On Sat, 21 Jun 2003, Jason Clinton wrote: > L. Adrian Griffis wrote: > Yes, more acuratley, though, the JRE promted about the certificate -- > not the browser. It was a metal Java window that popped up asking me to > approve a certificate from VeriSign. Okay. That suggests that it's not rejecting the first cert that it finds. Also, I've been digging into the ClassLoader methods a bit, and it looks like they are careful to differentiate different situations, so I am guessing the wording of the message was NOT misleading. It probably is complaining about a mismatch of certs. > >In any caes, I think this is not a simple matter of the security > >manager not being configured to permit the same operations by an > >applet. This has something to do with a check for signatures so > >that the applet could potentially be granted additional privileges. > >The exception is originating in this check of signatures. > > > So, can I disable that checking via the aforementioned java.secuirty > preferences file? It looks like the call to "checkCerts" is being made within "java.lang.ClassLoader". I don't see anything in the API for ClassLoader that suggests you can turn off cert checking. I'm guessing "checkCerts" is a private method, and that this is why I can't find API documentation for it. The next two classes that are involved are "ProtectionDomain" and "CodeSource". The API docs for these two classes do not seem to suggest any hooks through which we might configure their behavior. The only thing at all interesting I found was in the description of "defineClass" in "ClassLoader". Looks like it will skip the cert checking if you don't pass a name, I don't think we can configure the calling classes not to pass a name. It would be interesting to grab the ".jar" file that contains the package in question, and see if it really contains problems that would explain this exception, but I am not familiar with the process of building a ".jar" file with all the right certs, so I wouldn't know how to check it. I'm stumped, for the moment, at least. Adrian