Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-20204

Latest release of Java 7 blocks the connection to slaves due to no permissions attribute in the JAR file

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • core
    • All platforms where you can use at least Java web start to get a slave node connected, and Java 7 update 45 installed.

      Since I have installed Java 7 update 45 on our test slaves I get the following security warning:

      Running applications by UNKNOWN publishers will be blocked in a future release because it is potentially unsafe and a security risk.

      This application will be blocked in a future Java security update because the JAR file manifest does not contain the Permissions attribute. Please contact the Publisher for more information.

      It looks like that the .jar file(s) do not contain a permissions attribute, which would let slaves connect to the master in the future. In our case we connect slaves via Java web start.

      As of now it is not a hard-blocker and you can click through and accept. But I think that this should be fixed soon.

          [JENKINS-20204] Latest release of Java 7 blocks the connection to slaves due to no permissions attribute in the JAR file

          Henrik Skupin created issue -

          Derek Brown added a comment - - edited

          This problem manifests on Java 7 update 40 also. The application we are testing requires Java 7 update 40 or above. So we can't run our application and Jenkins on the same server. We are currently running Jenkins 1.509.1.

          Derek Brown added a comment - - edited This problem manifests on Java 7 update 40 also. The application we are testing requires Java 7 update 40 or above. So we can't run our application and Jenkins on the same server. We are currently running Jenkins 1.509.1.

          Eric Huang added a comment -

          Can we work around this problem somehow? Tried disabling verification for mixed code security as well as turning down the security level to medium but this issue still happens.

          We have a lot of machines so it would be quite annoying if we have to log on the machines to allow the app to run whenever we reboot the machines.

          Eric Huang added a comment - Can we work around this problem somehow? Tried disabling verification for mixed code security as well as turning down the security level to medium but this issue still happens. We have a lot of machines so it would be quite annoying if we have to log on the machines to allow the app to run whenever we reboot the machines.

          Theresa N added a comment -

          We have the same problem when starting the slave via java web start on Windows 7 with Java 7 Update 45, Jenkins 1.539.
          According to https://groups.google.com/d/msg/jenkinsci-users/dLr_1LRucGA/7W-nAnfenNAJ this can only be fixed by the one providing the jar and jnlp files.

          Theresa N added a comment - We have the same problem when starting the slave via java web start on Windows 7 with Java 7 Update 45, Jenkins 1.539. According to https://groups.google.com/d/msg/jenkinsci-users/dLr_1LRucGA/7W-nAnfenNAJ this can only be fixed by the one providing the jar and jnlp files.

          Before today's installation of Java RE 7 Update 51 we just clicked through and accepted, as well.
          But now you don't come this far anymore.
          Instead a message pops up saying (freely translated from German):
          "Name: hudson.remoting.Launcher
          Your security settings blocked the execution of a self-signed application"

          It is possible to add the jenkins host to a sitelist that will display the above security warning,
          but I think it's time to resolve this issue ASAP.

          Kerstin Thaler added a comment - Before today's installation of Java RE 7 Update 51 we just clicked through and accepted, as well. But now you don't come this far anymore. Instead a message pops up saying (freely translated from German): "Name: hudson.remoting.Launcher Your security settings blocked the execution of a self-signed application" It is possible to add the jenkins host to a sitelist that will display the above security warning, but I think it's time to resolve this issue ASAP.

          illenseer added a comment -

          I think it's time to resolve this issue ASAP

          Me too. - This will/is cause/-ing serous trouble in automated environment.

          illenseer added a comment - I think it's time to resolve this issue ASAP Me too. - This will/is cause/-ing serous trouble in automated environment.
          illenseer made changes -
          Priority Original: Major [ 3 ] New: Blocker [ 1 ]
          Henrik Skupin made changes -
          Summary Original: Future releases of Java 7 will block connecting slaves due to no permissions attribute in the JAR file New: Latest release of Java 7 blocks the connection to slaves due to no permissions attribute in the JAR file

          Young Lucky added a comment -

          This is really a blocking issue to our automation system. Please fix it ASAP. Thanks!

          Young Lucky added a comment - This is really a blocking issue to our automation system. Please fix it ASAP. Thanks!

            kohsuke Kohsuke Kawaguchi
            whimboo Henrik Skupin
            Votes:
            19 Vote for this issue
            Watchers:
            34 Start watching this issue

              Created:
              Updated:
              Resolved: