contact Manager toolbar
Sharing Business Data The toolbar at the top of an item where you can
Accessing Financial Data view existing links or create new links to Account,
How to: Business Contact, or Opportunity records.
Connect to Accounting
System Business Contact record
Add Data from Accounting Where information about the business contact is
System
Add Data to Accounting
stored, including information that is entered on the
System Business Contact form, linked records, and history
Link Accounts to Customers items.
View Financial Information
Create Quotes, Sales Orders, Business History folder
and Invoices A folder that contains all history items and the
Create a Time Entry records they are linked to.
Synchronize Business Contacts
with a Mobile Device Business Tools menu
Glossary The menu on the Outlook menu bar that provides
access to Business Contact Manager for Outlook.
Menu items include Account records, Reports, and
Product and Service Items List.
Comma separated values file

A text file that contains data that is separated by
commas (also known as a comma-delimited file). You
can create and save a .csv file in programs such as
Notepad or Excel.
Database owner
The person who created the database, and has full
control, including granting access permissions or
deleting records. When a database has been
restored, then the person who restored it becomes
the owner.
E-mail Linking
file:///C:/...Files/Microsoft%20Small%20Business/Business%20Contact%20Manager/help/QuickStartGuide/QSG_glossary.html[5/21/2009 6:53:08 PM]

Glossary
A means of tracking e-mail message from possible

business contacts. For each received e-mail message,
you can create a link that creates business contact
records for the e-mail address(es) in the message,
and also links the actual message to the business
contact records. You can also set up an automatic
link to business contact records of messages from
selected addresses.
Form
A way to collect and distribute information for items
in Business Contact Manager for Outlook.
Group
A set of items with one common attribute; for
example, priority or status. Also, to group is to
combine items with a common attribute under a
shared heading in a table or on a time line.
History item
An item such as an e-mail message or appointment
that is linked to an Account, Business Contact, or
Opportunity.
History log
A table in an Account, Business Contact, or
Opportunity record that contains all items (such as
phone logs, business notes, and e-mail messages)
that are linked to the record.
Product and Service Items

An item is a product or service that your company
buys or sells.
Navigation Pane
The column on the left side of the Outlook window
that includes panes such as Shortcuts or Mail and
the shortcuts or folders within each pane. Click a
folder to show the items in the folder.
Opportunity
A potential buyer for your products or services.
Create an Opportunity record, and then link it to a
Business Contact or an Account record to track
all your sales information in one place.
Opportunity record
Where information about the opportunity is stored,
including information that is entered on the
Opportunity form, linked records, and history
items.
Product and service items

Goods and services that you purchase or sell, or offer
for purchase or sale.
Record
A completed Account, Business Contact, or
Opportunity form. The record contains Account,
Business Contact, or Opportunity information,
plus the other records and history items that are
linked to it.
Reports toolbar
The toolbar at the top of the Reports section, used
to create and edit reports.

Glossary
Microsoft Office Small Business Accounting

2006
An accounting system that you can use with your
Business Contact Manager for Outlook data. Small
Business Accounting helps you make and receive
payments, manage your employees and meet
reporting requirements. To work with Small Business
Accounting, you must set up a connection to
accounting on the Business Tools menu.
©2005 Microsoft Corporation. All rights reserved.

Problems With Java - Plug-In

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Problems With Java - Plug-In

Încărcat de

Drepturi de autor:

Formate disponibile

I'm having problems with the Java<sup>®</sup> plug-in. What advice can you give?

Problem Result Solution

Further trouble-shooting with the Java plug-in

http://www.ordnancesurvey.co.uk/oswebsite/products/osmastermap/faqs/service012.html[5/21/2009 6:18:32 PM]

main OS MasterMap map page.

1. Open a web browser.

Solution to problem 2: Repair installation of Internet Explorer 6 on Windows 2000

1. Go to the Windows Control Panel.

1. Open Internet Explorer.

http://www.ordnancesurvey.co.uk/oswebsite/products/osmastermap/faqs/service012.html[5/21/2009 6:18:32 PM]

7. To clear the Java cache, go to 'Start', 'Settings', 'Control panel'.

1. Go to the Windows Control Panel.

Solution to problem 4: Install the latest Java plug-in version

1. Install the latest Java plug-in version available from

(Solution 1 details download procedure)

2. Log into the OS MasterMap website.

Solution to problem 5: Install the latest Java plug-in version

(Solution 1 details download procedure)

http://www.ordnancesurvey.co.uk/oswebsite/products/osmastermap/faqs/service012.html[5/21/2009 6:18:32 PM]

6. Double-click on the icon and a console window will appear:

http://www.ordnancesurvey.co.uk/oswebsite/products/osmastermap/faqs/service012.html[5/21/2009 6:18:32 PM]

8. To view the plug-ins installed on your machine go to 'Start->Settings->Control Panel.

http://www.ordnancesurvey.co.uk/oswebsite/products/osmastermap/faqs/service012.html[5/21/2009 6:18:32 PM]

http://www.ordnancesurvey.co.uk/oswebsite/products/osmastermap/faqs/service012.html[5/21/2009 6:18:32 PM]

Can I continue to use OBJECT tags to call my applets?

Are there compatibility issues with using the Java 2 Platform?

http://java.sun.com/products/plugin/1.3.1_01a/faq.html[5/21/2009 6:22:05 PM]

What security model does Java Plug-in use?

You may want to start from here:

What registry keys are created by Java Plug-in on Microsoft Windows?

Will Java Plug-in overwrite my installed Microsoft VM?

You may want to download the binary manually from http://java.sun.com/j2se/1.3.1/jre/.

http://java.sun.com/products/plugin/1.3.1_01a/faq.html[5/21/2009 6:22:05 PM]

Sun Java Solaris Communities My SDN Account Join SDN

» search tips Search

Java 2 Platform v1.3

In general, the policy is that:

http://java.sun.com/j2se/1.3/compatibility.html[5/21/2009 6:22:20 PM]

In general, the policy is that:

Incompatibilities in the Java 2 Platform, Standard Edition, v1.3

and refers to javax.swing.Timer by its unqualified name, as in, for example

"That is, the hashcode is the value of the expression:

where v is defined by:

The method's implementation in the SDK has been changed to return

(int)(bits ^ (bits >>> 32))

(int)(bits ^ (bits >> 32))

http://java.sun.com/j2se/1.3/compatibility.html[5/21/2009 6:22:20 PM]

http://java.sun.com/j2se/1.3/compatibility.html[5/21/2009 6:22:20 PM]

URL url = new URL("http://www.xxx.yyy");

In previous releases, this code would produce the following output.

Inherited Members of an Enclosing Class are Now Accessible

Hiding of Local Variables and Parameters

Name Conflicts Between Types and Subpackages

http://java.sun.com/j2se/1.3/compatibility.html[5/21/2009 6:22:20 PM]

Qualified Names in Constant Expressions

Member Classes of Interfaces are Now Inherited by Implementing Classes

A Sun Developer Network

http://java.sun.com/j2se/1.3/compatibility.html[5/21/2009 6:22:20 PM]

herein (including articles,

Sun Developer RSS Feeds

http://java.sun.com/j2se/1.3/compatibility.html[5/21/2009 6:22:20 PM]

Sun Java Solaris Communities My SDN Account Join SDN