PQ76313: Accessing application gets java.lang errors. pq54572 resolved this for 4.0.x. Problem deploying signed jar

 Fixes are available

PQ76313, 5.0-5.0.2.2: Signed JARs Signed With Netscape Signing Tool 1.2
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for AIX
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for HP-UX
5.1.1.19: WebSphere Application Server V5.1.1 Cumulative Fix 19 for Linux
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for AIX
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for AIX
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for HP-UX
PQ76313: Application installation changes the case of the manifest of nested jar
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for Solaris
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for Windows
5.1.1.18: WebSphere Application Server V5.1.1 Cumulative Fix 18 for Linux
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for Linux
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for Solaris
5.1.1.17: WebSphere Application Server V5.1.1 Cumulative Fix 17 for Windows
5.0.2.7: WebSphere Application Server Express 5.0.2 Cumulative Fix 7
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Solaris
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Windows
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Solaris
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Windows
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for AIX
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Linux
5.1.1.19: WebSphere Application Server V5.1.1 Cumulative Fix 19 for AIX
5.1.1.19: WebSphere Application Server V5.1.1 Cumulative Fix 19 for Windows
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Solaris
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Windows
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Solaris
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for AIX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for AIX
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Linux
5.0.2.12: WebSphere Application Server 5.0.2 Cumulative Fix 12
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for HP-UX
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for AIX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Windows
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for HP-UX
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for AIX
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for AIX
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Linux
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for HP-UX
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Linux
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for HP-UX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Linux
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for HP-UX
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for Windows
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Solaris
5.0.2.8: WebSphere Application Server V5.0.2 Cumulative Fix 8
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Windows
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for AIX
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for Windows
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for Solaris
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for Solaris
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for Linux
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for Windows
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for HP-UX
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for AIX
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for Windows
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for Solaris
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Windows
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for AIX
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for Linux
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for HP-UX
5.1.1.12: WebSphere Application Server V5.1.1 Cumulative Fix 12 for Solaris
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for Solaris
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for AIX
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for Windows
5.0.2.13: WebSphere Application Server 5.0.2 Cumulative Fix 13
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for HP-UX
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for Solaris
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for Solaris
5.1.1.13: WebSphere Application Server V5.1.1 Cumulative Fix 13 for Linux
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for AIX
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for Linux
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for Windows
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for Windows
5.0.2.5: WebSphere Application Server 5.0.2 Cumulative Fix 5
5.0.2.18: WebSphere Application Server 5.0.2 Cumulative Fix 18 for Linux
5.1.1.11: WebSphere Application Server V5.1.1 Cumulative Fix 11 for HP-UX
5.1.1.14: WebSphere Application Server V5.1.1 Cumulative Fix 14 for HP-UX
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for HP-UX
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Linux
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Solaris
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for AIX
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for HP-UX
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for HP-UX
5.1.1.16: WebSphere Application Server V5.1.1 Cumulative Fix 16 for Linux
5.1.1.15: WebSphere Application Server V5.1.1 Cumulative Fix 15 for Linux
5.1.1.19: WebSphere Application Server V5.1.1 Cumulative Fix 19 for HP-UX



APAR status
Closed as program error.

Error description
A customer is experiencing a problem deploying signed jar
files, and
has an ear file that contains some third party helper classes
in a  signed jar file (log.jar). This jar file was signed using
Netscape's "signtool" and it creates a META-INF/manifest.mf
entry. When deploying this ear using the "Install Enterprise
Application wizard of
the WebSphere Application Server Advanced Edition(AE) 5.0.0
Admin Console, it will
create a second entry named META-INF/MANIFEST.MF in the jar
file.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server 5.0 users with  *
*                 signed application jar files, in particular  *
*                 those users who use the Netscape signing     *
*                 tool.                                        *
****************************************************************
* PROBLEM DESCRIPTION: Duplicate manifest file created for     *
*                      signed application jar files.           *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
If signed jar files have been signed with the Netscape signing
tool 1.3, it creates a META-INF/manifest.mf entry, these files
are being modified during the deployment of the application via
the WebSphere Admin Console. A second entry named
META-INF/MANIFEST.MF is also being created in the jar file. But
according to the JDK 1.2 documentation it should recognize (and
use) the existing manifest file. This jar is used as part of an
applet and is downloaded to the client, but a security exception
is thrown due to the fact that WebSphere is corrupting the jar
files.

The symptom of is this problem is a runtime exception, for
example:

java.lang.SecurityException: invalid SHA1 signature file
    digest for com/in/widgets/q.class
at sun.security.util.SignatureFileVerifier.verifySection
    (SignatureFileVerifier.java:321)
at sun.security.util.SignatureFileVerifier.process
    (SignatureFileVerifier.java:172)
at java.util.jar.JarVerifier.processEntry
    (JarVerifier.java:239)
at java.util.jar.JarVerifier.update
    (JarVerifier.java:194)
at java.util.jar.JarFile.initializeVerifier
    (JarFile.java:251)
at java.util.jar.JarFile.getInputStream
    (JarFile.java:313)
at sun.plugin.cache.CachedJarLoader.authenticate
    (CachedJarLoader.java:504)
at sun.plugin.cache.CachedJarLoader.access$600
    (CachedJarLoader.java:53)
at sun.plugin.cache.CachedJarLoader$5.run
    (CachedJarLoader.java:338)
at java.security.AccessController.doPrivileged
    (Native Method)
at sun.plugin.cache.Cache.privileged
    (Cache.java:219)
at sun.plugin.cache.CachedJarLoader.download
    (CachedJarLoader.java:320)
at sun.plugin.cache.CachedJarLoader.load
    (CachedJarLoader.java:128)
at sun.plugin.cache.JarCache.get
    (JarCache.java:172)
at sun.plugin.net.protocol.jar.
    CachedJarURLConnection.connect
    (CachedJarURLConnection.java:93)
at sun.plugin.net.protocol.jar.
    CachedJarURLConnection.getJarFile
    (CachedJarURLConnection.java:78)
at sun.misc.
    URLClassPath$JarLoader.getJarFile
    (URLClassPath.java:580)
at sun.misc.URLClassPath$JarLoader.<init>
    (URLClassPath.java:541)
at sun.misc.URLClassPath$3.run(URLClassPath.java:319)
at java.security.AccessController.doPrivileged(Native Method)
at sun.misc.URLClassPath.getLoader(URLClassPath.java:308)
at sun.misc.URLClassPath.getLoader(URLClassPath.java:285)
at sun.misc.URLClassPath.getResource(URLClassPath.java:155)
at java.net.URLClassLoader$1.run(URLClassLoader.java:190)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:186)
at sun.applet.
    AppletClassLoader.findClass
    (AppletClassLoader.java:134)
at sun.plugin.security.
    PluginClassLoader.findClass
    (PluginClassLoader.java:168)
at java.lang.ClassLoader.loadClass
    (ClassLoader.java:299)
at sun.applet.AppletClassLoader.loadClass
    (AppletClassLoader.java:114)
at java.lang.ClassLoader.loadClass
    (ClassLoader.java:255)
at sun.applet.AppletClassLoader.loadCode
    (AppletClassLoader.java:501)
at sun.applet.AppletPanel.createApplet
    (AppletPanel.java:567)
at sun.plugin.AppletViewer.createApplet
    (AppletViewer.java:1778)
at sun.applet.AppletPanel.runLoader
    (AppletPanel.java:496)
at sun.applet.AppletPanel.run(AppletPanel.java:293)
at java.lang.Thread.run(Thread.java:536)
Problem conclusion
The common-archive code was modified and packaged through
prereq-wccm.
Temporary fix
Fixes are available on 
PQ99999
Comments
APAR information
APAR number PQ76313
Reported component name WAS BASE 5.0
Reported component ID 5630A3600
Reported release 00W
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-07-14
Closed date 2003-08-26
Last modified date 2003-08-26

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
WCCM          

Publications Referenced

Fix information

Applicable component levels
R003 PSY    UP
R00A PSY    UP
R00H PSY    UP
R00I PSY    UP
R00P PSY    UP
R00S PSY    UP
R00W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 00W
Software edition:
Reference #: PQ76313
IBM Group: Software Group
Modified date: Aug 26, 2003