We've been using the Webstart Maven Plugin to build/package our webstart application and up until recently it's been working well.
Recently however, we ran into a problem where webstart failed when downloading with a SHA1 digest error. I can reproduce the issue if I unpack the application's packed jar files and run jarsigner -verify on them. The verify fails with the same SHA1 digest error. I think the problem is related to this java bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5078608 According to the bug report, the problem can be worked around by i) pack200 --repack b.jar a.jar ii) sign b.jar iii) pack200 --repack c.jar b.jar iv) sign c.jar v) pack200 out.jar.pack.gz c.jar Now: out.jar.pack.gz can be deployed Looking at the code for the webstart plugin it looks like it is packing/unpacking the jar, signing it, and then running pack200 on it so it would make sense that this could be the same problem. Anyway, has anyone else noticed any problems? On our systems, I tweaked the plugin to run the same steps detailed in the bug report and it seems to have fixed the problem. Unless there's a better work around, I'll be glad to clean up my changes and submit them. The down side is that the jars are repacked and signed twice which slows down the build. Eric --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email
