[jira] Updated: (MASSEMBLY-64) jar-with-dependencies has a last-one-copies-wins policy which can fail signed jars

Sun, 19 Mar 2006 18:42:33 -0800 

     [ http://jira.codehaus.org/browse/MASSEMBLY-64?page=all ]

Allan Ramirez updated MASSEMBLY-64:
-----------------------------------

    Remaining Estimate: 5 hours
     Original Estimate: 5 hours

> jar-with-dependencies has a last-one-copies-wins policy which can fail signed 
> jars
> ----------------------------------------------------------------------------------
>
>          Key: MASSEMBLY-64
>          URL: http://jira.codehaus.org/browse/MASSEMBLY-64
>      Project: Maven 2.x Assembly Plugin
>         Type: Bug

>     Versions: 2.0.1
>     Reporter: Geoffrey De Smet
>     Assignee: Allan Ramirez
>      Fix For: 2.1

>
> Original Estimate: 5 hours
>         Remaining: 5 hours
>
> I've configured the plugins like this:
>             <plugin>
>                 <groupId>org.apache.maven.plugins</groupId>
>                 <artifactId>maven-jar-plugin</artifactId>
>                 <configuration>
>                     <archive>
>                         <manifest>
>                             <mainClass>ggg.GGGStandaloneApp</mainClass>
>                             <addClasspath>true</addClasspath>
>                         </manifest>
>                     </archive>
>                 </configuration>
>             </plugin>
>             <plugin>
>                 <artifactId>maven-assembly-plugin</artifactId>
>                 <configuration>
>                     <descriptorId>jar-with-dependencies</descriptorId>
>                     <archive> <!-- Please document this -->
>                         <manifest>
>                             <mainClass>ggg.GGGStandaloneApp</mainClass>
>                         </manifest>
>                     </archive>
>                 </configuration>
>             </plugin>
> BTW: Please document the archive option in the assembly plugin on the 
> assembly site, it took me a while of trial and error to find it.
> However the application doesn't work yet, because:
> Exception in thread "main" java.lang.SecurityException: no manifiest section 
> for signature file entry javax/activation/D
> ataContentHandlerFactory.class
>         at sun.security.util.SignatureFileVerifier.verifySection(Unknown 
> Source)
>         at sun.security.util.SignatureFileVerifier.processImpl(Unknown Source)
>         at sun.security.util.SignatureFileVerifier.process(Unknown Source)
>         at java.util.jar.JarVerifier.processEntry(Unknown Source)
> ...
> It looks like it's because the everything in the META-INF directory have a 
> last-one-copied-wins policy.
> Jar-jar would also solve this of course.
> PS: I am also using acegisecurity, so I belive you can replicate this issue 
> by making an assembly of a HelloWorld dependend on acegi & activation.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

Reply via email to