Changeset 429 for trunk/icedtea-web/netx/net

trunk/icedtea-web/netx/net/sourceforge/jnlp/AbstractLaunchHandler.java

-              r418
+              r429
 package net.sourceforge.jnlp;
-import java.io.PrintStream;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 public abstract class AbstractLaunchHandler implements LaunchHandler {
     protected final PrintStream outputStream;
+    protected final OutputController logger;
     public AbstractLaunchHandler(PrintStream outputStream) {
         this.outputStream = outputStream;
+    public AbstractLaunchHandler(OutputController logger) {
+        this.logger = logger;
+    }
 …
             result.append(recursiveDescription(ex.getCause()));
+        }
         outputStream.println(result);
+        logger.log(OutputController.Level.MESSAGE_ALL, result.toString());
+        if (JNLPRuntime.isDebug()) {
+            ex.printStackTrace(outputStream);
+        }
+        logger.log(ex);
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/DefaultLaunchHandler.java

-              r418
+              r429
 package net.sourceforge.jnlp;
-import java.io.PrintStream;
 import net.sourceforge.jnlp.runtime.*;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
 public class DefaultLaunchHandler extends AbstractLaunchHandler {
     public DefaultLaunchHandler(PrintStream out) {
+    public DefaultLaunchHandler(OutputController out) {
         super(out);
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/ExtensionDesc.java

-              r348
+              r429
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
             file = new JNLPFile(location);
+            if (JNLPRuntime.isDebug())
+                System.out.println("Resolve: " + file.getInformation().getTitle());
+            OutputController.getLogger().log("Resolve: " + file.getInformation().getTitle());
             // check for it being an extension descriptor

trunk/icedtea-web/netx/net/sourceforge/jnlp/GuiLaunchHandler.java

-              r418
+              r429
 /* GuiLaunchHandler.java
    Copyright (C) 2011 Red Hat, Inc.
+   Copyright (C) 2012 Red Hat, Inc.
 This file is part of IcedTea.
 …
 package net.sourceforge.jnlp;
-import java.io.PrintStream;
 import java.lang.reflect.InvocationTargetException;
 import java.net.URL;
 …
 import net.sourceforge.jnlp.runtime.ApplicationInstance;
 import net.sourceforge.jnlp.util.BasicExceptionDialog;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
 public class GuiLaunchHandler extends AbstractLaunchHandler {
     private JNLPSplashScreen splashScreen = null;
+    private volatile JNLPSplashScreen splashScreen = null;
     private final Object mutex = new Object();
     private UpdatePolicy policy = UpdatePolicy.ALWAYS;
     public GuiLaunchHandler(PrintStream outputStream) {
+    public GuiLaunchHandler(OutputController outputStream) {
         super(outputStream);
+    }
 …
     private void closeSplashScreen() {
         synchronized(mutex) {
+        synchronized (mutex) {
             if (splashScreen != null) {
                 if (splashScreen.isSplashScreenValid()) {
                     splashScreen.setVisible(false);
+                    splashScreen.stopAnimation();
+                }
                 splashScreen.dispose();
 …
     @Override
     public void launchInitialized(final JNLPFile file) {
         int preferredWidth = 500;
         int preferredHeight = 400;
 …
                 IconDesc.SPLASH, preferredWidth, preferredHeight);
+        final ResourceTracker resourceTracker = new ResourceTracker(true);
         if (splashImageURL != null) {
-            final ResourceTracker resourceTracker = new ResourceTracker(true);
             resourceTracker.addResource(splashImageURL, file.getFileVersion(), null, policy);
+            synchronized(mutex) {
+                try {
+                    SwingUtilities.invokeAndWait(new Runnable() {
+                        @Override
+                        public void run() {
+                            splashScreen = new JNLPSplashScreen(resourceTracker, null, null);
+                        }
+                    });
+                } catch (InterruptedException ie) {
+                    // Wait till splash screen is created
+                    while (splashScreen == null);
+                } catch (InvocationTargetException ite) {
+                    ite.printStackTrace();
+                }
+        }
+        synchronized (mutex) {
+            try {
+                SwingUtilities.invokeAndWait(new Runnable() {
+                splashScreen.setSplashImageURL(splashImageURL);
+                    @Override
+                    public void run() {
+                        splashScreen = new JNLPSplashScreen(resourceTracker, file);
+                    }
+                });
+            } catch (InterruptedException ie) {
+                // Wait till splash screen is created
+                while (splashScreen == null);
+            } catch (InvocationTargetException ite) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ite);
+            }
+            try {
+                SwingUtilities.invokeAndWait(new Runnable() {
+                    @Override
+                    public void run() {
+                        splashScreen.setSplashImageURL(splashImageURL);
+                    }
+                });
+            } catch (InterruptedException ie) {
+                // Wait till splash screen is created
+                while (!splashScreen.isSplashImageLoaded());
+            } catch (InvocationTargetException ite) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ite);
+            }
+        }
         SwingUtilities.invokeLater(new Runnable() {
             @Override
             public void run() {
                 if (splashImageURL != null) {
                     synchronized(mutex) {
+                if (splashScreen != null) {
+                    synchronized (mutex) {
                         if (splashScreen.isSplashScreenValid()) {
                             splashScreen.setVisible(true);

trunk/icedtea-web/netx/net/sourceforge/jnlp/InformationDesc.java

-              r348
+              r429
 /**
  * The information element.<p>
+ * The information element.
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
     /** one-line description */
+    public static final Object ONE_LINE = "oneline";
+    /**http://docs.oracle.com/javase/6/docs/technotes/guides/javaws/developersguide/syntax.html**/
+    public static final Object ONE_LINE = "one-line";
     /** short description */
 …
     private List<Object> info;
-    /** the JNLPFile this information is for */
-    private JNLPFile jnlpFile;
     /**
      * Create an information element object.
+     *
-     * @param jnlpFile file that the information is for
      * @param locales the locales the information is for
      */
+    public InformationDesc(JNLPFile jnlpFile, Locale locales[]) {
+        this.jnlpFile = jnlpFile;
+    public InformationDesc(Locale locales[]) {
         this.locales = locales;
+    }
 …
      */
     public String getDescription(Object kind) {
         String result = (String) getItem("description-" + kind);
+        String result = getDescriptionStrict(kind);
         if (result == null)
             return (String) getItem("description-" + DEFAULT);
         else
             return result;
+    }
+      /**
+     * Returns the application's description of the specified type.
+     *
+     * @param kind one of Information.SHORT, Information.ONE_LINE,
+     * Information.TOOLTIP, Information.DEFAULT
+     */
+    public String getDescriptionStrict(Object kind) {
+        return (String) getItem("description-" + kind);
+    }
 …
+        }
+        // FIXME if there's no larger icon, choose the closest smaller icon
+        // instead of the first
         if (best == null)
             best = icons[0];
 …
     public Locale[] getLocales() {
         return locales;
+    }
-    /**
-     * Returns the JNLPFile the information is for.
-     */
-    public JNLPFile getJNLPFile() {
-        return jnlpFile;
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/JARDesc.java

-              r348
+              r429
  * The JAR element.
+ *
+ * This class is immutable and thread safe
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
  * @version $Revision: 1.6 $
 …
     /** the location of the JAR file */
     private URL location;
+    private final URL location;
     /** the required JAR versions, or null */
     private Version version;
+    private final Version version;
     /** the part name */
     private String part;
+    private final String part;
     /** whether to load the JAR on demand */
     private boolean lazy;
+    private final boolean lazy;
     /** whether the JAR contains the main class */
     private boolean main;
+    private final boolean main;
     /** whether the JAR contains native libraries */
     private boolean nativeJar;
+    private final boolean nativeJar;
     /** whether the JAR can be cached */
     private boolean cacheable;
+    private final boolean cacheable;
     /**

trunk/icedtea-web/netx/net/sourceforge/jnlp/JNLPCreator.java

r418	r429
29	29
30	30	public class JNLPCreator {
31		public JNLPFile create(URL location, Version version, ~~boolean strict~~,
	31	public JNLPFile create(URL location, Version version, ParserSettings settings,
32	32	UpdatePolicy policy, URL forceCodebase) throws IOException, ParseException {
33		return new JNLPFile(location, version, s~~trict~~, policy, forceCodebase);
	33	return new JNLPFile(location, version, settings, policy, forceCodebase);
34	34	}
35	35	}

trunk/icedtea-web/netx/net/sourceforge/jnlp/JNLPFile.java

-              r418
+              r429
 package net.sourceforge.jnlp;
+import java.io.File;
+import java.io.FileInputStream;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 import java.io.IOException;
 import java.io.InputStream;
-import java.io.Reader;
 import java.net.URL;
 import java.util.ArrayList;
 …
 import java.util.List;
 import java.util.Locale;
+import java.util.jar.Attributes;
+import net.sourceforge.jnlp.SecurityDesc.RequestedPermissionLevel;
 import net.sourceforge.jnlp.cache.ResourceTracker;
 import net.sourceforge.jnlp.cache.UpdatePolicy;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.ClasspathMatcher;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
+ * <p>
  * Provides methods to access the information in a Java Network
  * Launching Protocol (JNLP) file.  The Java Network Launching
  * Protocol specifies in an XML file the information needed to
  * load, cache, and run Java code over the network and in a secure
+ * environment.<p>
+ *
+ * environment.
+ * </p>
+ * <p>
  * This class represents the overall information about a JNLP file
  * from the jnlp element.  Other information is accessed through
 …
  * (information, resources, application-desc, etc).  References to
  * these objects are obtained by calling the getInformation,
+ * getResources, getSecurity, etc methods.<p>
+ * getResources, getSecurity, etc methods.
+ * </p>
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
  */
 public class JNLPFile {
+    public static enum ManifestBoolean {
+        TRUE, FALSE, UNDEFINED;
+    }
     // todo: save the update policy, then if file was not updated
 …
     protected URL fileLocation;
+    /** the ParserSettings which were used to parse this file */
+    protected ParserSettings parserSettings = null;
     /** A key that uniquely identifies connected instances (main jnlp+ext) */
     protected String uniqueKey = null;
 …
      */
     private String[] generalProperties = SecurityDesc.getJnlpRIAPermissions();
+    /** important manifests' attributes */
+    private final ManifestsAttributes manifestsAttributes = new ManifestsAttributes();
+    public static final String TITLE_NOT_FOUND = "Application title was not found in manifest. Check with application vendor";
     { // initialize defaults if security allows
 …
      */
     public JNLPFile(URL location) throws IOException, ParseException {
         this(location, false); // not strict
+        this(location, new ParserSettings());
+    }
 …
+     *
      * @param location the location of the JNLP file
      * @param strict whether to enforce the spec when
+     * @param settings the parser settings to use while parsing the file
      * @throws IOException if an IO exception occurred
      * @throws ParseException if the JNLP file was invalid
      */
     public JNLPFile(URL location, boolean strict) throws IOException, ParseException {
         this(location, (Version) null, strict);
+    public JNLPFile(URL location, ParserSettings settings) throws IOException, ParseException {
+        this(location, (Version) null, settings);
+    }
 …
      * @param location the location of the JNLP file
      * @param version the version of the JNLP file
      * @param strict whether to enforce the spec when
+     * @param settings the parser settings to use while parsing the file
      * @throws IOException if an IO exception occurred
      * @throws ParseException if the JNLP file was invalid
      */
     public JNLPFile(URL location, Version version, boolean strict) throws IOException, ParseException {
         this(location, version, strict, JNLPRuntime.getDefaultUpdatePolicy());
+    public JNLPFile(URL location, Version version, ParserSettings settings) throws IOException, ParseException {
+        this(location, version, settings, JNLPRuntime.getDefaultUpdatePolicy());
+    }
 …
      * @param location the location of the JNLP file
      * @param version the version of the JNLP file
      * @param strict whether to enforce the spec when
+     * @param settings the {@link ParserSettings} to use when parsing the {@code location}
      * @param policy the update policy
      * @throws IOException if an IO exception occurred
      * @throws ParseException if the JNLP file was invalid
      */
     public JNLPFile(URL location, Version version, boolean strict, UpdatePolicy policy) throws IOException, ParseException {
         this(location, version, strict, policy, null);
+    public JNLPFile(URL location, Version version, ParserSettings settings, UpdatePolicy policy) throws IOException, ParseException {
+            this(location, version, settings, policy, null);
+    }
 …
      * @param location the location of the JNLP file
      * @param version the version of the JNLP file
      * @param strict whether to enforce the spec when
+     * @param settings the parser settings to use while parsing the file
      * @param policy the update policy
      * @param forceCodebase codebase to use if not specified in JNLP file.
 …
      * @throws ParseException if the JNLP file was invalid
      */
+    protected JNLPFile(URL location, Version version, boolean strict, UpdatePolicy policy, URL forceCodebase) throws IOException, ParseException {
+        Node root = Parser.getRootNode(openURL(location, version, policy));
+        parse(root, strict, location, forceCodebase);
+    protected JNLPFile(URL location, Version version, ParserSettings settings, UpdatePolicy policy, URL forceCodebase) throws IOException, ParseException {
+        InputStream input = openURL(location, version, policy);
+        this.parserSettings = settings;
+        parse(input, location, forceCodebase);
         //Downloads the original jnlp file into the cache if possible
 …
                          location;
+        if (JNLPRuntime.isDebug())
+            System.err.println("UNIQUEKEY=" + this.uniqueKey);
+        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "UNIQUEKEY=" + this.uniqueKey);
+    }
 …
      * @param uniqueKey A string that uniquely identifies connected instances
      * @param version the version of the JNLP file
      * @param strict whether to enforce the spec when
+     * @param settings the parser settings to use while parsing the file
      * @param policy the update policy
      * @throws IOException if an IO exception occurred
      * @throws ParseException if the JNLP file was invalid
      */
     public JNLPFile(URL location, String uniqueKey, Version version, boolean strict, UpdatePolicy policy) throws IOException, ParseException {
         this(location, version, strict, policy);
+    public JNLPFile(URL location, String uniqueKey, Version version, ParserSettings settings, UpdatePolicy policy) throws IOException, ParseException {
+        this(location, version, settings, policy);
         this.uniqueKey = uniqueKey;
+        if (JNLPRuntime.isDebug())
+            System.err.println("UNIQUEKEY (override) =" + this.uniqueKey);
+        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "UNIQUEKEY (override) =" + this.uniqueKey);
+    }
 …
      * @throws ParseException if the JNLP file was invalid
      */
+    public JNLPFile(InputStream input, boolean strict) throws ParseException {
+        parse(Parser.getRootNode(input), strict, null, null);
+    }
+    /**
+     * Create a JNLPFile from a character stream.
+     *
+     * @param input the stream
+     * @param strict whether to enforce the spec when
+    public JNLPFile(InputStream input, ParserSettings settings) throws ParseException {
+        this.parserSettings = settings;
+        parse(input, null, null);
+    }
+    /**
+     * Create a JNLPFile from an input stream.
+     *
+     * @param input input stream of JNLP file.
+     * @param codebase codebase to use if not specified in JNLP file..
+     * @param settings the {@link ParserSettings} to use when parsing
      * @throws IOException if an IO exception occurred
      * @throws ParseException if the JNLP file was invalid
      */
+    private JNLPFile(Reader input, boolean strict) throws ParseException {
+        // todo: now that we are using NanoXML we can use a Reader
+        //parse(Parser.getRootNode(input), strict, null);
+    }
+    public JNLPFile(InputStream input, URL codebase, ParserSettings settings) throws ParseException {
+        this.parserSettings = settings;
+        parse(input, null, codebase);
+    }
     /**
 …
             ResourceTracker tracker = new ResourceTracker(false); // no prefetch
             tracker.addResource(location, version, null, policy);
             return tracker.getInputStream(location);
+            File f = tracker.getCacheFile(location);
+            return new FileInputStream(f);
         } catch (Exception ex) {
             throw new IOException(ex.getMessage());
 …
      * Returns the JNLP file's best localized title. This method returns the same
      * value as InformationDesc.getTitle().
+     *
+     * Since jdk7 u45, also manifest title, and mainclass are taken to consideration;
+     * See PluginBridge
      */
     public String getTitle() {
+        String jnlpTitle = getTitleFromJnlp();
+        String manifestTitle = getTitleFromManifest();
+        if (jnlpTitle != null && manifestTitle != null) {
+            if (jnlpTitle.equals(manifestTitle)) {
+                return jnlpTitle;
+            }
+            return jnlpTitle+" ("+manifestTitle+")";
+        }
+        if (jnlpTitle != null && manifestTitle == null) {
+            return jnlpTitle;
+        }
+        if (jnlpTitle == null && manifestTitle != null) {
+            return manifestTitle;
+        }
+        String mainClass = getManifestsAttributes().getMainClass();
+        return mainClass;
+    }
+    /**
+     * Returns the JNLP file's best localized title. This method returns the same
+     * value as InformationDesc.getTitle().
+     */
+    public String getTitleFromJnlp() {
         return getInformation().getTitle();
+    }
+    public String getTitleFromManifest() {
+        String inManifestTitle = getManifestsAttributes().getApplicationName();
+        if (inManifestTitle == null && getManifestsAttributes().isLoader()){
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, TITLE_NOT_FOUND);
+        }
+        return inManifestTitle;
+    }
     /**
 …
     /**
+     * Returns the ParserSettings that was used to parse this file
+     */
+    public ParserSettings getParserSettings() {
+        return parserSettings;
+    }
+    /**
      * Returns the JNLP file's version.
      */
 …
      */
     public InformationDesc getInformation(final Locale locale) {
         return new InformationDesc(this, new Locale[] { locale }) {
+        return new InformationDesc(new Locale[] { locale }) {
             @Override
             protected List<Object> getItems(Object key) {
 …
+    }
+    public RequestedPermissionLevel getRequestedPermissionLevel() {
+        return this.security.getRequestedPermissionLevel();
+    }
     /**
      * Returns the resources section of the JNLP file as viewed
 …
     /**
      * Returns whether a locale is matched by one of more other
      * locales.  Only the non-empty language, country, and variant
+     * locales. Only the non-empty language, country, and variant
      * codes are compared; for example, a requested locale of
      * Locale("","","") would always return true.
+     *
      * @param requested the local
+     * @param requested the requested locale
      * @param available the available locales
      * @param precision the depth with which to match locales. 1 checks only
      * language, 2 checks language and country, 3 checks language, country and
      * variant for matches. Passing 0 will always return true.
      * @return true if requested matches any of available, or if
      * available is empty or null.
      */
     public boolean localeMatches(Locale requested, Locale available[], Match matchLevel) {
+     * @param matchLevel the depth with which to match locales.
+     * @return {@code true} if {@code requested} matches any of {@code available}, or if
+     * {@code available} is empty or {@code null}.
+     * @see Locale
+     * @see Match
+     */
+    public boolean localeMatches(Locale requested, Locale[] available, Match matchLevel) {
         if (matchLevel == Match.GENERALIZED)
 …
      * from the constructor.
+     *
+     * @param root the root node
+     * @param strict whether to enforce the spec when
+     * @param location the file location or null
+     */
+    private void parse(Node root, boolean strict, URL location, URL forceCodebase) throws ParseException {
+     * @param location the file location or {@code null}
+     */
+    private void parse(InputStream input, URL location, URL forceCodebase) throws ParseException {
         try {
             //if (location != null)
             //  location = new URL(location, "."); // remove filename
+            Parser parser = new Parser(this, location, root, strict, true, forceCodebase); // true == allow extensions
+            Node root = Parser.getRootNode(input, parserSettings);
+            Parser parser = new Parser(this, location, root, parserSettings, forceCodebase); // true == allow extensions
             // JNLP tag information
 …
             throw ex;
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
             throw new RuntimeException(ex.toString());
+        }
 …
     /**
+     * XXX: this method does a "==" comparison between the input JARDesc and
+     * jars it finds through getResourcesDescs(). If ever the implementation
+     * of that function should change to return copies of JARDescs objects,
+     * then the "jar == aJar" comparison below should change accordingly.
+     * @param jar: the jar whose download options to get.
+     * @return the download options.
+     */
+    public DownloadOptions getDownloadOptionsForJar(JARDesc jar) {
+     * @return the download options to use for downloading jars listed in this jnlp file.
+     */
+    public DownloadOptions getDownloadOptions() {
         boolean usePack = false;
         boolean useVersion = false;
+        ResourcesDesc[] descs = getResourcesDescs();
+        for (ResourcesDesc desc: descs) {
+            JARDesc[] jars = desc.getJARs();
+            for (JARDesc aJar: jars) {
+                if (jar == aJar) {
+                    if (Boolean.valueOf(desc.getPropertiesMap().get("jnlp.packEnabled"))) {
+                        usePack = true;
+                    }
+                    if (Boolean.valueOf(desc.getPropertiesMap().get("jnlp.versionEnabled"))) {
+                        useVersion = true;
+                    }
+                }
+            }
+        ResourcesDesc desc = getResources();
+        if (Boolean.valueOf(desc.getPropertiesMap().get("jnlp.packEnabled"))) {
+            usePack = true;
+        }
+        if (Boolean.valueOf(desc.getPropertiesMap().get("jnlp.versionEnabled"))) {
+            useVersion = true;
+        }
         return new DownloadOptions(usePack, useVersion);
 …
         missingSignedJNLP = true;
+    }
+    public ManifestsAttributes getManifestsAttributes() {
+        return manifestsAttributes;
+    }
+    public class ManifestsAttributes {
+        public static final String APP_NAME = "Application-Name";
+        public static final String CALLER_ALLOWABLE = "Caller-Allowable-Codebase";
+        public static final String APP_LIBRARY_ALLOWABLE = "Application-Library-Allowable-Codebase";
+        public static final String PERMISSIONS = "Permissions";
+        public static final String CODEBASE = "Codebase";
+        public static final String TRUSTED_ONLY = "Trusted-Only";
+        public static final String TRUSTED_LIBRARY = "Trusted-Library";
+        private JNLPClassLoader loader;
+        public void setLoader(JNLPClassLoader loader) {
+            this.loader = loader;
+        }
+        public boolean isLoader() {
+            return loader != null;
+        }
+        /**
+         * main class can be defined outside of manifest.
+         * This method is mostly for completeness
+         */
+        public String getMainClass(){
+            if (loader == null) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Jars not ready to provide main class");
+                return null;
+            }
+            return loader.getMainClass();
+        }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#app_name
+         */
+        public String getApplicationName(){
+            return getAttribute(APP_NAME);
+        }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#caller_allowable
+         */
+        public ClasspathMatcher.ClasspathMatchers getCallerAllowableCodebase() {
+            return getCodeBaseMatchersAttribute(CALLER_ALLOWABLE, false);
+        }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#app_library
+         */
+        public ClasspathMatcher.ClasspathMatchers getApplicationLibraryAllowableCodebase() {
+            return getCodeBaseMatchersAttribute(APP_LIBRARY_ALLOWABLE, true);
+        }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#codebase
+         */
+        public ClasspathMatcher.ClasspathMatchers getCodebase() {
+            return getCodeBaseMatchersAttribute(CODEBASE, false);
+        }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_only
+         */
+        public ManifestBoolean isTrustedOnly() {
+            return processBooleanAttribute(TRUSTED_ONLY);
+        }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_library
+         */
+        public ManifestBoolean isTrustedLibrary() {
+            return processBooleanAttribute(TRUSTED_LIBRARY);
+        }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions
+         */
+        public ManifestBoolean isSandboxForced() {
+            String s = getAttribute(PERMISSIONS);
+            if (s == null) {
+                return ManifestBoolean.UNDEFINED;
+            } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
+                return ManifestBoolean.TRUE;
+            } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
+                return ManifestBoolean.FALSE;
+            } else {
+                throw new IllegalArgumentException("Unknown value of " + PERMISSIONS + " attribute " + s + ". Expected "+SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString()+" or "+SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString());
+            }
+        }
+        /**
+         * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions
+         */
+        public String permissionsToString() {
+            String s = getAttribute(PERMISSIONS);
+            if (s == null) {
+                return "Not defined";
+            } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
+                return s.trim();
+            } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
+                return s.trim();
+            } else {
+                return "illegal";
+            }
+        }
+        /**
+         * get custom attribute.
+         */
+        public String getAttribute(String name) {
+            return getAttribute(new Attributes.Name(name));
+        }
+        /**
+         * get standard attribute
+         */
+        public String getAttribute(Attributes.Name name) {
+            if (loader == null) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Jars not ready to provide attribute " + name);
+                return null;
+            }
+            return loader.checkForAttributeInJars(Arrays.asList(getResources().getJARs()), name);
+        }
+        public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(String s, boolean includePath) {
+            return getCodeBaseMatchersAttribute(new Attributes.Name(s), includePath);
+        }
+        public ClasspathMatcher.ClasspathMatchers getCodeBaseMatchersAttribute(Attributes.Name name, boolean includePath) {
+            String s = getAttribute(name);
+            if (s == null) {
+                return null;
+            }
+            return ClasspathMatcher.ClasspathMatchers.compile(s, includePath);
+        }
+        private ManifestBoolean processBooleanAttribute(String id) throws IllegalArgumentException {
+            String s = getAttribute(id);
+            if (s == null) {
+                return ManifestBoolean.UNDEFINED;
+            } else {
+                s = s.toLowerCase().trim();
+                if (s.equals("true")) {
+                    return  ManifestBoolean.TRUE;
+                } else if (s.equals("false")) {
+                    return ManifestBoolean.FALSE;
+                } else {
+                    throw new IllegalArgumentException("Unknown value of " + id + " attribute " + s + ". Expected true or false");
+                }
+            }
+        }
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/JNLPMatcher.java

-              r418
+              r429
 import java.util.Collections;
 import java.util.LinkedList;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import net.sourceforge.nanoxml.XMLElement;
 …
     /**
+     * Compares attributes of two Nodes regardless of order
+     *
+     * @param appTemplateNode
+     *            signed application or template's Node with attributes
+     * @param launchJNLPNode
+     *            launching JNLP file's Node with attributes
+     *
+     * @return true if both Nodes have 'matched' attributes, otherwise false
+     * Compares attributes of two {@link Node Nodes} regardless of order
+     *
+     * @param templateNode signed application or template's {@link Node} with attributes
+     * @param launchNode launching JNLP file's {@link Node} with attributes
+     *
+     * @return {@code true} if both {@link Node Nodes} have 'matched' attributes, otherwise {@code false}
      */
     private boolean matchAttributes(Node templateNode, Node launchNode) {
 …
                 stream.close();
             } catch (Exception e) {
                 e.printStackTrace(System.err);
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
+    }
 …
                 stream.close();
             } catch (Exception e) {
                 e.printStackTrace(System.err);
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/JNLPMatcherException.java

-              r418
+              r429
+/* JNLPMatcherException.java
+   Copyright (C) 2011 Red Hat, Inc.
+This file is part of IcedTea.
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+-1301 USA.
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
 package net.sourceforge.jnlp;

trunk/icedtea-web/netx/net/sourceforge/jnlp/JNLPSplashScreen.java

-              r418
+              r429
+/* JNLPSplashScreen.java
+   Copyright (C) 2012 Red Hat, Inc.
+This file is part of IcedTea.
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+-1301 USA.
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
 package net.sourceforge.jnlp;
+import java.awt.BorderLayout;
 import java.awt.Dimension;
 import java.awt.Graphics;
 …
 import java.awt.Image;
 import java.awt.Insets;
 import java.awt.Toolkit;
+import java.awt.Rectangle;
 import java.io.IOException;
 import java.net.URL;
 import javax.imageio.ImageIO;
 import javax.swing.JDialog;
 import net.sourceforge.jnlp.cache.ResourceTracker;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.splashscreen.SplashPanel;
+import net.sourceforge.jnlp.splashscreen.SplashUtils;
+import net.sourceforge.jnlp.splashscreen.parts.InformationElement;
 import net.sourceforge.jnlp.util.ImageResources;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import net.sourceforge.jnlp.util.ScreenFinder;
 public class JNLPSplashScreen extends JDialog {
-    String applicationTitle;
-    String applicationVendor;
     ResourceTracker resourceTracker;
 …
     URL splashImageUrl;
     Image splashImage;
+    private final JNLPFile file;
+    public static final  int DEF_WIDTH=635;
+    public static final  int DEF_HEIGHT=480;
+    private SplashPanel componetSplash;
+    private boolean splashImageLoaded=false;
+    public JNLPSplashScreen(ResourceTracker resourceTracker,
+            String applicationTitle, String applicationVendor) {
+    public JNLPSplashScreen(ResourceTracker resourceTracker, final JNLPFile file) {
         setIconImages(ImageResources.INSTANCE.getApplicationImages());
 …
         this.resourceTracker = resourceTracker;
+        this.applicationTitle = applicationTitle;
+        this.applicationVendor = applicationVendor;
+        this.file=file;
+    }
     public void setSplashImageURL(URL url) {
+        splashImageUrl = url;
+        splashImage = null;
+        splashImageLoaded = false;
         try {
+            splashImage = ImageIO.read(resourceTracker
+                    .getCacheFile(splashImageUrl));
+            if (url != null) {
+                splashImageUrl = url;
+                splashImage = null;
+                try {
+                    splashImage = ImageIO.read(resourceTracker.getCacheFile(splashImageUrl));
+                    if (splashImage == null) {
+                        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Error loading splash image: " + url);
+                    }
+                } catch (IOException e) {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Error loading splash image: " + url);
+                    splashImage = null;
+                } catch (IllegalArgumentException argumentException) {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Error loading splash image: " + url);
+                    splashImage = null;
+                }
+            }
             if (splashImage == null) {
+                if (JNLPRuntime.isDebug()) {
+                    System.err.println("Error loading splash image: " + url);
+                this.setLayout(new BorderLayout());
+                SplashPanel splash = SplashUtils.getSplashScreen(DEF_WIDTH, DEF_HEIGHT);
+                if (splash != null) {
+                    splash.startAnimation();
+                    splash.setInformationElement(InformationElement.createFromJNLP(file));
+                    this.add(splash.getSplashComponent());
+                    this.componetSplash = splash;
+                }
-                return;
+            }
+        } catch (IOException e) {
+            if (JNLPRuntime.isDebug()) {
+                System.err.println("Error loading splash image: " + url);
+            }
+            splashImage = null;
+            return;
+        } catch (IllegalArgumentException argumentException) {
+            if (JNLPRuntime.isDebug()) {
+                System.err.println("Error loading splash image: " + url);
+            }
+            splashImage = null;
+            return;
+            correctSize();
+        } finally {
+            splashImageLoaded = true;
+        }
-        correctSize();
+    }
+    public boolean isSplashImageLoaded() {
+        return splashImageLoaded;
+    }
     public boolean isSplashScreenValid() {
         return (splashImage != null);
+        return (splashImage != null) || (componetSplash != null);
+    }
     private void correctSize() {
+        Insets insets = getInsets();
+        int minimumWidth = splashImage.getWidth(null) + insets.left
+                + insets.right;
+        int minimumHeight = splashImage.getHeight(null) + insets.top
+                + insets.bottom;
+        setMinimumSize(new Dimension(minimumWidth, minimumHeight));
+        Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize();
+        setLocation((screenSize.width - minimumWidth) / 2,
+                (screenSize.height - minimumHeight) / 2);
+        int minimumWidth = DEF_WIDTH;
+        int minimumHeight = DEF_HEIGHT;
+        if (splashImage != null) {
+            Insets insets = getInsets();
+            minimumWidth = splashImage.getWidth(null) + insets.left
+                    + insets.right;
+            minimumHeight = splashImage.getHeight(null) + insets.top
+                    + insets.bottom;
+        }
+        setMinimumSize(new Dimension(0, 0));
+        setMaximumSize(new Dimension(Integer.MAX_VALUE, Integer.MAX_VALUE));
+        setSize(new Dimension(minimumWidth, minimumHeight));
+        setPreferredSize(new Dimension(minimumWidth, minimumHeight));
+        ScreenFinder.centerWindowsToCurrentScreen(this);
+    }
 …
     public void paint(Graphics g) {
         if (splashImage == null) {
+            super.paint(g);
             return;
+        }
 …
+    }
+    public boolean isCustomSplashscreen() {
+       return (componetSplash!=null);
+    }
+    public void stopAnimation() {
+        if (isCustomSplashscreen()) componetSplash.stopAnimation();
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/JREDesc.java

-              r348
+              r429
 import java.net.*;
 import java.util.*;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 /**
 …
  */
 public class JREDesc {
+    private static final Pattern heapPattern= Pattern.compile("\\d+[kmg]?");
     /** the platform version or the product version if location is not null */
     private Version version;
+    final private Version version;
     /** the location of a JRE product or null */
     private URL location;
+    final private URL location;
     /** inital heap size */
     private String initialHeapSize;
+    final private String initialHeapSize;
     /** maximum head size */
     private String maximumHeapSize;
+    final private String maximumHeapSize;
     /** args to pass to the vm */
     private String vmArgs;
+    final private String vmArgs;
     /** list of ResourceDesc objects */
     private List resources;
+    final private List<ResourcesDesc> resources;
     /**
 …
     public JREDesc(Version version, URL location,
             String vmArgs, String initialHeapSize,
             String maximumHeapSize, List resources) throws ParseException {
+            String maximumHeapSize, List<ResourcesDesc> resources) throws ParseException {
         this.version = version;
         this.location = location;
         this.vmArgs = vmArgs;
+        checkHeapSize(initialHeapSize);
+        this.initialHeapSize = initialHeapSize;
+        checkHeapSize(maximumHeapSize);
+        this.maximumHeapSize = maximumHeapSize;
+        this.initialHeapSize = checkHeapSize(initialHeapSize);
+        this.maximumHeapSize = checkHeapSize(maximumHeapSize);
         this.resources = resources;
+    }
 …
      * Returns the resources defined for this JRE.
      */
     public List getResourcesDesc() {
+    public List<ResourcesDesc> getResourcesDesc() {
         return resources;
+    }
 …
     /**
      * Check for valid heap size string
+     * @return trimed heapSize if correct
      * @throws ParseException if heapSize is invalid
      */
     static private void checkHeapSize(String heapSize) throws ParseException {
+    static String checkHeapSize(String heapSize) throws ParseException {
         // need to implement for completeness even though not used in netx
         if (heapSize == null) {
             return;
+            return null;
+        }
+        boolean lastCharacterIsDigit = true;
+        // the last character must be 0-9 or k/K/m/M
+        char lastChar = Character.toLowerCase(heapSize.charAt(heapSize.length() - 1));
+        if ((lastChar < '0' || lastChar > '9')) {
+            lastCharacterIsDigit = false;
+            if (lastChar != 'k' && lastChar != 'm') {
+                throw new ParseException(R("PBadHeapSize", heapSize));
+            }
+        heapSize = heapSize.trim();
+        // the last character must be 0-9 or k/K/m/M/g/G
+        //0 or 0k/m/g is also accepted value
+        String heapSizeLower = heapSize.toLowerCase();
+        Matcher heapMatcher = heapPattern.matcher(heapSizeLower);
+        if (!heapMatcher.matches()) {
+            throw new ParseException(R("PBadHeapSize", heapSize));
+        }
+        int indexOfLastDigit = heapSize.length() - 1;
+        if (!lastCharacterIsDigit) {
+            indexOfLastDigit = indexOfLastDigit - 1;
+        }
+        String size = heapSize.substring(0, indexOfLastDigit);
+        try {
+            // check that the number is a number!
+            Integer.valueOf(size);
+        } catch (NumberFormatException numberFormat) {
+            throw new ParseException(R("PBadHeapSize", heapSize), numberFormat);
+        }
+        return heapSize;
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/LaunchException.java

-              r418
+              r429
 package net.sourceforge.jnlp;
+import java.util.Collections;
+import java.util.Date;
+import java.util.LinkedList;
+import java.util.List;
 /**
  * Thrown when a JNLP application, applet, or installer could not
 …
  */
 public class LaunchException extends Exception {
+    public static class LaunchExceptionWithStamp{
+        private final LaunchException ex;
+        private final Date stamp;
+        private LaunchExceptionWithStamp(LaunchException ex) {
+            this.ex=ex;
+            this.stamp=new Date();
+        }
+        public LaunchException getEx() {
+            return ex;
+        }
+        public Date getStamp() {
+            return stamp;
+        }
+    }
+    private static final List<LaunchExceptionWithStamp> launchExceptionChain = Collections.synchronizedList(new LinkedList<LaunchExceptionWithStamp>());
     private static final long serialVersionUID = 7283827853612357423L;
 …
         this.description = description;
         this.severity = severity;
+        saveLaunchException(this);
+    }
 …
     public LaunchException(Throwable cause) {
         super(cause);
+        saveLaunchException(this);
+    }
 …
     public LaunchException(String message, Throwable cause) {
         super(message, cause);
+        saveLaunchException(this);
+    }
 …
     public LaunchException(String message) {
         super(message);
+        saveLaunchException(this);
+    }
 …
+    }
+    private synchronized void saveLaunchException(LaunchException ex) {
+        launchExceptionChain.add(new LaunchExceptionWithStamp(ex));
+    }
+    public synchronized static List<LaunchExceptionWithStamp> getLaunchExceptionChain() {
+        return launchExceptionChain;
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/LaunchHandler.java

r418	r429
62	62	* splash screen.
63	63	*
64		* @param ~~application the application~~ instance that is starting
	64	* @param file the JNLP file of the instance that is starting
65	65	*/
66	66	public void launchInitialized(JNLPFile file);

trunk/icedtea-web/netx/net/sourceforge/jnlp/Launcher.java

-              r418
+              r429
 import java.applet.Applet;
+import java.applet.AppletStub;
 import java.awt.Container;
+import java.awt.SplashScreen;
 import java.io.File;
 import java.lang.reflect.Method;
 …
 import java.util.List;
 import java.util.Map;
 import java.util.jar.JarFile;
+import net.sourceforge.jnlp.util.JarFile;
 import net.sourceforge.jnlp.cache.CacheUtil;
 …
 import javax.swing.SwingUtilities;
 import javax.swing.text.html.parser.ParserDelegator;
+import net.sourceforge.jnlp.splashscreen.SplashUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import sun.awt.SunToolkit;
 /**
  * Launches JNLPFiles either in the foreground or background.<p>
+ *
+ * Launches JNLPFiles either in the foreground or background.
+ * <p>
  * An optional LaunchHandler can be specified that is notified of
  * warning and error condition while launching and that indicates
  * whether a launch may proceed after a warning has occurred.  If
  * specified, the LaunchHandler is notified regardless of whether
+ * the file is launched in the foreground or background.<p>
+ * the file is launched in the foreground or background.
+ * </p>
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
     private boolean context = true;
     /** If the application should call System.exit on fatal errors */
+    /** If the application should call JNLPRuntime.exit on fatal errors */
     private boolean exitOnFailure = true;
 …
         this(null, null);
         if (handler == null)
+        if (handler == null) {
             handler = JNLPRuntime.getDefaultLaunchHandler();
+        }
+    }
 …
         this(null, null);
         if (handler == null)
+        if (handler == null) {
             handler = JNLPRuntime.getDefaultLaunchHandler();
+        }
         this.exitOnFailure = exitOnFailure;
 …
      */
     public void setUpdatePolicy(UpdatePolicy policy) {
         if (policy == null)
+        if (policy == null) {
             throw new IllegalArgumentException(R("LNullUpdatePolicy"));
+        }
         this.updatePolicy = policy;
 …
         //file.
         if (!file.getInformation().isOfflineAllowed()) {
+            try {
+                //Checks the offline/online status of the system.
+                //If system is offline do not launch.
+                InetAddress.getByName(file.getSourceLocation().getHost());
+            } catch (UnknownHostException ue) {
+                System.err.println("File cannot be launched because offline-allowed tag not specified and system currently offline.");
+            //offline status should be already known from jnlp downloading
+            if (!JNLPRuntime.isOnlineDetected()) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "File cannot be launched because offline-allowed tag not specified and system currently offline.");
                 return null;
+            } catch (Exception e) {
+                System.err.println(e);
+            }
+        }
+        if (file instanceof PluginBridge && cont != null)
+            }
+        }
+        if (file instanceof PluginBridge && cont != null) {
             tg = new TgThread(file, cont, true);
+        else if (cont == null)
+        }
+        else if (cont == null) {
             tg = new TgThread(file);
+        else
+        }
+        else {
             tg = new TgThread(file, cont);
+        }
         tg.start();
 …
+        }
+        if (tg.getException() != null)
+            throw tg.getException(); // passed to handler when first created
+        if (handler != null)
+        if (tg.getException() != null) {
+            throw tg.getException();
+        } // passed to handler when first created
+        if (handler != null) {
             handler.launchCompleted(tg.getApplication());
+        }
         return tg.getApplication();
+    }
     /**
 …
+     *
      * @param location the URL of the JNLP file to launch
-     * @throws LaunchException if there was an exception
-     * @return the application instance
-     */
-    public ApplicationInstance launch(URL location) throws LaunchException {
-        return launch(toFile(location));
+    }
-    /**
-     * Launches a JNLP file by calling the launch method for the
-     * appropriate file type.
+     *
-     * @param location the URL of the JNLP file to launch
-     * @param fromSource if true, the JNLP file will be re-read from the source
      * location to get the pristine version
      * @throws LaunchException if there was an exception
      * @return the application instance
      */
+    public ApplicationInstance launch(URL location, boolean fromSource) throws LaunchException {
+        return launch(fromUrl(location, fromSource));
+    public ApplicationInstance launch(URL location) throws LaunchException {
+        JNLPRuntime.saveHistory(location.toExternalForm());
+        return launch(fromUrl(location));
+    }
 …
+    }
+    /**
+     * Launches a JNLP file by calling the launch method for the
+     * appropriate file type in a different thread.
+     *
+     * @param file the JNLP file to launch
+     */
+    public void launchBackground(JNLPFile file) {
+        BgRunner runner = new BgRunner(file, null);
+        new Thread(runner).start();
+    }
+    /**
+     * Launches the JNLP file at the specified location in the
+     * background by calling the launch method for its file type.
+     *
+     * @param location the location of the JNLP file
+     */
+    public void launchBackground(URL location) {
+        BgRunner runner = new BgRunner(null, location);
+        new Thread(runner).start();
+    }
     /**
      * Launches the JNLP file in a new JVM instance.  The launched
 …
         List<String> updatedArgs = new LinkedList<String>(javawsArgs);
         if (file.getFileLocation() != null)
+        if (file.getFileLocation() != null) {
             updatedArgs.add(file.getFileLocation().toString());
+        else if (file.getSourceLocation() != null)
+        }
+        else if (file.getSourceLocation() != null) {
             updatedArgs.add(file.getFileLocation().toString());
+        else
+        }
+        else {
             launchError(new LaunchException(file, null, R("LSFatal"), R("LCExternalLaunch"), R("LNullLocation"), R("LNullLocationInfo")));
+        }
         launchExternal(vmArgs, updatedArgs);
 …
      * Returns the JNLPFile for the URL, with error handling.
      */
     private JNLPFile fromUrl(URL location, boolean fromSource) throws LaunchException {
+    private JNLPFile fromUrl(URL location) throws LaunchException {
         try {
+            JNLPFile file = null;
+            file = new JNLPFile(location, parserSettings.isStrict());
+            if (fromSource) {
+                // Launches the jnlp file where this file originated.
+                if (file.getSourceLocation() != null) {
+                    file = new JNLPFile(file.getSourceLocation(), parserSettings.isStrict());
+            JNLPFile file = new JNLPFile(location, parserSettings);
+            boolean isLocal = false;
+            boolean haveHref = false;
+            if ("file".equalsIgnoreCase(location.getProtocol()) && new File(location.getFile()).exists()) {
+                isLocal = true;
+            }
+            if (file.getSourceLocation() != null) {
+                haveHref = true;
+            }
+            if (!isLocal && haveHref){
+                //this is case when remote file have href to different file
+                if (!location.equals(file.getSourceLocation())){
+                    //mark local true, so the folowing condition will be true and
+                    //new jnlp file will be downlaoded
+                    isLocal = true;
+                    //maybe this check is to strict, and will force redownlaod to often
+                    //another check can be just on jnlp name. But it will not work
+                    //if the href will be the file of same name, but on diferent path (or even domain)
+                }
+            }
+            if (isLocal && haveHref) {
+                file = new JNLPFile(file.getSourceLocation(), parserSettings);
+            }
             return file;
         } catch (Exception ex) {
             if (ex instanceof LaunchException)
+            if (ex instanceof LaunchException) {
                 throw (LaunchException) ex; // already sent to handler when first thrown
             else
+            } else {
                 // IO and Parse
                 throw launchError(new LaunchException(null, ex, R("LSFatal"), R("LCReadError"), R("LCantRead"), R("LCantReadInfo")));
+        }
+    }
+    /**
+     * Returns the JNLPFile for the URL, with error handling.
+     */
+    @Deprecated
+    private JNLPFile toFile(URL location) throws LaunchException {
+        try {
+            JNLPFile file = null;
+            try {
+                file = new JNLPFile(location, (Version) null, true, updatePolicy); // strict
+            } catch (ParseException ex) {
+                file = new JNLPFile(location, (Version) null, false, updatePolicy);
+                // only here if strict failed but lax did not fail
+                LaunchException lex =
+                        launchWarning(new LaunchException(file, ex, R("LSMinor"), R("LCFileFormat"), R("LNotToSpec"), R("LNotToSpecInfo")));
+                if (lex != null)
+                    throw lex;
+            }
+            return file;
+        } catch (Exception ex) {
+            if (ex instanceof LaunchException)
+                throw (LaunchException) ex; // already sent to handler when first thrown
+            else
+                // IO and Parse
+                throw launchError(new LaunchException(null, ex, R("LSFatal"), R("LCReadError"), R("LCantRead"), R("LCantReadInfo")));
+        }
+    }
+    /**
+            }
+        }
+    }
+   /**
      * Launches a JNLP application.  This method should be called
      * from a thread in the application's thread group.
      */
     protected ApplicationInstance launchApplication(JNLPFile file) throws LaunchException {
         if (!file.isApplication())
+        if (!file.isApplication()) {
             throw launchError(new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LNotApplication"), R("LNotApplicationInfo")));
+        }
         try {
 …
                 ServiceUtil.checkExistingSingleInstance(file);
             } catch (InstanceExistsException e) {
+                OutputController.getLogger().log("Single instance application is already running.");
                 return null;
+            }
             if (JNLPRuntime.getForksAllowed() && file.needsNewVM()) {
+                if (!JNLPRuntime.isHeadless()){
+                    SplashScreen sp = SplashScreen.getSplashScreen();
+                    if (sp!=null) {
+                        sp.close();
+                    }
+                }
                 List<String> netxArguments = new LinkedList<String>();
                 netxArguments.add("-Xnofork");
 …
+            }
             if (mainName == null)
+            if (mainName == null) {
                 throw launchError(new LaunchException(file, null,
                         R("LSFatal"), R("LCClient"), R("LCantDetermineMainClass"),
                         R("LCantDetermineMainClassInfo")));
+            }
             Class<?> mainClass = app.getClassLoader().loadClass(mainName);
 …
             SwingUtilities.invokeAndWait(new Runnable() {
                 // dummy method to force Event Dispatch Thread creation
+                @Override
                 public void run() {
+                }
 …
             main.setAccessible(true);
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("Invoking main() with args: " + Arrays.toString(args));
+            }
+            OutputController.getLogger().log("Invoking main() with args: " + Arrays.toString(args));
             main.invoke(null, new Object[] { args });
 …
         for (Thread thread : threads) {
             if (thread != null) {
+                if (JNLPRuntime.isDebug()) {
+                    System.err.println("Setting " + classLoader + " as the classloader for thread " + thread.getName());
+                }
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Setting " + classLoader + " as the classloader for thread " + thread.getName());
                 thread.setContextClassLoader(classLoader);
+            }
 …
     /**
      * Launches a JNLP applet. This method should be called from a
      * thread in the application's thread group.<p>
+     *
+     * thread in the application's thread group.
+     * <p>
      * The enableCodeBase parameter adds the applet's codebase to
      * the locations searched for resources and classes.  This can
 …
      * JNLP file.  If the applet JNLP file does not specify any
      * resources then the code base will be enabled regardless of
+     * the specified value.<p>
+     * the specified value.
+     * </p>
+     *
      * @param file the JNLP file
 …
      */
     protected ApplicationInstance launchApplet(JNLPFile file, boolean enableCodeBase, Container cont) throws LaunchException {
         if (!file.isApplet())
+        if (!file.isApplet()) {
             throw launchError(new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LNotApplet"), R("LNotAppletInfo")));
+        }
+        if (JNLPRuntime.getForksAllowed() && file.needsNewVM()) {
+            if (!JNLPRuntime.isHeadless()) {
+                SplashScreen sp = SplashScreen.getSplashScreen();
+                if (sp != null) {
+                    sp.close();
+                }
+            }
+        }
+        if (handler != null) {
+            handler.launchInitialized(file);
+        }
+        AppletInstance applet = null;
         try {
+            AppletInstance applet = createApplet(file, enableCodeBase, cont);
+            ServiceUtil.checkExistingSingleInstance(file);
+            applet = createApplet(file, enableCodeBase, cont);
             applet.initialize();
             applet.getAppletEnvironment().startApplet(); // this should be a direct call to applet instance
             return applet;
+        } catch (InstanceExistsException ieex) {
+            OutputController.getLogger().log("Single instance applet is already running.");
+            throw launchError(new LaunchException(file, ieex, R("LSFatal"), R("LCLaunching"), R("LCouldNotLaunch"), R("LSingleInstanceExists")), applet);
         } catch (LaunchException lex) {
             throw launchError(lex);
+            throw launchError(lex, applet);
         } catch (Exception ex) {
+            throw launchError(new LaunchException(file, ex, R("LSFatal"), R("LCLaunching"), R("LCouldNotLaunch"), R("LCouldNotLaunchInfo")));
+            throw launchError(new LaunchException(file, ex, R("LSFatal"), R("LCLaunching"), R("LCouldNotLaunch"), R("LCouldNotLaunchInfo")), applet);
+        }finally{
+            if (handler != null) {
+                handler.launchStarting(applet);
+            }
+        }
+    }
 …
      */
     protected ApplicationInstance getApplet(JNLPFile file, boolean enableCodeBase, Container cont) throws LaunchException {
         if (!file.isApplet())
+        if (!file.isApplet()) {
             throw launchError(new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LNotApplet"), R("LNotAppletInfo")));
+        }
+        AppletInstance applet = null;
         try {
+            AppletInstance applet = createApplet(file, enableCodeBase, cont);
+            ServiceUtil.checkExistingSingleInstance(file);
+            applet = createApplet(file, enableCodeBase, cont);
             applet.initialize();
             return applet;
+        } catch (InstanceExistsException ieex) {
+            OutputController.getLogger().log("Single instance applet is already running.");
+            throw launchError(new LaunchException(file, ieex, R("LSFatal"), R("LCLaunching"), R("LCouldNotLaunch"), R("LSingleInstanceExists")), applet);
         } catch (LaunchException lex) {
             throw launchError(lex);
+            throw launchError(lex, applet);
         } catch (Exception ex) {
             throw launchError(new LaunchException(file, ex, R("LSFatal"), R("LCLaunching"), R("LCouldNotLaunch"), R("LCouldNotLaunchInfo")));
+            throw launchError(new LaunchException(file, ex, R("LSFatal"), R("LCLaunching"), R("LCouldNotLaunch"), R("LCouldNotLaunchInfo")), applet);
+        }
+    }
 …
      */
     protected ApplicationInstance launchInstaller(JNLPFile file) throws LaunchException {
+        // TODO Check for an existing single instance once implemented.
+        // ServiceUtil.checkExistingSingleInstance(file);
         throw launchError(new LaunchException(file, null, R("LSFatal"), R("LCNotSupported"), R("LNoInstallers"), R("LNoInstallersInfo")));
+    }
 …
      * @param enableCodeBase whether to add the code base URL to the classloader
      */
+    protected AppletInstance createApplet(JNLPFile file, boolean enableCodeBase, Container cont) throws LaunchException {
+        try {
+            JNLPClassLoader loader = JNLPClassLoader.getInstance(file, updatePolicy);
+     //FIXME - when multiple applets are on one page, this method is visited simultaneously
+    //and then appelts creates in little bit strange manner. This issue is visible with
+    //randomly showing/notshowing spalshscreens.
+    //See also PluginAppletViewer.framePanel
+    protected  AppletInstance createApplet(JNLPFile file, boolean enableCodeBase, Container cont) throws LaunchException {
+         AppletInstance appletInstance = null;
+         try {
+            JNLPClassLoader loader = JNLPClassLoader.getInstance(file, updatePolicy, enableCodeBase);
             if (enableCodeBase) {
 …
             // services. This could potentially be done in applet constructor
             // so initialize appletInstance before creating applet.
             AppletInstance appletInstance;
             if (cont == null)
                 appletInstance = new AppletInstance(file, group, loader, null);
             else
                 appletInstance = new AppletInstance(file, group, loader, null, cont);
+            if (cont == null) {
+                 appletInstance = new AppletInstance(file, group, loader, null);
+             } else {
+                 appletInstance = new AppletInstance(file, group, loader, null, cont);
+             }
             loader.setApplication(appletInstance);
 …
             // appletInstance.
             String appletName = file.getApplet().getMainClass();
             Class appletClass = loader.loadClass(appletName);
+            Class<?> appletClass = loader.loadClass(appletName);
             Applet applet = (Applet) appletClass.newInstance();
+            applet.setStub((AppletStub)cont);
             // Finish setting up appletInstance.
             appletInstance.setApplet(applet);
 …
             return appletInstance;
         } catch (Exception ex) {
             throw launchError(new LaunchException(file, ex, R("LSFatal"), R("LCInit"), R("LInitApplet"), R("LInitAppletInfo")));
+            throw launchError(new LaunchException(file, ex, R("LSFatal"), R("LCInit"), R("LInitApplet"), R("LInitAppletInfo")), appletInstance);
+        }
+    }
 …
     protected Applet createAppletObject(JNLPFile file, boolean enableCodeBase, Container cont) throws LaunchException {
         try {
             JNLPClassLoader loader = JNLPClassLoader.getInstance(file, updatePolicy);
+            JNLPClassLoader loader = JNLPClassLoader.getInstance(file, updatePolicy, enableCodeBase);
             if (enableCodeBase) {
 …
             String appletName = file.getApplet().getMainClass();
             Class appletClass = loader.loadClass(appletName);
+            Class<?> appletClass = loader.loadClass(appletName);
             Applet applet = (Applet) appletClass.newInstance();
 …
     protected ApplicationInstance createApplication(JNLPFile file) throws LaunchException {
         try {
             JNLPClassLoader loader = JNLPClassLoader.getInstance(file, updatePolicy);
+            JNLPClassLoader loader = JNLPClassLoader.getInstance(file, updatePolicy, false);
             ThreadGroup group = Thread.currentThread().getThreadGroup();
 …
      */
     protected ThreadGroup createThreadGroup(JNLPFile file) {
         ThreadGroup tg = null;
+        final ThreadGroup tg;
         if (file instanceof PluginBridge) {
 …
      */
     private LaunchException launchError(LaunchException ex) {
+        if (handler != null)
+        return launchError(ex, null);
+    }
+    private LaunchException launchError(LaunchException ex, AppletInstance applet) {
+        if (applet != null) {
+            SplashUtils.showErrorCaught(ex, applet);
+        }
+        if (handler != null) {
             handler.launchError(ex);
+        }
         return ex;
 …
      */
     private LaunchException launchWarning(LaunchException ex) {
         if (handler != null)
+        if (handler != null) {
             if (!handler.launchWarning(ex))
                 // no need to destroy the app b/c it hasn't started
+                return ex; // chose to abort
+                return ex;
+        } // chose to abort
         return null; // chose to continue, or no handler
 …
+    }
     /**
+       /**
      * This runnable is used to call the appropriate launch method
      * for the application, applet, or installer in its thread group.
 …
+        }
+        @Override
         public void run() {
             try {
                 // Do not create new AppContext if we're using NetX and icedteaplugin.
                 // The plugin needs an AppContext too, but it has to be created earlier.
                 if (context && !isPlugin)
+                if (context && !isPlugin) {
                     SunToolkit.createNewAppContext();
+                }
                 doPerApplicationAppContextHacks();
 …
                     application = getApplet(file, ((PluginBridge)file).codeBaseLookup(), cont);
                 } else {
                     if (file.isApplication())
+                    if (file.isApplication()) {
                         application = launchApplication(file);
+                    else if (file.isApplet())
+                        application = launchApplet(file, true, cont); // enable applet code base
+                    else if (file.isInstaller())
+                    }
+                    else if (file.isApplet()) {
+                        application = launchApplet(file, true, cont);
+                    } // enable applet code base
+                    else if (file.isInstaller()) {
                         application = launchInstaller(file);
+                    else
+                    }
+                    else {
                         throw launchError(new LaunchException(file, null,
                                                 R("LSFatal"), R("LCClient"), R("LNotLaunchable"),
                                                 R("LNotLaunchableInfo")));
+                    }
+                }
             } catch (LaunchException ex) {
                 ex.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
                 exception = ex;
                 // Exit if we can't launch the application.
+                if (exitOnFailure)
+                    System.exit(1);
+                if (exitOnFailure) {
+                    JNLPRuntime.exit(1);
+                }
+            }  catch (Throwable ex) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+                throw new RuntimeException(ex);
+            }
+        }
 …
     };
-    /**
-     * This runnable is used by the <code>launchBackground</code>
-     * methods to launch a JNLP file from a separate thread.
-     */
-    private class BgRunner implements Runnable {
-        private JNLPFile file;
-        private URL location;
-        BgRunner(JNLPFile file, URL location) {
-            this.file = file;
-            this.location = location;
+        }
-        public void run() {
-            try {
-                if (file != null)
-                    launch(file);
-                if (location != null)
-                    launch(location);
-            } catch (LaunchException ex) {
-                // launch method communicates error conditions to the
-                // handler if it exists, otherwise we don't care because
-                // there's nothing that can be done about the exception.
+            }
+        }
-    };
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/NetxPanel.java

-              r418
+              r429
 /*
  * Copyright 2007 Red Hat, Inc.
+ * Copyright 2012 Red Hat, Inc.
  * This file is part of IcedTea, http://icedtea.classpath.org
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 …
 package net.sourceforge.jnlp;
-import net.sourceforge.jnlp.AppletLog;
 import net.sourceforge.jnlp.runtime.AppletInstance;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 …
 import java.net.URL;
 import java.util.HashMap;
-import java.util.Hashtable;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
+import sun.applet.AppletViewerPanel;
+import net.sourceforge.jnlp.splashscreen.SplashController;
+import net.sourceforge.jnlp.splashscreen.SplashPanel;
+import net.sourceforge.jnlp.splashscreen.SplashUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import sun.applet.AppletViewerPanelAccess;
 import sun.awt.SunToolkit;
 /**
  * This panel calls into netx to run an applet, and pipes the display
  * into a panel from gcjwebplugin.
+ *
  * @author      Francis Kung <fkung@redhat.com>
+ * into a panel from the icedtea-web browser plugin.
+ *
+ * @author      Francis Kung &lt;fkung@redhat.com&gt;
  */
+public class NetxPanel extends AppletViewerPanel {
+public class NetxPanel extends AppletViewerPanelAccess implements SplashController {
+    private final PluginParameters parameters;
     private PluginBridge bridge = null;
-    private boolean exitOnFailure = true;
     private AppletInstance appInst = null;
     private boolean appletAlive;
     private final String uKey;
+    private SplashController splashController;
+    private volatile boolean initialized;
     // We use this so that we can create exactly one thread group
 …
         new ConcurrentHashMap<String, Boolean>();
+    public NetxPanel(URL documentURL, Hashtable<String, String> atts) {
+        super(documentURL, atts);
+        /* According to http://download.oracle.com/javase/6/docs/technotes/guides/deployment/deployment-guide/applet-compatibility.html,
+         * classloaders are shared iff these properties match:
+         * codebase, cache_archive, java_archive, archive
+         *
+         * To achieve this, we create the uniquekey based on those 4 values,
+         * always in the same order. The initial "<NAME>=" parts ensure a
+         * bad tag cannot trick the loader into getting shared with another.
+         */
+        // Firefox sometimes skips the codebase if it is default  -- ".",
+        // so set it that way if absent
+        String codebaseAttr =      atts.get("codebase") != null ?
+                                   atts.get("codebase") : ".";
+        String cache_archiveAttr = atts.get("cache_archive") != null ?
+                                   atts.get("cache_archive") : "";
+        String java_archiveAttr =  atts.get("java_archive") != null ?
+                                   atts.get("java_archive") : "";
+        String archiveAttr =       atts.get("archive") != null ?
+                                   atts.get("archive") : "";
+        this.uKey = "codebase=" + codebaseAttr +
+                    "cache_archive=" + cache_archiveAttr +
+                    "java_archive=" + java_archiveAttr +
+                    "archive=" +  archiveAttr;
+        // when this was being done (incorrectly) in Launcher, the call was
+        // new AppThreadGroup(mainGroup, file.getTitle());
+    public NetxPanel(URL documentURL, PluginParameters params) {
+        super(documentURL, params.getUnderlyingHashtable());
+        this.parameters = params;
+        this.initialized = false;
+        String uniqueKey = params.getUniqueKey(getCodeBase());
         synchronized(TGMapMutex) {
             if (!uKeyToTG.containsKey(this.uKey)) {
                 ThreadGroup tg = new ThreadGroup(Launcher.mainGroup, this.documentURL.toString());
                 uKeyToTG.put(this.uKey, tg);
+            if (!uKeyToTG.containsKey(uniqueKey)) {
+                ThreadGroup tg = new ThreadGroup(Launcher.mainGroup, this.getDocumentURL().toString());
+                uKeyToTG.put(uniqueKey, tg);
+            }
+        }
+    }
-    // overloaded constructor, called when initialized via plugin
-    public NetxPanel(URL documentURL, Hashtable<String, String> atts,
-                     boolean exitOnFailure) {
-        this(documentURL, atts);
-        this.exitOnFailure = exitOnFailure;
-        this.appletAlive = true;
+    }
 …
          * and stopping the applet.
          */
         AppletLog.log(t);
+        OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, t); //new logger
         super.showAppletException(t);
+    }
 …
     //Overriding to use Netx classloader. You might need to relax visibility
     //in sun.applet.AppletPanel for runLoader().
+    protected void runLoader() {
+    @Override
+    protected void ourRunLoader() {
         try {
             bridge = new PluginBridge(baseURL,
+            bridge = new PluginBridge(getBaseURL(),
                                 getDocumentBase(),
                                 getJarFiles(),
 …
                                 getWidth(),
                                 getHeight(),
                                 atts, uKey);
+                                parameters);
             doInit = true;
 …
             status = APPLET_LOAD;
+            Launcher l = new Launcher(exitOnFailure);
+            try {
+                appInst = (AppletInstance) l.launch(bridge, this);
+            } catch (LaunchException e) {
+                // Assume user has indicated he does not trust the
+                // applet.
+                if (exitOnFailure)
+                    System.exit(1);
+            }
+            applet = appInst.getApplet();
+            //On the other hand, if you create an applet this way, it'll work
+            //fine. Note that you might to open visibility in sun.applet.AppletPanel
+            //for this to work (the loader field, and getClassLoader).
+            //loader = getClassLoader(getCodeBase(), getClassLoaderCacheKey());
+            //applet = createApplet(loader);
+            // This shows that when using NetX's JNLPClassLoader, keyboard input
+            // won't make it to the applet, whereas using sun.applet.AppletClassLoader
+            // works just fine.
+            dispatchAppletEvent(APPLET_LOADING_COMPLETED, null);
+            if (applet != null) {
+            Launcher l = new Launcher(false);
+            // May throw LaunchException:
+            appInst = (AppletInstance) l.launch(bridge, this);
+            setApplet(appInst.getApplet());
+            if (getApplet() != null) {
                 // Stick it in the frame
                 applet.setStub(this);
                 applet.setVisible(false);
                 add("Center", applet);
+                getApplet().setStub(this);
+                getApplet().setVisible(false);
+                add("Center", getApplet());
                 showAppletStatus("loaded");
                 validate();
+            }
         } catch (Exception e) {
+            this.appletAlive = false;
+            e.printStackTrace();
+            status = APPLET_ERROR;
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            replaceSplash(SplashUtils.getErrorSplashScreen(getWidth(), getHeight(), e));
+        } finally {
+            // PR1157: This needs to occur even in the case of an exception
+            // so that the applet's event listeners are signaled.
+            // Once PluginAppletViewer.AppletEventListener is signaled PluginAppletViewer can properly stop waiting
+            // in PluginAppletViewer.waitForAppletInit
+            this.initialized = true;
+            dispatchAppletEvent(APPLET_LOADING_COMPLETED, null);
+        }
+    }
 …
      */
     // Reminder: Relax visibility in sun.applet.AppletPanel
+    @Override
     protected synchronized void createAppletThread() {
         // initialize JNLPRuntime in the main threadgroup
 …
             //The custom NetX Policy and SecurityManager are set here.
             if (!JNLPRuntime.isInitialized()) {
+                if (JNLPRuntime.isDebug())
+                    System.out.println("initializing JNLPRuntime...");
+                OutputController.getLogger().log("initializing JNLPRuntime...");
                 JNLPRuntime.initialize(false);
             } else {
+                if (JNLPRuntime.isDebug())
+                    System.out.println("JNLPRuntime already initialized");
+                OutputController.getLogger().log("JNLPRuntime already initialized");
+            }
+        }
         handler = new Thread(getThreadGroup(), this);
+        handler = new Thread(getThreadGroup(), this, "NetxPanelThread@" + this.getDocumentURL());
         handler.start();
+    }
     public void updateSizeInAtts(int height, int width) {
+        this.atts.put("height", Integer.toString(height));
+        this.atts.put("width", Integer.toString(width));
+        parameters.updateSize(width, height);
+    }
 …
+    }
     public boolean isAlive() {
         return handler != null && handler.isAlive() && this.appletAlive;
+    public boolean isInitialized() {
+        return initialized;
+    }
     public ThreadGroup getThreadGroup() {
         synchronized(TGMapMutex) {
             return uKeyToTG.get(uKey);
+            return uKeyToTG.get(parameters.getUniqueKey(getCodeBase()));
+        }
+    }
 …
         // only create a new context if one hasn't already been created for the
         // applets with this unique key.
         if (null == appContextCreated.putIfAbsent(uKey, Boolean.TRUE)) {
+        if (null == appContextCreated.putIfAbsent(parameters.getUniqueKey(getCodeBase()), Boolean.TRUE)) {
             SunToolkit.createNewAppContext();
+        }
+    }
+    public void setAppletViewerFrame(SplashController framePanel) {
+        splashController=framePanel;
+    }
+    @Override
+    public void removeSplash() {
+        splashController.removeSplash();
+    }
+    @Override
+    public void replaceSplash(SplashPanel r) {
+        splashController.replaceSplash(r);
+    }
+    @Override
+    public int getSplashWidth() {
+        return splashController.getSplashWidth();
+    }
+    @Override
+    public int getSplashHeigth() {
+        return splashController.getSplashHeigth();
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/Node.java

-              r418
+              r429
+/* Node.java
+   Copyright (C) 2011 Red Hat, Inc.
+This file is part of IcedTea.
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+-1301 USA.
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
 package net.sourceforge.jnlp;
 …
     Node getFirstChild() {
         if (children == null)
+        if (children == null) {
             getChildNodes();
+        if (children.length == 0)
+        }
+        if (children.length == 0) {
             return null;
+        else
+        }
+        else {
             return children[0];
+        }
+    }
 …
             List<Node> list = new ArrayList<Node>();
+            for (Enumeration e = xml.enumerateChildren(); e.hasMoreElements();)
+                list.add(new Node((XMLElement) e.nextElement()));
+            for (Enumeration<XMLElement> e = xml.enumerateChildren(); e.hasMoreElements();) {
+                list.add(new Node(e.nextElement()));
+            }
             children = list.toArray(new Node[list.size()]);
             for (int i = 0; i < children.length - 1; i++)
+            for (int i = 0; i < children.length - 1; i++) {
                 children[i].next = children[i + 1];
+            }
+        }
 …
             attributeNames= new ArrayList<String>();
+            for (Enumeration e = xml.enumerateAttributeNames(); e.hasMoreElements();)
+                attributeNames.add(new String((String) e.nextElement()));
+            for (Enumeration<String> e = xml.enumerateAttributeNames(); e.hasMoreElements();) {
+                attributeNames.add(new String(e.nextElement()));
+            }
+        }
 …
     String getNodeName() {
         if (xml.getName() == null)
+        if (xml.getName() == null) {
             return "";
+        else
+        }
+        else {
             return xml.getName();
+    }
+        }
+    }
+    @Override
     public String toString() {
         return getNodeName();

trunk/icedtea-web/netx/net/sourceforge/jnlp/ParseException.java

-              r348
+              r429
     // element, parse position, etc.
+    /** the original exception */
+    private Throwable cause = null;
     /**
      * Create a parse exception with the specified message.
 …
      */
     public ParseException(String message, Throwable cause) {
+        super(message);
+        // replace with setCause when no longer 1.3 compatible
+        this.cause = cause;
+    }
+    /**
+     * Return the cause of the launch exception or null if there
+     * is no cause exception.
+     */
+    public Throwable getCause() {
+        return cause;
+    }
+    /**
+     * Print the stack trace and the cause exception (1.3
+     * compatible)
+     */
+    public void printStackTrace(PrintStream stream) {
+        super.printStackTrace(stream);
+        if (cause != null) {
+            stream.println("Caused by: ");
+            cause.printStackTrace(stream);
+        }
+    }
+    /**
+     * Print the stack trace and the cause exception (1.3
+     * compatible)
+     */
+    public void printStackTrace(PrintWriter stream) {
+        super.printStackTrace(stream);
+        if (cause != null) {
+            stream.println("Caused by: ");
+            cause.printStackTrace(stream);
+        }
+    }
+        super(message, cause);
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/Parser.java

-              r418
+              r429
 // Copyright (C) 2001-2003 Jon A. Maxwell (JAM)
 // Copyright (C) 2012 Red Hat, Inc.
+// Copyright (C) 2009-2013 Red Hat, Inc.
 //
 // This library is free software; you can redistribute it and/or
 …
 import java.io.*;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
 import java.net.*;
 import java.util.*;
+//import javax.xml.parsers.*; // commented to use right Node
+//import org.w3c.dom.*;       // class for using Tiny XML | NanoXML
+//import org.xml.sax.*;
+//import gd.xml.tiny.*;
+import net.sourceforge.jnlp.SecurityDesc.RequestedPermissionLevel;
 import net.sourceforge.jnlp.UpdateDesc.Check;
 import net.sourceforge.jnlp.UpdateDesc.Policy;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.nanoxml.*;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
+        }
         public void warning(SAXParseException exception) {
             System.err.println("XML parse warning:");
             exception.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "XML parse warning:");
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, exception);
+        }
     };
 …
     /**
      * Create a parser for the JNLP file.  If the location
+     * Create a parser for the JNLP file. If the location
      * parameters is not null it is used as the default codebase
      * (does not override value of jnlp element's href
      * attribute).<p>
+     *
+     * attribute).
+     * <p>
      * The root node may be normalized as a side effect of this
      * constructor.
+     *
+     * </p>
      * @param file the (uninitialized) file reference
      * @param base if codebase is not specified, a default base for relative URLs
      * @param root the root node
+     * @param strict whether to enforce strict compliance with the JNLP spec
+     * @param allowExtensions whether to allow extensions to the JNLP spec
+     * @throws ParseException if the JNLP file is invalid
+     */
+    public Parser(JNLPFile file, URL base, Node root, boolean strict, boolean allowExtensions) throws ParseException {
+        this(file, base, root, strict, allowExtensions, null);
+    }
+    /**
+     * Create a parser for the JNLP file.  If the location
+     * @param settings the parser settings to use when parsing the JNLP file
+     * @throws ParseException if the JNLP file is invalid
+     */
+    public Parser(JNLPFile file, URL base, Node root, ParserSettings settings) throws ParseException {
+        this(file, base, root, settings, null);
+    }
+    /**
+     * Create a parser for the JNLP file. If the location
      * parameters is not null it is used as the default codebase
      * (does not override value of jnlp element's href
      * attribute).<p>
+     *
+     * attribute).
+     * <p>
      * The root node may be normalized as a side effect of this
      * constructor.
+     *
+     * </p>
      * @param file the (uninitialized) file reference
      * @param base if codebase is not specified, a default base for relative URLs
      * @param root the root node
+     * @param strict whether to enforce strict compliance with the JNLP spec
+     * @param allowExtensions whether to allow extensions to the JNLP spec
+     * @param settings the parser settings to use when parsing the JNLP file
      * @param codebase codebase to use if we did not parse one from JNLP file.
      * @throws ParseException if the JNLP file is invalid
      */
     public Parser(JNLPFile file, URL base, Node root, boolean strict, boolean allowExtensions, URL codebase) throws ParseException {
+    public Parser(JNLPFile file, URL base, Node root, ParserSettings settings, URL codebase) throws ParseException {
         this.file = file;
         this.root = root;
         this.strict = strict;
         this.allowExtensions = allowExtensions;
+        this.strict = settings.isStrict();
+        this.allowExtensions = settings.isExtensionAllowed();
         // ensure it's a JNLP node
 …
         // JNLP tag information
         this.spec = getVersion(root, "spec", "1.0+");
+        this.codebase = addSlash(getURL(root, "codebase", base));
+        if (this.codebase == null) // We only override it if it is not specified.
+        try {
+            this.codebase = addSlash(getURL(root, "codebase", base));
+        } catch (ParseException e) {
+            //If parsing fails, continue by overriding the codebase with the one passed in
+        }
+        if (this.codebase == null) // Codebase is overwritten if codebase was not specified in file or if parsing of it failed
             this.codebase = codebase;
         this.base = (this.codebase != null) ? this.codebase : base; // if codebase not specified use default codebase
         fileLocation = getURL(root, "href", this.base);
 …
         // ensure that there are at least one information section present
         if (resources.length == 0 && !j2se)
+        if (resources.length == 0 && !j2se) {
             throw new ParseException(R("PNoResources"));
+        }
         // create objects from the resources sections
         for (int i = 0; i < resources.length; i++)
+        for (int i = 0; i < resources.length; i++) {
             result.add(getResourcesDesc(resources[i], j2se));
+        }
         return result;
+    }
 …
                 // check for duplicate main entries
                 if (jar.isMain()) {
                     if (mainFlag == true)
                         if (strict)
+                    if (mainFlag == true) {
+                        if (strict) {
                             throw new ParseException(R("PTwoMains"));
+                        }
+                    }
                     mainFlag = true;
+                }
 …
         String initialHeap = getAttribute(node, "initial-heap-size", null);
         String maxHeap = getAttribute(node, "max-heap-size", null);
         List resources = getResources(node, true);
+        List<ResourcesDesc> resources = getResources(node, true);
         // require version attribute
 …
      */
     void checkForInformation() throws RequiredElementException {
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Homepage: " + file.getInformation().getHomepage());
+            System.out.println("Description: " + file.getInformation().getDescription());
+        }
+        OutputController.getLogger().log("Homepage: " + file.getInformation().getHomepage());
+        OutputController.getLogger().log("Description: " + file.getInformation().getDescription());
         String title = file.getTitle();
 …
         if (title == null || title.trim().isEmpty())
             throw new MissingTitleException();
+        else if (JNLPRuntime.isDebug())
+            System.out.println("Acceptable title tag found, contains: " + title);
+        else OutputController.getLogger().log("Acceptable title tag found, contains: " + title);
         if (vendor == null || vendor.trim().isEmpty())
             throw new MissingVendorException();
+        else if (JNLPRuntime.isDebug())
+            System.out.println("Acceptable vendor tag found, contains: " + vendor);
+        else OutputController.getLogger().log("Acceptable vendor tag found, contains: " + vendor);
+    }
 …
         // create information
         InformationDesc info = new InformationDesc(file, locales);
+        InformationDesc info = new InformationDesc(locales);
         // step through the elements
 …
         Object type = SecurityDesc.SANDBOX_PERMISSIONS;
+        if (nodes.length == 0)
+        RequestedPermissionLevel requestedPermissionLevel = RequestedPermissionLevel.NONE;
+        if (nodes.length == 0) {
             type = SecurityDesc.SANDBOX_PERMISSIONS;
+        else if (null != getChildNode(nodes[0], "all-permissions"))
+            requestedPermissionLevel = RequestedPermissionLevel.NONE;
+        } else if (null != getChildNode(nodes[0], "all-permissions")) {
             type = SecurityDesc.ALL_PERMISSIONS;
+        else if (null != getChildNode(nodes[0], "j2ee-application-client-permissions"))
+            requestedPermissionLevel = RequestedPermissionLevel.ALL;
+        } else if (null != getChildNode(nodes[0], "j2ee-application-client-permissions")) {
             type = SecurityDesc.J2EE_PERMISSIONS;
+        else if (strict)
+            requestedPermissionLevel = RequestedPermissionLevel.J2EE;
+        } else if (strict) {
             throw new ParseException(R("PEmptySecurity"));
+        if (base != null)
+            return new SecurityDesc(file, type, base.getHost());
+        else
+            return new SecurityDesc(file, type, null);
+        }
+        if (base != null) {
+            return new SecurityDesc(file, requestedPermissionLevel, type, base.getHost());
+        } else {
+            return new SecurityDesc(file, requestedPermissionLevel, type, null);
+        }
+    }
 …
     /**
      * Returns a Locale from a single locale.
+     *
      * @param locale the locale string
+     * Returns a {@link Locale} from a single locale.
+     *
+     * @param localeStr the locale string
      */
     public Locale getLocale(String localeStr) {
 …
     /**
      * Returns a URL object from a href string relative to the
      * code base.  If the href denotes a relative URL, it must
+     * code base. If the href denotes a relative URL, it must
      * reference a location that is a subdirectory of the
      * codebase.<p>
+     * codebase.
+     *
      * @param node the node
 …
                 // check for going above the codebase
                 if (!result.toString().startsWith(base.toString()))
                     if (strict)
+                if (!result.toString().startsWith(base.toString()) &&  !base.toString().startsWith(result.toString())){
+                    if (strict) {
                         throw new ParseException(R("PUrlNotInCodebase", node.getNodeName(), href, base));
+                    }
+                }
                 return result;
+            }
 …
      * @throws ParseException if the JNLP file is invalid
      */
+    public static Node getRootNode(InputStream input) throws ParseException {
+    public static Node getRootNode(InputStream input, ParserSettings settings) throws ParseException {
+        String className = null;
+        if (settings.isMalformedXmlAllowed()) {
+            className = "net.sourceforge.jnlp.MalformedXMLParser";
+        } else {
+            className = "net.sourceforge.jnlp.XMLParser";
+        }
         try {
+            /* SAX
+            DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+            factory.setValidating(false);
+            factory.setNamespaceAware(true);
+            DocumentBuilder builder = factory.newDocumentBuilder();
+            builder.setErrorHandler(errorHandler);
+            Document doc = builder.parse(input);
+            return doc.getDocumentElement();
+            */
+            /* TINY
+            Node document = new Node(TinyParser.parseXML(input));
+            Node jnlpNode = getChildNode(document, "jnlp"); // skip comments
+            */
+            //A BufferedInputStream is used to allow marking and reseting
+            //of a stream.
+            BufferedInputStream bs = new BufferedInputStream(input);
+            /* NANO */
+            final XMLElement xml = new XMLElement();
+            final PipedInputStream pin = new PipedInputStream();
+            final PipedOutputStream pout = new PipedOutputStream(pin);
+            final InputStreamReader isr = new InputStreamReader(bs, getEncoding(bs));
+            // Clean the jnlp xml file of all comments before passing
+            // it to the parser.
+            new Thread(
+                    new Runnable() {
+                        public void run() {
+                            (new XMLElement()).sanitizeInput(isr, pout);
+                            try {
+                                pout.close();
+                            } catch (IOException ioe) {
+                                ioe.printStackTrace();
+                            }
+                        }
+                    }).start();
+            xml.parseFromReader(new InputStreamReader(pin));
+            Node jnlpNode = new Node(xml);
+            return jnlpNode;
+        } catch (Exception ex) {
+            throw new ParseException(R("PBadXML"), ex);
+        }
+    }
+    /**
+     * Returns the name of the encoding used in this InputStream.
+     *
+     * @param input the InputStream
+     * @return a String representation of encoding
+     */
+    private static String getEncoding(InputStream input) throws IOException {
+        //Fixme: This only recognizes UTF-8, UTF-16, and
+        //UTF-32, which is enough to parse the prolog portion of xml to
+        //find out the exact encoding (if it exists). The reason being
+        //there could be other encodings, such as ISO 8859 which is 8-bits
+        //but it supports latin characters.
+        //So what needs to be done is to parse the prolog and retrieve
+        //the exact encoding from it.
+        int[] s = new int[4];
+        String encoding = "UTF-8";
+        //Determine what the first four bytes are and store
+        //them into an int array.
+        input.mark(4);
+        for (int i = 0; i < 4; i++) {
+            s[i] = input.read();
+        }
+        input.reset();
+        //Set the encoding base on what the first four bytes of the
+        //inputstream turn out to be (following the information from
+        //www.w3.org/TR/REC-xml/#sec-guessing).
+        if (s[0] == 255) {
+            if (s[1] == 254) {
+                if (s[2] != 0 || s[3] != 0) {
+                    encoding = "UnicodeLittle";
+                } else {
+                    encoding = "X-UTF-32LE-BOM";
+                }
+            }
+        } else if (s[0] == 254 && s[1] == 255 && (s[2] != 0 ||
+                s[3] != 0)) {
+            encoding = "UTF-16";
+        } else if (s[0] == 0 && s[1] == 0 && s[2] == 254 &&
+                s[3] == 255) {
+            encoding = "X-UTF-32BE-BOM";
+        } else if (s[0] == 0 && s[1] == 0 && s[2] == 0 &&
+                s[3] == 60) {
+            encoding = "UTF-32BE";
+        } else if (s[0] == 60 && s[1] == 0 && s[2] == 0 &&
+                s[3] == 0) {
+            encoding = "UTF-32LE";
+        } else if (s[0] == 0 && s[1] == 60 && s[2] == 0 &&
+                s[3] == 63) {
+            encoding = "UTF-16BE";
+        } else if (s[0] == 60 && s[1] == 0 && s[2] == 63 &&
+                s[3] == 0) {
+            encoding = "UTF-16LE";
+        }
+        return encoding;
+            Class<?> klass = null;
+            try {
+                klass = Class.forName(className);
+            } catch (ClassNotFoundException e) {
+                klass = Class.forName("net.sourceforge.jnlp.XMLParser");
+            }
+            Object instance = klass.newInstance();
+            Method m = klass.getMethod("getRootNode", InputStream.class);
+            return (Node) m.invoke(instance, input);
+        } catch (InvocationTargetException e) {
+            if (e.getCause() instanceof ParseException) {
+                throw (ParseException)(e.getCause());
+            }
+            throw new ParseException(R("PBadXML"), e);
+        } catch (Exception e) {
+            throw new ParseException(R("PBadXML"), e);
+        }
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/ParserSettings.java

-              r348
+              r429
 */
+package net.sourceforge.jnlp;
+package net.sourceforge.jnlp;
+import java.util.Arrays;
+import java.util.List;
 /**
 …
 public class ParserSettings {
+    private static ParserSettings globalParserSettings = new ParserSettings();
     private final boolean isStrict;
+    private final boolean extensionAllowed;
+    private final boolean malformedXmlAllowed;
+    /** Create a new ParserSettings with the defautl parser settings */
     public ParserSettings() {
         isStrict = false;
+        this(false, true, true);
+    }
+    public ParserSettings(boolean strict) {
+        isStrict = strict;
+    /** Create a new ParserSettings object */
+    public ParserSettings(boolean strict, boolean extensionAllowed, boolean malformedXmlAllowed) {
+        this.isStrict = strict;
+        this.extensionAllowed = extensionAllowed;
+        this.malformedXmlAllowed = malformedXmlAllowed;
+    }
+    /** @return true if extensions to the spec are allowed */
+    public boolean isExtensionAllowed() {
+        return extensionAllowed;
+    }
+    /** @return true if parsing malformed xml is allowed */
+    public boolean isMalformedXmlAllowed() {
+        return malformedXmlAllowed;
+    }
+    /** @return true if strict parsing mode is to be used */
     public boolean isStrict() {
         return isStrict;
+    }
+    /**
+     * Return the global parser settings in use.
+     */
+    public static ParserSettings getGlobalParserSettings() {
+        return globalParserSettings;
+    }
+    /**
+     * Set the global ParserSettings to match the given settings.
+     */
+    public static void setGlobalParserSettings(ParserSettings parserSettings) {
+        globalParserSettings = parserSettings;
+    }
+    /**
+     * Return the ParserSettings to be used according to arguments specified
+     * at boot on the command line. These settings are also stored so they
+     * can be retrieved at a later time.
+     */
+    public static ParserSettings setGlobalParserSettingsFromArgs(String[] cmdArgs) {
+        List<String> argList = Arrays.asList(cmdArgs);
+        boolean strict = argList.contains("-strict");
+        boolean malformedXmlAllowed = !argList.contains("-xml");
+        globalParserSettings = new ParserSettings(strict, true, malformedXmlAllowed);
+        return globalParserSettings;
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/PluginBridge.java

-              r418
+              r429
 package net.sourceforge.jnlp;
+import java.io.ByteArrayInputStream;
 import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
 import java.net.URL;
+import java.net.MalformedURLException;
+import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Locale;
-import java.util.List;
-import java.util.ArrayList;
 import java.util.Map;
 import java.util.Set;
+import net.sourceforge.jnlp.SecurityDesc.RequestedPermissionLevel;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import net.sourceforge.jnlp.util.replacements.BASE64Decoder;
 /**
 …
 public class PluginBridge extends JNLPFile {
     private String name;
+    private PluginParameters params;
     private Set<String> jars = new HashSet<String>();
+    private List<ExtensionDesc> extensionJars = new ArrayList<ExtensionDesc>();
     //Folders can be added to the code-base through the archive tag
     private List<String> codeBaseFolders = new ArrayList<String>();
     private String[] cacheJars = new String[0];
     private String[] cacheExJars = new String[0];
-    private Map<String, String> atts;
     private boolean usePack;
     private boolean useVersion;
-    private boolean codeBaseLookup;
     private boolean useJNLPHref;
 …
      */
     public PluginBridge(URL codebase, URL documentBase, String jar, String main,
+                        int width, int height, Map<String, String> atts,
+                        String uKey)
+                        int width, int height, PluginParameters params)
             throws Exception {
         this(codebase, documentBase, jar, main, width, height, atts, uKey, new JNLPCreator());
+        this(codebase, documentBase, jar, main, width, height, params, new JNLPCreator());
+    }
 …
     public PluginBridge(URL codebase, URL documentBase, String archive, String main,
+                        int width, int height, Map<String, String> atts,
+                        String uKey, JNLPCreator jnlpCreator)
+                        int width, int height, PluginParameters params, JNLPCreator jnlpCreator)
             throws Exception {
         specVersion = new Version("1.0");
 …
         this.codeBase = codebase;
         this.sourceLocation = documentBase;
+        this.atts = atts;
+        if (atts.containsKey("jnlp_href")) {
+        this.params = params;
+        this.parserSettings = ParserSettings.getGlobalParserSettings();
+        if (params.getJNLPHref() != null) {
             useJNLPHref = true;
             try {
                 // Use codeBase as the context for the URL. If jnlp_href's
                 // value is a complete URL, it will replace codeBase's context.
+                URL jnlp = new URL(codeBase, atts.get("jnlp_href"));
+                JNLPFile jnlpFile = jnlpCreator.create(jnlp, null, false, JNLPRuntime.getDefaultUpdatePolicy(), codeBase);
+                ParserSettings defaultSettings = new ParserSettings();
+                URL jnlp = new URL(codeBase, params.getJNLPHref());
+                if (fileLocation == null){
+                    fileLocation = jnlp;
+                }
+                JNLPFile jnlpFile = null;
+                if (params.getJNLPEmbedded() != null) {
+                    InputStream jnlpInputStream = new ByteArrayInputStream(decodeBase64String(params.getJNLPEmbedded()));
+                    jnlpFile = new JNLPFile(jnlpInputStream, codeBase, defaultSettings);
+                } else {
+                    jnlpFile = jnlpCreator.create(jnlp, null, defaultSettings, JNLPRuntime.getDefaultUpdatePolicy(), codeBase);
+                }
+                if (jnlpFile.isApplet())
+                    main = jnlpFile.getApplet().getMainClass();
                 Map<String, String> jnlpParams = jnlpFile.getApplet().getParameters();
                 info = jnlpFile.info;
 …
                 // Change the parameter name to lowercase to follow conventions.
                 for (Map.Entry<String, String> entry : jnlpParams.entrySet()) {
                     this.atts.put(entry.getKey().toLowerCase(), entry.getValue());
+                    this.params.put(entry.getKey().toLowerCase(), entry.getValue());
+                }
                 JARDesc[] jarDescs = jnlpFile.getResources().getJARs();
 …
                      this.jars.add(fileName);
+                 }
+                // Store any extensions listed in the JNLP file to be returned later on, namely in getResources()
+                extensionJars = Arrays.asList(jnlpFile.getResources().getExtensions());
             } catch (MalformedURLException e) {
                 // Don't fail because we cannot get the jnlp file. Parameters are optional not required.
                 // it is the site developer who should ensure that file exist.
                 System.err.println("Unable to get JNLP file at: " + atts.get("jnlp_href")
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Unable to get JNLP file at: " + params.getJNLPHref()
                         + " with context of URL as: " + codeBase.toExternalForm());
+            }
 …
         // also, see if cache_archive is specified
         String cacheArchive = atts.get("cache_archive");
         if (cacheArchive != null && cacheArchive.length() > 0) {
+        String cacheArchive = params.getCacheArchive();
+        if (!cacheArchive.isEmpty()) {
             String[] versions = new String[0];
             // are there accompanying versions?
             String cacheVersion = atts.get("cache_version");
             if (cacheVersion != null) {
+            String cacheVersion = params.getCacheVersion();
+            if (!cacheVersion.isEmpty()) {
                 versions = cacheVersion.split(",");
+            }
 …
+        }
         String cacheArchiveEx = atts.get("cache_archive_ex");
         if (cacheArchiveEx != null && cacheArchiveEx.length() > 0) {
+        String cacheArchiveEx = params.getCacheArchiveEx();
+        if (!cacheArchiveEx.isEmpty()) {
             cacheExJars = cacheArchiveEx.split(",");
+        }
 …
             addArchiveEntries(archives);
+            if (JNLPRuntime.isDebug()) {
+                System.err.println("Jar string: " + archive);
+                System.err.println("jars length: " + archives.length);
+            }
+        }
+        name = atts.get("name");
+        if (name == null)
+            name = "Applet";
+        else
+            name = name + " applet";
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Jar string: " + archive);
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "jars length: " + archives.length);
+        }
         if (main.endsWith(".class"))
 …
         // the class name should be of the form foo.bar.Baz not foo/bar/Baz
         String mainClass = main.replace('/', '.');
         launchType = new AppletDesc(name, mainClass, documentBase, width,
                                     height, atts);
+        launchType = new AppletDesc(getTitle(), mainClass, documentBase, width,
+                                    height, params.getUnmodifiableMap());
         if (main.endsWith(".class")) //single class file only
 …
             security = null;
         this.uniqueKey = uKey;
+        this.uniqueKey = params.getUniqueKey(codebase);
         usePack = false;
         useVersion = false;
         String jargs = atts.get("java_arguments");
         if (jargs != null) {
+        String jargs = params.getJavaArguments();
+        if (!jargs.isEmpty()) {
             for (String s : jargs.split(" ")) {
                 String[] parts = s.trim().split("=");
 …
+            }
+        }
+        String cbl = atts.get("codebase_lookup");
+        codeBaseLookup = cbl == null || (Boolean.valueOf(cbl));
+    }
+    public List<String> getArchiveJars() {
+        return new ArrayList<String>(jars);
+    }
     public boolean codeBaseLookup() {
         return codeBaseLookup;
+        return params.useCodebaseLookup();
+    }
 …
+    }
-    /**
-     * {@inheritdoc }
-     */
     @Override
+    public DownloadOptions getDownloadOptionsForJar(JARDesc jar) {
+    public RequestedPermissionLevel getRequestedPermissionLevel() {
+        final String level = params.getPermissions();
+        if (level == null) {
+            return RequestedPermissionLevel.NONE;
+        } else if (level.equals(SecurityDesc.RequestedPermissionLevel.DEFAULT.toHtmlString())) {
+            return RequestedPermissionLevel.NONE;
+        } else if (level.equals(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
+            return RequestedPermissionLevel.SANDBOX;
+        } else if (level.equals(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
+            return RequestedPermissionLevel.ALL;
+        } else {
+            return RequestedPermissionLevel.NONE;
+        }
+    }
+    /**
+     * {@inheritDoc }
+     */
+    @Override
+    public DownloadOptions getDownloadOptions() {
         return new DownloadOptions(usePack, useVersion);
+    }
+    @Override
     public String getTitle() {
+        return name;
+        String inManifestTitle = super.getTitleFromManifest();
+        if (inManifestTitle != null) {
+            return inManifestTitle;
+        }
+        //specification is recommending  main class instead of html parameter
+        //http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#app_name
+        String mainClass = getManifestsAttributes().getMainClass();
+        if (mainClass != null) {
+            return mainClass;
+        }
+        return params.getAppletTitle();
+    }
 …
                         boolean cacheable = true;
+                        String cacheOption = atts.get("cache_option");
+                        if (cacheOption != null && cacheOption.equalsIgnoreCase("no"))
+                        if (params.getCacheOption().equalsIgnoreCase("no"))
                             cacheable = false;
 …
                     } catch (MalformedURLException ex) { /* Ignored */
+                    }
+                } else if (launchType.equals(ExtensionDesc.class)) {
+                    // We hope this is a safe list of JarDesc objects
+                    @SuppressWarnings("unchecked")
+                    List<T> castList = (List<T>) extensionJars; // this list is populated when the PluginBridge is first constructed
+                    return castList;
+                }
                 return sharedResources.getResources(launchType);
 …
         return false;
+    }
+    /**
+     * Returns the decoded BASE64 string
+     */
+    static byte[] decodeBase64String(String encodedString) throws IOException {
+        BASE64Decoder base64 = new BASE64Decoder();
+        return base64.decodeBuffer(encodedString);
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/ResourcesDesc.java

-              r418
+              r429
 /**
  * The resources element.<p>
+ * The resources element.
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
+    }
+    public static JARDesc getMainJAR(JARDesc jars[] ) {
+        return getMainJAR(Arrays.asList(jars));
+    }
+    public static JARDesc getMainJAR(List<JARDesc> jars) {
+        for (JARDesc jar : jars) {
+            if (jar.isMain()) {
+                return jar;
+            }
+        }
+        if (jars.size() > 0) {
+            return jars.get(0);
+        } else {
+            return null;
+        }
+    }
     /**
      * Returns the main JAR for these resources.  There first JAR
 …
      */
     public JARDesc getMainJAR() {
+        JARDesc jars[] = getJARs();
+        for (JARDesc jar : jars) {
+            if (jar.isMain())
+                return jar;
+        }
+        if (jars.length > 0)
+            return jars[0];
+        else
+            return null;
+        return getMainJAR(getJARs());
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/SecurityDesc.java

-              r418
+              r429
 package net.sourceforge.jnlp;
-import java.io.*;
-import java.net.*;
-import java.util.*;
-import java.security.*;
 import java.awt.AWTPermission;
+import java.io.FilePermission;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
+import java.net.SocketPermission;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.security.AllPermission;
+import java.security.CodeSource;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
+import java.security.Policy;
+import java.security.URIParameter;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.PropertyPermission;
+import java.util.Set;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
 public class SecurityDesc {
+    /**
+     * Represents the security level requested by an applet/application, as specified in its JNLP or HTML.
+     */
+    public enum RequestedPermissionLevel {
+        NONE(null, null),
+        DEFAULT(null, "default"),
+        SANDBOX(null, "sandbox"),
+        J2EE("j2ee-application-client-permissions", null),
+        ALL("all-permissions", "all-permissions");
+        public static final String PERMISSIONS_NAME = "permissions";
+        private final String jnlpString, htmlString;
+        private RequestedPermissionLevel(final String jnlpString, final String htmlString) {
+            this.jnlpString = jnlpString;
+            this.htmlString = htmlString;
+        }
+        /**
+         * This permission level, as it would appear requested in a JNLP file. null if this level
+         * is NONE (unspecified) or cannot be requested in a JNLP file.
+         * @return the String level
+         */
+        public String toJnlpString() {
+            return this.jnlpString;
+        }
+        /**
+         * This permission level, as it would appear requested in an HTML file. null if this level
+         * is NONE (unspecified) or cannot be requested in an HTML file.
+         * @return the String level
+         */
+        public String toHtmlString() {
+            return this.htmlString;
+        }
+        /**
+         * The JNLP permission level corresponding to the given String. If null is given, null comes
+         * back. If there is no permission level that can be granted in JNLP matching the given String,
+         * null is also returned.
+         * @param jnlpString the JNLP permission String
+         * @return the matching RequestedPermissionLevel
+         */
+        public RequestedPermissionLevel fromJnlpString(final String jnlpString) {
+            for (final RequestedPermissionLevel level : RequestedPermissionLevel.values()) {
+                if (level.jnlpString != null && level.jnlpString.equals(jnlpString)) {
+                    return level;
+                }
+            }
+            return null;
+        }
+        /**
+         * The HTML permission level corresponding to the given String. If null is given, null comes
+         * back. If there is no permission level that can be granted in HTML matching the given String,
+         * null is also returned.
+         * @param htmlString the JNLP permission String
+         * @return the matching RequestedPermissionLevel
+         */
+        public RequestedPermissionLevel fromHtmlString(final String htmlString) {
+            for (final RequestedPermissionLevel level : RequestedPermissionLevel.values()) {
+                if (level.htmlString != null && level.htmlString.equals(htmlString)) {
+                    return level;
+                }
+            }
+            return null;
+        }
+    }
     /*
      * We do not verify security here, the classloader deals with security
 …
     public static final Object J2EE_PERMISSIONS = "J2SE";
+    /** requested permissions type according to HTML or JNLP */
+    private final RequestedPermissionLevel requestedPermissionLevel;
     /** permissions type */
     private Object type;
 …
     /** the JNLP file */
     private JNLPFile file;
+    private final JNLPFile file;
     private final Policy customTrustedPolicy;
+    /**
+     * URLPermission is new in Java 8, so we use reflection to check for it to keep compatibility
+     * with Java 6/7. If we can't find the class or fail to construct it then we continue as usual
+     * without.
+     *
+     * These are saved as fields so that the reflective lookup only needs to be performed once
+     * when the SecurityDesc is constructed, rather than every time a call is made to
+     * {@link SecurityDesc#getSandBoxPermissions()}, which is called frequently.
+     */
+    private static Class<Permission> urlPermissionClass = null;
+    private static Constructor<Permission> urlPermissionConstructor = null;
+    static {
+        try {
+            urlPermissionClass = (Class<Permission>) Class.forName("java.net.URLPermission");
+            urlPermissionConstructor = urlPermissionClass.getDeclaredConstructor(new Class[] { String.class });
+        } catch (final SecurityException e) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while reflectively finding URLPermission - host is probably not running Java 8+");
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+            urlPermissionClass = null;
+            urlPermissionConstructor = null;
+        } catch (final ClassNotFoundException e) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while reflectively finding URLPermission - host is probably not running Java 8+");
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+            urlPermissionClass = null;
+            urlPermissionConstructor = null;
+        } catch (final NoSuchMethodException e) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while reflectively finding URLPermission - host is probably not running Java 8+");
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+            urlPermissionClass = null;
+            urlPermissionConstructor = null;
+        }
+    }
     // We go by the rules here:
 …
             new SocketPermission("localhost:1024-", "listen"),
             // new SocketPermission("<DownloadHost>", "connect, accept"), // added by code
+            new PropertyPermission("java.util.Arrays.useLegacyMergeSort", "read,write"),
             new PropertyPermission("java.version", "read"),
             new PropertyPermission("java.vendor", "read"),
 …
+     *
      * @param file the JNLP file
+     * @param requestedPermissionLevel the permission level specified in the JNLP
      * @param type the type of security
      * @param downloadHost the download host (can always connect to)
      */
+    public SecurityDesc(JNLPFile file, Object type, String downloadHost) {
+    public SecurityDesc(JNLPFile file, RequestedPermissionLevel requestedPermissionLevel, Object type, String downloadHost) {
+        if (file == null) {
+            throw new NullJnlpFileException();
+        }
         this.file = file;
+        this.requestedPermissionLevel = requestedPermissionLevel;
         this.type = type;
         this.downloadHost = downloadHost;
 …
         customTrustedPolicy = getCustomTrustedPolicy();
+    }
+    /**
+     * Create a security descriptor.
+     *
+     * @param file the JNLP file
+     * @param type the type of security
+     * @param downloadHost the download host (can always connect to)
+     */
+    public SecurityDesc(JNLPFile file, Object type, String downloadHost) {
+        this(file, RequestedPermissionLevel.NONE, type, downloadHost);
+    }
 …
                 policy = Policy.getInstance("JavaPolicy", new URIParameter(policyUri));
             } catch (Exception e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
+        }
 …
     /**
+     * @return the permission level requested in the JNLP
+     */
+    public RequestedPermissionLevel getRequestedPermissionLevel() {
+        return requestedPermissionLevel;
+    }
+    /**
      * Returns a PermissionCollection containing the sandbox permissions
      */
     public PermissionCollection getSandBoxPermissions() {
+        Permissions permissions = new Permissions();
+        final Permissions permissions = new Permissions();
         for (int i = 0; i < sandboxPermissions.length; i++)
 …
             permissions.add(new AWTPermission("showWindowWithoutWarningBanner"));
+        }
+        if (file.isApplication())
+            for (int i = 0; i < jnlpRIAPermissions.length; i++)
+                permissions.add(jnlpRIAPermissions[i]);
+        if (JNLPRuntime.isWebstartApplication()) {
+            if (file == null) {
+                throw new NullJnlpFileException("Can not return sandbox permissions, file is null");
+            }
+            if (file.isApplication()) {
+                for (int i = 0; i < jnlpRIAPermissions.length; i++) {
+                    permissions.add(jnlpRIAPermissions[i]);
+                }
+            }
+        }
         if (downloadHost != null && downloadHost.length() > 0)
 …
                                                  "connect, accept"));
+        final Collection<Permission> urlPermissions = getUrlPermissions();
+        for (final Permission permission : urlPermissions) {
+            permissions.add(permission);
+        }
         return permissions;
+    }
+    private Set<Permission> getUrlPermissions() {
+        if (urlPermissionClass == null || urlPermissionConstructor == null) {
+            return Collections.emptySet();
+        }
+        final Set<Permission> permissions = new HashSet<Permission>();
+        for (final JARDesc jar : file.getResources().getJARs()) {
+            try {
+                // Allow applets all HTTP methods (ex POST, GET) with any request headers
+                // on resources anywhere recursively in or below the applet codebase, only on
+                // default ports and ports explicitly specified in resource locations
+                final URI resourceLocation = jar.getLocation().toURI().normalize();
+                final URI host = getHost(resourceLocation);
+                final String hostUriString = host.toString();
+                final String urlPermissionUrlString = appendRecursiveSubdirToCodebaseHostString(hostUriString);
+                final Permission p = urlPermissionConstructor.newInstance(urlPermissionUrlString);
+                permissions.add(p);
+            } catch (final URISyntaxException e) {
+                OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Could not determine codebase host for resource at " + jar.getLocation() +  " while generating URLPermissions");
+                OutputController.getLogger().log(e);
+            } catch (final InvocationTargetException e) {
+                OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while attempting to reflectively generate a URLPermission, probably not running on Java 8+?");
+                OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+            } catch (final InstantiationException e) {
+                OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while attempting to reflectively generate a URLPermission, probably not running on Java 8+?");
+                OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+            } catch (final IllegalAccessException e) {
+                OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while attempting to reflectively generate a URLPermission, probably not running on Java 8+?");
+                OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+            }
+        }
+        try {
+            final URI codebase = file.getCodeBase().toURI().normalize();
+            final URI host = getHost(codebase);
+            final String codebaseHostUriString = host.toString();
+            final String urlPermissionUrlString = appendRecursiveSubdirToCodebaseHostString(codebaseHostUriString);
+            final Permission p = urlPermissionConstructor.newInstance(urlPermissionUrlString);
+            permissions.add(p);
+        } catch (final URISyntaxException e) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Could not determine codebase host for codebase " + file.getCodeBase() +  "  while generating URLPermissions");
+            OutputController.getLogger().log(e);
+        } catch (final InvocationTargetException e) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while attempting to reflectively generate a URLPermission, probably not running on Java 8+?");
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+        } catch (final InstantiationException e) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while attempting to reflectively generate a URLPermission, probably not running on Java 8+?");
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+        } catch (final IllegalAccessException e) {
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Exception while attempting to reflectively generate a URLPermission, probably not running on Java 8+?");
+            OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, e);
+        }
+        return permissions;
+    }
+    /**
+     * Gets the host domain part of an applet's codebase. Removes path, query, and fragment, but preserves scheme,
+     * user info, and host. The port used is overridden with the specified port.
+     * @param codebase the applet codebase URL
+     * @param port
+     * @return the host domain of the codebase
+     * @throws URISyntaxException
+     */
+    static URI getHostWithSpecifiedPort(final URI codebase, final int port) throws URISyntaxException {
+        requireNonNull(codebase);
+        return new URI(codebase.getScheme(), codebase.getUserInfo(), codebase.getHost(), port, null, null, null);
+    }
+    /**
+     * Gets the host domain part of an applet's codebase. Removes path, query, and fragment, but preserves scheme,
+     * user info, host, and port.
+     * @param codebase the applet codebase URL
+     * @return the host domain of the codebase
+     * @throws URISyntaxException
+     */
+    static URI getHost(final URI codebase) throws URISyntaxException {
+        requireNonNull(codebase);
+        return getHostWithSpecifiedPort(codebase, codebase.getPort());
+    }
+    /**
+     * Appends a recursive access marker to a codebase host, for granting Java 8 URLPermissions which are no
+     * more restrictive than the existing SocketPermissions
+     * See http://docs.oracle.com/javase/8/docs/api/java/net/URLPermission.html
+     * @param codebaseHost the applet's codebase's host domain URL as a String. Expected to be formatted as eg
+     *                     "http://example.com:8080" or "http://example.com/"
+     * @return the resulting String eg "http://example.com:8080/-
+     */
+    static String appendRecursiveSubdirToCodebaseHostString(final String codebaseHost) {
+        requireNonNull(codebaseHost);
+        String result = codebaseHost;
+        while (result.endsWith("/")) {
+            result = result.substring(0, result.length() - 1);
+        }
+        // See http://docs.oracle.com/javase/8/docs/api/java/net/URLPermission.html
+        result = result + "/-"; // allow access to any resources recursively on the host domain
+        return result;
+    }
+    private static void requireNonNull(final Object arg) {
+        if (arg == null) {
+            throw new NullPointerException();
+        }
+    }
     /**
      * Returns all the names of the basic JNLP system properties accessible by RIAs

trunk/icedtea-web/netx/net/sourceforge/jnlp/StreamEater.java

-              r348
+              r429
 import java.io.IOException;
 import java.io.InputStream;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
     public void run() {
         try {
+            StringBuilder s = new StringBuilder();
             while (true) {
                 int c = stream.read();
+                if (c == -1)
+                if (c == -1){
+                    OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, s.toString());
                     break;
+                System.out.write(c);
+                } else {
+                    char ch = (char) c;
+                    if (ch == '\n'){
+                        OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, s.toString());
+                        s = new StringBuilder();
+                    }else {
+                        s.append((char) c);
+                    }
+                }
+            }
         } catch (IOException ex) {

trunk/icedtea-web/netx/net/sourceforge/jnlp/UpdateDesc.java

-              r348
+              r429
+/* UpdateDesc.java
+   Copyright (C) 2010 Red Hat, Inc.
+This file is part of IcedTea.
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+-1301 USA.
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
 package net.sourceforge.jnlp;

trunk/icedtea-web/netx/net/sourceforge/jnlp/Version.java

-              r418
+              r429
 /**
+ * <p>
  * A JNLP Version string in the form "1.2-3_abc" followed by an
  * optional + (includes all later versions) or * (matches any
  * suffixes on versions).  More than one version can be included
+ * in a string by separating them with spaces.<p>
+ *
+ * in a string by separating them with spaces.
+ * </p>
+ * <p>
  * Version strings are divided by "._-" charecters into parts.
  * These parts are compared numerically if they can be parsed as
 …
  * the smaller one is padded with zero or the empty string.  Note
  * that the padding in this version means that 1.2+ matches
+ * 1.4.0-beta1, but may not in future versions.<p>
+ * 1.4.0-beta1, but may not in future versions.
+ * </p>
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
     public String toString() {
         return versionString;
+    }
+    /**
+     * Test.
+     */
+    /*
+    public static void main(String args[]) {
+        Version jvms[] = {
+            new Version("1.1* 1.3*"),
+            new Version("1.2+"),
+        };
+        Version versions[] = {
+            new Version("1.1"),
+            new Version("1.1.8"),
+            new Version("1.2"),
+            new Version("1.3"),
+            new Version("2.0"),
+            new Version("1.3.1"),
+            new Version("1.2.1"),
+            new Version("1.3.1-beta"),
+            new Version("1.1 1.2"),
+            new Version("1.2 1.3"),
+        };
+        for (int j = 0; j < jvms.length; j++) {
+            for (int v = 0; v < versions.length; v++) {
+                System.out.print( jvms[j].toString() + " " );
+                if (!jvms[j].matches(versions[v]))
+                    System.out.print( "!" );
+                System.out.println( "matches " + versions[v].toString() );
+            }
+        }
+        System.out.println("Test completed");
+    }
+    */
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/browser/BrowserAwareProxySelector.java

-              r348
+              r429
 import java.io.File;
 import java.io.IOException;
-import java.net.InetSocketAddress;
 import java.net.MalformedURLException;
 import java.net.Proxy;
-import java.net.SocketAddress;
 import java.net.URI;
 import java.net.URL;
-import java.net.Proxy.Type;
 import java.util.ArrayList;
 import java.util.Arrays;
 …
 import java.util.Map;
+import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.JNLPProxySelector;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.runtime.PacEvaluator;
 import net.sourceforge.jnlp.runtime.PacEvaluatorFactory;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
     private int browserProxyType = BROWSER_PROXY_TYPE_NONE;
     private URL browserAutoConfigUrl;
+    /** Whether the http proxy should be used for http, https, ftp and socket protocols */
     private Boolean browserUseSameProxy;
     private String browserHttpProxyHost;
 …
      * Create a new instance of this class, reading configuration fropm the browser
      */
+    public BrowserAwareProxySelector() {
+        super();
+    public BrowserAwareProxySelector(DeploymentConfiguration config) {
+        super(config);
+    }
+    public void initialize() {
         try {
             initFromBrowserConfig();
         } catch (IOException e) {
+            if (JNLPRuntime.isDebug()) {
+                e.printStackTrace();
+            }
+            System.err.println(R("RProxyFirefoxNotFound"));
+            OutputController.getLogger().log(e);
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RProxyFirefoxNotFound"));
             browserProxyType = PROXY_TYPE_NONE;
+        }
 …
     private void initFromBrowserConfig() throws IOException {
+        File preferencesFile = FirefoxPreferencesFinder.find();
+        FirefoxPreferencesParser parser = new FirefoxPreferencesParser(preferencesFile);
+        parser.parse();
+        Map<String, String> prefs = parser.getPreferences();
+        Map<String, String> prefs = parseBrowserPreferences();
         String type = prefs.get("network.proxy.type");
 …
+            }
         } catch (MalformedURLException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
 …
         browserFtpProxyHost = prefs.get("network.proxy.ftp");
         browserFtpProxyPort = stringToPort(prefs.get("network.proxy.ftp_port"));
         browserSocks4ProxyHost = prefs.get("networking.proxy.socks");
+        browserSocks4ProxyHost = prefs.get("network.proxy.socks");
         browserSocks4ProxyPort = stringToPort(prefs.get("network.proxy.socks_port"));
+    }
+    Map<String, String> parseBrowserPreferences() throws IOException {
+        File preferencesFile = FirefoxPreferencesFinder.find();
+        FirefoxPreferencesParser parser = new FirefoxPreferencesParser(preferencesFile);
+        parser.parse();
+        return parser.getPreferences();
+    }
 …
     /**
+     * <p>
      * The main entry point for {@link BrowserAwareProxySelector}. Based on
      * the browser settings, determines proxy information for a given URI.
+     * </p>
      * <p>
      * The appropriate proxy may be determined by reading static information
      * from the browser's preferences file, or it may be computed dynamically,
      * by, for example, running javascript code.
+     * </p>
      */
     @Override
 …
                     optionDescription = "Unknown";
+                }
+                if (JNLPRuntime.isDebug()) {
+                    System.err.println(R("RProxyFirefoxOptionNotImplemented", browserProxyType, optionDescription));
+                }
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG,R("RProxyFirefoxOptionNotImplemented", browserProxyType, optionDescription));
                 proxies.add(Proxy.NO_PROXY);
+        }
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Browser selected proxies: " + proxies.toString());
+        }
+        OutputController.getLogger().log("Browser selected proxies: " + proxies.toString());
         return proxies;
 …
             proxies.addAll(getProxiesFromPacResult(proxiesString));
         } catch (MalformedURLException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             proxies.add(Proxy.NO_PROXY);
+        }
 …
      */
     private List<Proxy> getFromBrowserConfiguration(URI uri) {
+        List<Proxy> proxies = new ArrayList<Proxy>();
+        String scheme = uri.getScheme();
+        if (browserUseSameProxy) {
+            SocketAddress sa = new InetSocketAddress(browserHttpProxyHost, browserHttpProxyPort);
+            Proxy proxy;
+            if (scheme.equals("socket")) {
+                proxy = new Proxy(Type.SOCKS, sa);
+            } else {
+                proxy = new Proxy(Type.HTTP, sa);
+            }
+            proxies.add(proxy);
+        } else if (scheme.equals("http")) {
+            SocketAddress sa = new InetSocketAddress(browserHttpProxyHost, browserHttpProxyPort);
+            proxies.add(new Proxy(Type.HTTP, sa));
+        } else if (scheme.equals("https")) {
+            SocketAddress sa = new InetSocketAddress(browserHttpsProxyHost, browserHttpsProxyPort);
+            proxies.add(new Proxy(Type.HTTP, sa));
+        } else if (scheme.equals("ftp")) {
+            SocketAddress sa = new InetSocketAddress(browserFtpProxyHost, browserFtpProxyPort);
+            proxies.add(new Proxy(Type.HTTP, sa));
+        } else if (scheme.equals("socket")) {
+            SocketAddress sa = new InetSocketAddress(browserSocks4ProxyHost, browserSocks4ProxyPort);
+            proxies.add(new Proxy(Type.SOCKS, sa));
+        } else {
+            proxies.add(Proxy.NO_PROXY);
+        }
+        return proxies;
+        return getFromArguments(uri, browserUseSameProxy, true,
+                browserHttpsProxyHost, browserHttpsProxyPort,
+                browserHttpProxyHost, browserHttpProxyPort,
+                browserFtpProxyHost, browserFtpProxyPort,
+                browserSocks4ProxyHost, browserSocks4ProxyPort);
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/browser/FirefoxPreferencesFinder.java

-              r398
+              r429
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.config.Defaults;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
+        }
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Using firefox's profiles file: " + profilesPath);
+        }
+        OutputController.getLogger().log("Using firefox's profiles file: " + profilesPath);
         BufferedReader reader = new BufferedReader(new FileReader(profilesPath));
 …
         } else {
             String fullPath = configPath + path + File.separator + "prefs.js";
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("Found preferences file: " + fullPath);
+            }
+            OutputController.getLogger().log("Found preferences file: " + fullPath);
             return new File(fullPath);
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/browser/FirefoxPreferencesParser.java

-              r348
+              r429
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
+ * <p>
  * A parser for Firefox's preferences file. It can 'parse' Firefox's
  * preferences file and expose the prefrences in a simple to use format.
  * <p>
+ * </p>
  * Sample usage:
  * <pre>
+ * <pre><code>
  * FirefoxPreferencesParser p = new FirefoxPreferencesParser(prefsFile);
  * p.parse();
  * Map&lt;String,String&gt; prefs = p.getPreferences();
  * System.out.println("blink allowed: " + prefs.get("browser.blink_allowed"));
  * </pre>
+ * </code></pre>
  */
 public final class FirefoxPreferencesParser {
 …
                             if (foundKey && foundValue) {
                                 // System.out.println("added (\"" + key + "\", \"" + value + "\")");
+                                //ItwLogger.getLogger().printOutLn("added (\"" + key + "\", \"" + value + "\")");
                                 prefs.put(key, value);
+                            }
 …
             reader.close();
+        }
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Read " + prefs.size() + " entries from Firefox's preferences");
+        }
+        OutputController.getLogger().log("Read " + prefs.size() + " entries from Firefox's preferences");
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/CacheDirectory.java

-              r348
+              r429
 import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 public final class CacheDirectory {
 …
                 delete = false;
+        }
+        if (delete)
+            System.out.println("Delete -- " + root);
+        if (delete){
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Delete -- " + root);
+        }
         //            root.delete();
         return true;

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/CacheEntry.java

-              r348
+              r429
 package net.sourceforge.jnlp.cache;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 …
 /**
  * Describes an entry in the cache.<p>
+ * Describes an entry in the cache.
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
                 return false;
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);;
             return cached; // if can't connect return whether already in cache
 …
                 return true;
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
             return false; // should throw?

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/CacheLRUWrapper.java

-              r418
+              r429
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import net.sourceforge.jnlp.util.PropertiesFile;
 …
  * multiple jvm instances.
+ *
  * @author Andrew Su (asu@redhat.com, andrew.su@utoronto.ca)
+ * @author <a href="mailto:Andrew%20Su%20&lt;asu@redhat.com&gt;">Andrew Su (asu@redhat.com</a>, <a href="mailto:Andrew%20Su%20&lt;andrew.su@utoronto.ca&gt;">andrew.su@utoronto.ca)</a>
+ *
  */
 enum CacheLRUWrapper {
+public enum CacheLRUWrapper {
     INSTANCE;
 …
     /* location of cache directory */
     private final String setCachePath = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_CACHE_DIR);
     private final String cacheDir = new File(setCachePath != null ? setCachePath : System.getProperty("java.io.tmpdir")).getPath();
+    String cacheDir = new File(setCachePath != null ? setCachePath : System.getProperty("java.io.tmpdir")).getPath();
     /*
 …
      * accessed) followed by folder of item. value = path to file.
      */
+    private PropertiesFile cacheOrder = new PropertiesFile(
+            new File(cacheDir + File.separator + "recently_used"));
+    private CacheLRUWrapper(){
+    PropertiesFile cacheOrder = new PropertiesFile(
+            new File(cacheDir + File.separator + CACHE_INDEX_FILE_NAME));
+    public static final String CACHE_INDEX_FILE_NAME = "recently_used";
+    private CacheLRUWrapper() {
         File f = cacheOrder.getStoreFile();
         if (!f.exists()) {
 …
                 FileUtils.createRestrictedFile(f, true);
             } catch (IOException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
+        }
 …
      * Returns an instance of the policy.
+     *
+     * @param propertiesFile
+     * @return
+     * @return an instance of the policy
      */
     public static CacheLRUWrapper getInstance() {
 …
          */
         if (loaded && checkData()) {
+            if (JNLPRuntime.isDebug()) {
+                new LruCacheException().printStackTrace();
+            }
+            System.out.println(R("CFakeCache"));
+            OutputController.getLogger().log(new LruCacheException());
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("CFakeCache"));
             store();
             System.out.println(R("CFakedCache"));
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("CFakedCache"));
+        }
+    }
 …
      * @return List of Strings sorted by ascending order.
      */
+    @SuppressWarnings({"unchecked", "rawtypes"})
+    //although Properties are pretending to be <object,Object> they are always <String,String>
+    //bug in jdk?
     public synchronized List<Entry<String, String>> getLRUSortedEntries() {
         ArrayList<Entry<String, String>> entries = new ArrayList(cacheOrder.entrySet());
+        List<Entry<String, String>> entries = new ArrayList(cacheOrder.entrySet());
         // sort by keys in descending order.
         Collections.sort(entries, new Comparator<Entry<String, String>>() {
 …
         } catch (OverlappingFileLockException e) { // if overlap we just increase the count.
         } catch (Exception e) { // We didn't get a lock..
             e.printStackTrace();
+            OutputController.getLogger().log(e);
+        }
         if (fl != null) lockCount++;
 …
+                }
             } catch (IOException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(e);
+            }
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/CacheUtil.java

-              r418
+              r429
 import static net.sourceforge.jnlp.runtime.Translator.R;
+import java.io.*;
+import java.net.*;
+import java.io.BufferedInputStream;
+import java.io.BufferedOutputStream;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.FilePermission;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLConnection;
 import java.nio.channels.FileChannel;
 import java.nio.channels.FileLock;
 import java.nio.channels.OverlappingFileLockException;
+import java.security.Permission;
 import java.util.ArrayList;
 import java.util.HashMap;
 …
 import java.util.Map.Entry;
 import java.util.Set;
+import java.security.*;
 import javax.jnlp.*;
 import net.sourceforge.jnlp.*;
+import javax.jnlp.DownloadServiceListener;
+import net.sourceforge.jnlp.Version;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.runtime.*;
+import net.sourceforge.jnlp.runtime.ApplicationInstance;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import net.sourceforge.jnlp.util.PropertiesFile;
+import net.sourceforge.jnlp.util.UrlUtils;
 /**
  * Provides static methods to interact with the cache, download
  * indicator, and other utility methods.<p>
+ * indicator, and other utility methods.
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
     /**
      * Compares a URL using string compare of its protocol, host,
      * port, path, query, and anchor.  This method avoids the host
+     * port, path, query, and anchor. This method avoids the host
      * name lookup that URL.equals does for http: protocol URLs.
      * It may not return the same value as the URL.equals method
 …
+        }
         try {
             URL nu1 = ResourceTracker.normalizeUrl(u1, false);
             URL nu2 = ResourceTracker.normalizeUrl(u2, false);
+            URL nu1 = UrlUtils.normalizeUrl(u1);
+            URL nu2 = UrlUtils.normalizeUrl(u2);
             if (notNullUrlEquals(nu1, nu2)) {
                 return true;
 …
     /**
      * Caches a resource and returns a URL for it in the cache;
      * blocks until resource is cached.  If the resource location is
+     * blocks until resource is cached. If the resource location is
      * not cacheable (points to a local file, etc) then the original
      * URL is returned.<p>
+     * URL is returned.
+     *
      * @param location location of the resource
      * @param version the version, or null
+     * @param version the version, or {@code null}
      * @return either the location in the cache or the original location
      */
 …
     /**
      * Compare strings that can be null.
+     * Compare strings that can be {@code null}.
      */
     private static boolean compare(String s1, String s2, boolean ignore) {
 …
     /**
      * Returns the Permission object necessary to access the
      * resource, or null if no permission is needed.
+     * resource, or {@code null} if no permission is needed.
      */
     public static Permission getReadPermission(URL location, Version version) {
 …
             } catch (java.io.IOException ioe) {
                 // should try to figure out the permission
+                if (JNLPRuntime.isDebug())
+                    ioe.printStackTrace();
+                OutputController.getLogger().log(ioe);
+            }
+        }
 …
         if (!okToClearCache()) {
             System.err.println(R("CCannotClearCache"));
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("CCannotClearCache"));
             return false;
+        }
 …
+        }
+        if (JNLPRuntime.isDebug()) {
+            System.err.println("Clearing cache directory: " + cacheDir);
+        }
+        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Clearing cache directory: " + cacheDir);
         try {
             cacheDir = cacheDir.getCanonicalFile();
             FileUtils.recursiveDelete(cacheDir, cacheDir);
+            cacheDir.mkdir();
         } catch (IOException e) {
             throw new RuntimeException(e);
 …
      */
     private static boolean okToClearCache() {
         File otherJavawsRunning = new File(JNLPRuntime.getConfiguration()
                 .getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE));
+        File otherJavawsRunning = new File(JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE));
+        FileLock locking = null;
         try {
             if (otherJavawsRunning.isFile()) {
 …
                 FileChannel channel = fis.getChannel();
+                if (channel.tryLock() == null) {
+                    if (JNLPRuntime.isDebug()) {
+                        System.out.println("Other instances of netx are running");
+                    }
+                locking  = channel.tryLock();
+                if (locking == null) {
+                    OutputController.getLogger().log("Other instances of netx are running");
                     return false;
+                }
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("No other instances of netx are running");
+                }
+                OutputController.getLogger().log("No other instances of netx are running");
                 return true;
             } else {
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("No instance file found");
+                }
+                OutputController.getLogger().log("No instance file found");
                 return true;
+            }
         } catch (IOException e) {
             return false;
+        } finally {
+            if (locking != null) {
+                try {
+                    locking.release();
+                } catch (IOException ex) {
+                    OutputController.getLogger().log(ex);
+                }
+            }
+        }
+    }
 …
      * immediately.
+     *
      * @param source the source URL
+     * @param source the source {@link URL}
      * @param version the versions to check for
      * @param connection a connection to the URL, or null
+     * @param connection a connection to the {@link URL}, or {@code null}
      * @return whether the cache contains the version
      * @throws IllegalArgumentException if the source is not cacheable
 …
             boolean result = entry.isCurrent(connection);
+            if (JNLPRuntime.isDebug())
+                System.out.println("isCurrent: " + source + " = " + result);
+            OutputController.getLogger().log("isCurrent: " + source + " = " + result);
             return result;
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
             return isCached(source, version); // if can't connect return whether already in cache
+        }
 …
         boolean result = entry.isCached();
+        if (JNLPRuntime.isDebug())
+            System.out.println("isCached: " + source + " = " + result);
+        OutputController.getLogger().log("isCached: " + source + " = " + result);
         return result;
 …
      * resource that matches the specified version will be returned.
+     *
      * @param source the source URL
+     * @param source the source {@link URL}
      * @param version the version id of the local file
      * @return the file location in the cache, or null if no versions cached
+     * @return the file location in the cache, or {@code null} if no versions cached
      * @throws IllegalArgumentException if the source is not cacheable
      */
 …
+     *
      * @param urlPath Path of cache item within cache directory.
      * @return File if we have searched before, null otherwise.
+     * @return File if we have searched before, {@code null} otherwise.
      */
     private static File getCacheFileIfExist(File urlPath) {
 …
         int index = path.indexOf(File.separatorChar, len + 1);
         return path.substring(index);
+    }
+    /**
+     * Returns the parent directory of the cached resource.
+     * @param filePath The path of the cached resource directory.
+     */
+    public static String getCacheParentDirectory(String filePath) {
+        String path = filePath;
+        String tempPath = "";
+        while(path.startsWith(cacheDir) && !path.equals(cacheDir)){
+                tempPath = new File(path).getParent();
+                if (tempPath.equals(cacheDir))
+                    break;
+                path = tempPath;
+        }
+        return path;
+    }
 …
                         lruHandler.addEntry(lruHandler.generateKey(cacheFile.getPath()), cacheFile.getPath());
                     } catch (IOException ioe) {
                         ioe.printStackTrace();
+                       OutputController.getLogger().log(ioe);
+                    }
 …
+            }
         } catch (InterruptedException ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
         } finally {
             if (listener != null)
 …
                             FileUtils.recursiveDelete(f, f);
                         } catch (IOException e1) {
                             e1.printStackTrace();
+                            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e1);
+                        }
+                    }
 …
         } catch (OverlappingFileLockException e) {
         } catch (FileNotFoundException e) {
             e.printStackTrace();
+           OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }
 …
             propertiesLockPool.remove(storeFile.getPath());
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/DefaultDownloadIndicator.java

-              r418
+              r429
 import net.sourceforge.jnlp.runtime.*;
 import net.sourceforge.jnlp.util.ImageResources;
+import net.sourceforge.jnlp.util.ScreenFinder;
 /**
 …
     /** shared constraint */
     static GridBagConstraints vertical;
+    static GridBagConstraints verticalNoClean;
     static GridBagConstraints verticalIndent;
     static {
 …
         vertical.anchor = GridBagConstraints.WEST;
+        verticalNoClean = new GridBagConstraints();
+        verticalNoClean.weightx = 1.0;
         verticalIndent = (GridBagConstraints) vertical.clone();
         verticalIndent.insets = new Insets(0, 10, 3, 0);
 …
         synchronized (frameMutex) {
             if (frame == null) {
+                frame = new JFrame(downloading + "...");
+                frame.setIconImages(ImageResources.INSTANCE.getApplicationImages());
+                frame.getContentPane().setLayout(new GridBagLayout());
+                frame=createDownloadIndicatorFrame(true);
+            }
 …
                 for (URL url : resources) {
                     result.addProgressPanel(url, null);
+                }
+            }
 …
             frame.getContentPane().add(result, vertical);
             frame.pack();
+            if (!frame.isVisible()) {
+                Dimension screenSize = Toolkit.getDefaultToolkit().getScreenSize();
+                Insets insets = Toolkit.getDefaultToolkit().getScreenInsets(frame.getGraphicsConfiguration());
+                Dimension screen = new Dimension(screenSize.width - insets.left,
+                        screenSize.height - insets.top);
+                frame.setLocation(screen.width - frame.getWidth(),
+                        screen.height - frame.getHeight());
+            }
+            placeFrameToLowerRight();
+            result.addComponentListener(new ComponentAdapter() {
+                @Override
+                public void componentResized(ComponentEvent e) {
+                    placeFrameToLowerRight();
+                }
+            });
             frame.setVisible(true);
 …
             return result;
+        }
+    }
+     public static JFrame createDownloadIndicatorFrame(boolean undecorated) throws HeadlessException {
+        JFrame f = new JFrame(downloading + "...");
+        f.setUndecorated(undecorated);
+        f.setIconImages(ImageResources.INSTANCE.getApplicationImages());
+        f.getContentPane().setLayout(new GridBagLayout());
+        return f;
+    }
+    /**
+     * This places indicator to lower right corner of active monitor.
+     */
+    private static void placeFrameToLowerRight() throws HeadlessException {
+       Rectangle bounds = ScreenFinder.getCurrentScreenSizeWithoutBounds();
+        frame.setLocation(bounds.width+bounds.x - frame.getWidth(),
+                bounds.height+bounds.y - frame.getHeight());
+    }
 …
      */
     static class DownloadPanel extends JPanel implements DownloadServiceListener {
+        private final DownloadPanel self;
+        private static enum States{
+            ONE_JAR, COLLAPSED, DETAILED;
+         }
+        private static final String DETAILS=R("ButShowDetails");
+        private static final String HIDE_DETAILS=R("ButHideDetails");
         /** the download name */
         private String downloadName;
         /** Downloading part: */
         private JLabel header = new JLabel();
+        /** Show/hide detailsButton button: */
+        private final JButton detailsButton;
+        private static final URL magnifyGlassUrl = ClassLoader.getSystemResource("net/sourceforge/jnlp/resources/showDownloadDetails.png");
+        private static final URL redCrossUrl = ClassLoader.getSystemResource("net/sourceforge/jnlp/resources/hideDownloadDetails.png");
+        private static final Icon magnifyGlassIcon = new ImageIcon(magnifyGlassUrl);
+        private static final Icon redCrossIcon = new ImageIcon(redCrossUrl);
+        /** used  instead of detailsButton button in case of one jar*/
+        private JLabel delimiter = new JLabel("");
+        /** all already created progress bars*/
+        private List<ProgressPanel> progressPanels = new ArrayList<ProgressPanel>();
+        private States state=States.ONE_JAR;
+        private ProgressPanel mainProgressPanel;
         /** list of URLs being downloaded */
         private List<URL> urls = new ArrayList<URL>();
 …
          */
         protected DownloadPanel(String downloadName) {
+            self = this;
             setLayout(new GridBagLayout());
             this.downloadName = downloadName;
             this.add(header, vertical);
+            this.add(header, verticalNoClean);
             header.setFont(header.getFont().deriveFont(Font.BOLD));
+            this.add(delimiter, vertical);
+            detailsButton = new JButton(magnifyGlassIcon);
+            int w = magnifyGlassIcon.getIconWidth();
+            int h = magnifyGlassIcon.getIconHeight();
+            detailsButton.setPreferredSize(new Dimension(w + 2, h + 2));
+            detailsButton.addActionListener(new ActionListener() {
+                @Override
+                public void actionPerformed(ActionEvent e) {
+                    if (state == States.DETAILED) {
+                        state = States.COLLAPSED;
+                        detailsButton.setToolTipText(DETAILS);
+                        detailsButton.setIcon(magnifyGlassIcon);
+                        for (ProgressPanel progressPanel : progressPanels) {
+                            remove(progressPanel);
+                        }
+                        add(mainProgressPanel, verticalIndent);
+                        recreateFrame(true);
+                    } else {
+                        state = States.DETAILED;
+                        detailsButton.setToolTipText(HIDE_DETAILS);
+                        detailsButton.setIcon(redCrossIcon);
+                        remove(mainProgressPanel);
+                        for (ProgressPanel progressPanel : progressPanels) {
+                            add(progressPanel, verticalIndent);
+                        }
+                        recreateFrame(false);
+                    }
+                }
+                public void recreateFrame(boolean undecorated) throws HeadlessException {
+                    JFrame oldFrame = frame;
+                    frame = createDownloadIndicatorFrame(undecorated);
+                    frame.getContentPane().add(self, vertical);
+                    synchronized (frameMutex) {
+                        frame.pack();
+                        placeFrameToLowerRight();
+                    }
+                    frame.setVisible(true);
+                    oldFrame.dispose();
+                }
+            });
             setOverallPercent(0);
+        }
 …
             if (!urls.contains(url)) {
                 ProgressPanel panel = new ProgressPanel(url, version);
+                add(panel, verticalIndent);
+                if (state != States.COLLAPSED) {
+                    add(panel, verticalIndent);
+                }
+                progressPanels.add(panel);
+                urls.add(url);
+                panels.add(panel);
+                //download indicator does not know about added jars
+                //When only one jar is added to downlaod queue then its progress is
+                //shown, and there is no show detail button.
+                //When second one is added, then it already knows that there will
+                //be two or more jars, so it swap to collapsed state in count of two.
+                //no later, no sooner
+                if (panels.size() == 2){
+                    remove(panels.get(0));
+                    remove(panels.get(1));
+                    remove(delimiter);
+                    add(detailsButton,vertical);
+                    mainProgressPanel=new ProgressPanel();
+                    add(mainProgressPanel, verticalIndent);
+                    state=States.COLLAPSED;
+                }
                 synchronized (frameMutex) {
                     frame.pack();
+                }
+                urls.add(url);
+                panels.add(panel);
+                    placeFrameToLowerRight();
+                }
+            }
+        }
 …
                     setOverallPercent(overallPercent);
                     ProgressPanel panel = panels.get(urls.indexOf(url));
                     panel.setProgress(readSoFar, total);
                     panel.repaint();
+                }
             };
 …
         /**
          * Sets the overall percent completed.
+         * should be called via invokeLater
          */
         public void setOverallPercent(int percent) {
 …
             // each update.
             header.setText(downloading + " " + downloadName + ": " + percent + "% " + complete + ".");
+            Container c = header.getParent();
+            //we need to adapt both panels and also frame to new length of header text
+            while (c != null) {
+                c.invalidate();
+                c.validate();
+                if (c instanceof  Window){
+                    ((Window) c).pack();
+                }
+                c=c.getParent();
+            }
+            if (mainProgressPanel != null) {
+                mainProgressPanel.setProgress(percent, 100);
+                mainProgressPanel.repaint();
+            }
+        }
 …
         private long total;
         private long readSoFar;
+        private Dimension size = new Dimension(80, 15);
+        ProgressPanel() {
+            bar.setMinimumSize(size);
+            bar.setPreferredSize(size);
+            bar.setOpaque(false);
+            setLayout(new GridBagLayout());
+            GridBagConstraints gbc = new GridBagConstraints();
+            styleGridBagConstraints(gbc);
+            add(bar, gbc);
+        }
         ProgressPanel(URL url, String version) {
+            JLabel location = new JLabel(" " + url.getHost() + "/" + url.getFile());
+            bar.setMinimumSize(new Dimension(80, 15));
+            bar.setPreferredSize(new Dimension(80, 15));
+            this(" " + url.getHost() + "/" + url.getFile(),version);
+        }
+        ProgressPanel(String caption, String version) {
+            JLabel location = new JLabel(caption);
+            bar.setMinimumSize(size);
+            bar.setPreferredSize(size);
             bar.setOpaque(false);
 …
             gbc.gridwidth = GridBagConstraints.RELATIVE;
             add(bar, gbc);
+            styleGridBagConstraints(gbc);
+            add(location, gbc);
+        }
+        public void setProgress(long readSoFar, long total) {
+            this.readSoFar = readSoFar;
+            this.total = total;
+        }
+        public void paintComponent(Graphics g) {
+            super.paintComponent(g);
+            int x = bar.getX();
+            int y = bar.getY();
+            int h = bar.getHeight();
+            int w = bar.getWidth();
+            if (readSoFar <= 0 || total <= 0) {
+                // make barber pole
+            } else {
+                double progress = (double) readSoFar / (double) total;
+                int divide = (int) (w * progress);
+                g.setColor(Color.white);
+                g.fillRect(x, y, w, h);
+                g.setColor(Color.blue);
+                g.fillRect(x + 1, y + 1, divide - 1, h - 1);
+            }
+        }
+        private void styleGridBagConstraints(GridBagConstraints gbc) {
             gbc.insets = new Insets(0, 3, 0, 0);
             gbc.weightx = 1.0;
 …
             gbc.gridwidth = GridBagConstraints.REMAINDER;
             gbc.anchor = GridBagConstraints.WEST;
-            add(location, gbc);
+        }
-        public void setProgress(long readSoFar, long total) {
-            this.readSoFar = readSoFar;
-            this.total = total;
+        }
-        public void paintComponent(Graphics g) {
-            super.paintComponent(g);
-            int x = bar.getX();
-            int y = bar.getY();
-            int h = bar.getHeight();
-            int w = bar.getWidth();
-            if (readSoFar <= 0 || total <= 0) {
-                // make barber pole
-            } else {
-                double progress = (double) readSoFar / (double) total;
-                int divide = (int) (w * progress);
-                g.setColor(Color.white);
-                g.fillRect(x, y, w, h);
-                g.setColor(Color.blue);
-                g.fillRect(x + 1, y + 1, divide - 1, h - 1);
+            }
+        }
     };

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/DownloadIndicator.java

-              r348
+              r429
     /**
      * Return a download service listener that displays the progress
      * of downloading resources.  Update messages may be reported
      * for URLs that are not included initially.<p>
+     *
+     * of downloading resources. Update messages may be reported
+     * for URLs that are not included initially.
+     * <p>
      * Progress messages are sent as if the DownloadServiceListener
      * were listening to a DownloadService request.  The listener
+     * were listening to a DownloadService request. The listener
      * will receive progress messages from time to time during the
+     * download. <p>
+     * download.
+     * </p>
+     *
      * @param app JNLP application downloading the files, or null if not applicable

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/IllegalResourceDescriptorException.java

-              r418
+              r429
+/* IllegalResourceDescriptorException.java
+   Copyright (C) 2012 Red Hat, Inc.
+This file is part of IcedTea.
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+-1301 USA.
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
 package net.sourceforge.jnlp.cache;
 …
 public class IllegalResourceDescriptorException extends IllegalArgumentException {
     /**
      * Constructs a <code>IllegalResourceDescriptorException</code> with the
+     * Constructs a {@code IllegalResourceDescriptorException} with the
      * specified detail message.
      * @param msg the detail message.

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/Resource.java

-              r418
+              r429
 package net.sourceforge.jnlp.cache;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import java.io.*;
 import java.net.*;
 …
 /**
+ * <p>
  * Information about a single resource to download.
  * This class tracks the downloading of various resources of a
 …
  * jnlp and extension files, jars, and jardiff files using the
  * version based protocol or any file using the basic download
+ * protocol.<p>
+ *
+ * protocol.
+ * </p>
+ * <p>
  * Resources can be put into download groups by specifying a part
  * name for the resource.  The resource tracker can also be
  * configured to prefetch resources, which are downloaded in the
+ * order added to the media tracker.<p>
+ * order added to the media tracker.
+ * </p>
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
             Resource resource = new Resource(location, requestVersion, updatePolicy);
+            //FIXME - url ignores port during its comparison
+            //this may affect test-suites
             int index = resources.indexOf(resource);
             if (index >= 0) { // return existing object
 …
+        }
+        if (JNLPRuntime.isDebug())
+            if (status != orig) {
+                System.out.print("Status: " + getStatusString(status));
+                if ((status & ~orig) != 0)
+                    System.out.print(" +(" + getStatusString(status & ~orig) + ")");
+                if ((~status & orig) != 0)
+                    System.out.print(" -(" + getStatusString(~status & orig) + ")");
+                System.out.println(" @ " + location.getPath());
+           if (status != orig) {
+            OutputController.getLogger().log("Status: " + getStatusString(status));
+            if ((status & ~orig) != 0) {
+                OutputController.getLogger().log(" +(" + getStatusString(status & ~orig) + ")");
+            }
+            if ((~status & orig) != 0) {
+                OutputController.getLogger().log(" -(" + getStatusString(~status & orig) + ")");
+            }
+            OutputController.getLogger().log(" @ " + location.getPath());
+        }
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/ResourceTracker.java

-              r418
+              r429
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.io.UnsupportedEncodingException;
 import java.net.HttpURLConnection;
+import java.net.InetAddress;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.net.URLConnection;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+import java.net.UnknownHostException;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.ArrayList;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.jar.JarOutputStream;
 …
 import net.sourceforge.jnlp.event.DownloadListener;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.HttpUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import net.sourceforge.jnlp.util.UrlUtils;
 import net.sourceforge.jnlp.util.WeakList;
 /**
  * This class tracks the downloading of various resources of a
  * JNLP file to local files in the cache.  It can be used to
+ * JNLP file to local files in the cache. It can be used to
  * download icons, jnlp and extension files, jars, and jardiff
  * files using the version based protocol or any file using the
  * basic download protocol (jardiff and version not implemented
  * yet).<p>
+ *
+ * yet).
+ * <p>
  * The resource tracker can be configured to prefetch resources,
  * which are downloaded in the order added to the media
+ * tracker.<p>
+ *
+ * tracker.
+ * </p>
+ * <p>
  * Multiple threads are used to download and cache resources that
  * are actively being waited for (blocking a caller) or those that
 …
  * This allows the tracker to start downloading many items without
  * using many system resources, but still quickly download items
+ * as needed.<p>
+ * as needed.
+ * </p>
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
     private static final int STARTED = Resource.STARTED;
-    // normalization of url
-    private static final char PATH_DELIMITER_MARK = '/';
-    private static final String PATH_DELIMITER = "" + PATH_DELIMITER_MARK;
-    private static final char QUERY_DELIMITER_MARK = '&';
-    private static final String QUERY_DELIMITER = "" + QUERY_DELIMITER_MARK;
-    private static final char QUERY_MARK = '?';
-    private static final char HREF_MARK = '#';
-    private static final String UTF8 = "utf-8";
     /** max threads */
     private static final int maxThreads = 5;
+    /** methods used to try individual URLs when choosing best*/
+    private static final String[] requestMethods = {"HEAD", "GET"};
     /** running threads */
 …
             throw new IllegalResourceDescriptorException("location==null");
         try {
             location = normalizeUrl(location, JNLPRuntime.isDebug());
+            location = UrlUtils.normalizeUrl(location);
         } catch (Exception ex) {
             System.err.println("Normalization of " + location.toString() + " have failed");
             ex.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Normalization of " + location.toString() + " have failed");
+            OutputController.getLogger().log(ex);
+        }
         Resource resource = Resource.getResource(location, version, updatePolicy);
 …
     /**
      * Check the cache for a resource, and initialize the resource
      * as already downloaded if found. <p>
+     * as already downloaded if found.
+     *
      * @param updatePolicy whether to check for updates if already in cache
 …
             if (entry.isCached() && !updatePolicy.shouldUpdate(entry)) {
+                if (JNLPRuntime.isDebug())
+                    System.out.println("not updating: " + resource.location);
+                OutputController.getLogger().log("not updating: " + resource.location);
                 synchronized (resource) {
 …
     /**
      * Adds the listener to the list of objects interested in
      * receivind DownloadEvents.<p>
+     * receivind DownloadEvents.
+     *
      * @param listener the listener to add.
 …
      * Returns a URL pointing to the cached location of the
      * resource, or the resource itself if it is a non-cacheable
      * resource.<p>
+     *
+     * resource.
+     * <p>
      * If the resource has not downloaded yet, the method will block
+     * until it has been transferred to the cache.<p>
+     * until it has been transferred to the cache.
+     * </p>
+     *
      * @param location the resource location
 …
                 return f.toURL();
         } catch (MalformedURLException ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
+        }
 …
      * Returns a file containing the downloaded resource.  If the
      * resource is non-cacheable then null is returned unless the
      * resource is a local file (the original file is returned).<p>
+     *
+     * resource is a local file (the original file is returned).
+     * <p>
      * If the resource has not downloaded yet, the method will block
+     * until it has been transferred to the cache.<p>
+     * until it has been transferred to the cache.
+     * </p>
+     *
      * @param location the resource location
 …
             if (location.getProtocol().equalsIgnoreCase("file")) {
                 File file = new File(location.getFile());
+                File file = UrlUtils.decodeUrlAsFile(location);
                 if (file.exists())
                     return file;
 …
             return null;
         } catch (InterruptedException ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
             return null; // need an error exception to throw
+        }
+    }
+    /**
+     * Returns an input stream that reads the contents of the
+     * resource.  For non-cacheable resources, an InputStream that
+     * reads from the source location is returned.  Otherwise the
+     * InputStream reads the cached resource.<p>
+     *
+     * This method will block while the resource is downloaded to
+     * the cache.
+     *
+     * @throws IOException if there was an error opening the stream
+     * @throws IllegalResourceDescriptorException if the resource is not being tracked
+     */
+    public InputStream getInputStream(URL location) throws IOException {
+        try {
+            Resource resource = getResource(location);
+            if (!resource.isSet(DOWNLOADED | ERROR))
+                waitForResource(location, 0);
+            if (resource.localFile != null)
+                return new FileInputStream(resource.localFile);
+            return resource.location.openStream();
+        } catch (InterruptedException ex) {
+            throw new IOException("wait was interrupted");
+        }
+    }
     /**
 …
     /**
      * Start a new download thread if there are not too many threads
      * already running.<p>
+     *
+     * already running.
+     * <p>
      * Calls to this method should be synchronized on lock.
+     * </p>
      */
     protected void startThread() {
 …
             threads++;
             Thread thread = new Thread(new Downloader());
+            Thread thread = new Thread(new Downloader(), "DownloaderThread" + threads);
             thread.start();
+        }
 …
     /**
      * A thread is ending, called by the thread itself.<p>
+     *
+     * A thread is ending, called by the thread itself.
+     * <p>
      * Calls to this method should be synchronized.
+     * </p>
      */
     private void endThread() {
 …
             String contentEncoding = con.getContentEncoding();
+            if (JNLPRuntime.isDebug()) {
+                System.err.println("Downloading" + resource.location + " using " +
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Downloading" + resource.location + " using " +
                         realLocation + " (encoding : " + contentEncoding + ")");
+            }
             boolean packgz = "pack200-gzip".equals(contentEncoding) ||
 …
             resource.fireDownloadEvent(); // fire DOWNLOADED
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
             resource.changeStatus(0, ERROR);
             synchronized (lock) {
 …
      */
     private void initializeResource(Resource resource) {
+        //verify connection
+        if(!JNLPRuntime.isOfflineForced()){
+            JNLPRuntime.detectOnline(resource.getLocation()/*or doenloadLocation*/);
+        }
         resource.fireDownloadEvent(); // fire CONNECTING
 …
         try {
             File localFile = CacheUtil.getCacheFile(resource.location, resource.downloadVersion);
+            // connect
+            URL finalLocation = findBestUrl(resource);
+            resource.setDownloadLocation(finalLocation);
+            URLConnection connection = finalLocation.openConnection(); // this won't change so should be okay unsynchronized
+            connection.addRequestProperty("Accept-Encoding", "pack200-gzip, gzip");
+            int size = connection.getContentLength();
+            boolean current = CacheUtil.isCurrent(resource.location, resource.requestVersion, connection) && resource.getUpdatePolicy() != UpdatePolicy.FORCE;
+            if (!current) {
+                if (entry.isCached()) {
+                    entry.markForDelete();
+                    entry.store();
+                    // Old entry will still exist. (but removed at cleanup)
+                    localFile = CacheUtil.makeNewCacheFile(resource.location, resource.downloadVersion);
+                    CacheEntry newEntry = new CacheEntry(resource.location, resource.requestVersion);
+                    newEntry.lock();
+                    entry.unlock();
+                    entry = newEntry;
+            long size = 0;
+            boolean current = true;
+            //this can be null, as it is always filled in online mode, and never read in offline mode
+            URLConnection connection = null;
+            if (localFile != null) {
+                size = localFile.length();
+            } else if (!JNLPRuntime.isOnline()) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "You are trying to get resource " + resource.getLocation().toExternalForm() + " but you are in offline mode, and it is not in cache. Attempting to continue, but you may expect failure");
+            }
+            if (JNLPRuntime.isOnline()) {
+                // connect
+                URL finalLocation = findBestUrl(resource);
+                if (finalLocation == null) {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Attempted to download " + resource.location + ", but failed to connect!");
+                    throw new NullPointerException("finalLocation == null"); // Caught below
+                }
+                resource.setDownloadLocation(finalLocation);
+                connection = finalLocation.openConnection(); // this won't change so should be okay unsynchronized
+                connection.addRequestProperty("Accept-Encoding", "pack200-gzip, gzip");
+                size = connection.getContentLength();
+                current = CacheUtil.isCurrent(resource.location, resource.requestVersion, connection) && resource.getUpdatePolicy() != UpdatePolicy.FORCE;
+                if (!current) {
+                    if (entry.isCached()) {
+                        entry.markForDelete();
+                        entry.store();
+                        // Old entry will still exist. (but removed at cleanup)
+                        localFile = CacheUtil.makeNewCacheFile(resource.location, resource.downloadVersion);
+                        CacheEntry newEntry = new CacheEntry(resource.location, resource.requestVersion);
+                        newEntry.lock();
+                        entry.unlock();
+                        entry = newEntry;
+                    }
+                }
+            }
 …
             // update cache entry
             if (!current)
+            if (!current && JNLPRuntime.isOnline())
                 entry.initialize(connection);
 …
                 ((HttpURLConnection) connection).disconnect();
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
             resource.changeStatus(0, ERROR);
             synchronized (lock) {
 …
+        }
+    }
+    /**
+     * Returns the best URL to use for downloading the resource
+    /**
+     * testing wrapper
+     *
+     * @param url
+     * @param requestProperties
+     * @param requestMethod
+     * @return
+     * @throws IOException
+     */
+    static int getUrlResponseCode(URL url, Map<String, String> requestProperties, String requestMethod) throws IOException {
+        return getUrlResponseCodeWithRedirectonResult(url, requestProperties, requestMethod).result;
+    }
+    private static class CodeWithRedirect {
+        int result = HttpURLConnection.HTTP_OK;
+        URL URL;
+        public boolean shouldRedirect() {
+            return (result == 301
+                    || result == 302
+                    || result == 303/*?*/
+                    || result == 307
+                    || result == 308);
+        }
+        public boolean isInvalid() {
+            return (result < 200 || result >= 300);
+        }
+    }
+    /**
+     * Connects to the given URL, and grabs a response code and redirecton if
+     * the URL uses the HTTP protocol, or returns an arbitrary valid HTTP
+     * response code.
+     *
+     * @return the response code if HTTP connection and redirection value, or
+     * HttpURLConnection.HTTP_OK and null if not.
+     * @throws IOException
+     */
+    static CodeWithRedirect getUrlResponseCodeWithRedirectonResult(URL url, Map<String, String> requestProperties, String requestMethod) throws IOException {
+        CodeWithRedirect result = new CodeWithRedirect();
+        URLConnection connection = url.openConnection();
+        for (Map.Entry<String, String> property : requestProperties.entrySet()) {
+            connection.addRequestProperty(property.getKey(), property.getValue());
+        }
+        if (connection instanceof HttpURLConnection) {
+            HttpURLConnection httpConnection = (HttpURLConnection) connection;
+            httpConnection.setRequestMethod(requestMethod);
+            int responseCode = httpConnection.getResponseCode();
+            /* Fully consuming current request helps with connection re-use
+             * See http://docs.oracle.com/javase/1.5.0/docs/guide/net/http-keepalive.html */
+            HttpUtils.consumeAndCloseConnectionSilently(httpConnection);
+            result.result = responseCode;
+        }
+        Map<String, List<String>> header = connection.getHeaderFields();
+        for (Map.Entry<String, List<String>> entry : header.entrySet()) {
+            OutputController.getLogger().log("Key : " + entry.getKey() + " ,Value : " + entry.getValue());
+        }
+        /*
+         * Do this only on 301,302,303(?)307,308>
+         * Now setting value for all, and lets upper stack to handle it
+         */
+        String possibleRedirect = connection.getHeaderField("Location");
+        if (possibleRedirect != null && possibleRedirect.trim().length() > 0) {
+            result.URL = new URL(possibleRedirect);
+        }
+        return result;
+    }
+    /**
+     * Returns the 'best' valid URL for the given resource.
+     * This first adjusts the file name to take into account file versioning
+     * and packing, if possible.
+     *
      * @param resource the resource
      * @return a URL or null
      */
     private URL findBestUrl(Resource resource) {
+     * @return the best URL, or null if all failed to resolve
+     */
+     URL findBestUrl(Resource resource) {
         DownloadOptions options = downloadOptions.get(resource);
         if (options == null) {
 …
         List<URL> urls = new ResourceUrlCreator(resource, options).getUrls();
+        if (JNLPRuntime.isDebug()) {
+            System.err.println("All possible urls for " +
+                    resource.toString() + " : " + urls);
+        }
+        URL bestUrl = null;
+        for (URL url : urls) {
+            try {
+                URLConnection connection = url.openConnection();
+                connection.addRequestProperty("Accept-Encoding", "pack200-gzip, gzip");
+                if (connection instanceof HttpURLConnection) {
+                    HttpURLConnection con = (HttpURLConnection)connection;
+                    int responseCode = con.getResponseCode();
+                    if (responseCode == -1 || responseCode < 200 || responseCode >= 300) {
+                        continue;
+                    }
+                }
+                if (JNLPRuntime.isDebug()) {
+                    System.err.println("best url for " + resource.toString() + " is " + url.toString());
+                }
+                bestUrl = url;
+                break;
+            } catch (IOException e) {
+                // continue
+            }
+        }
+        return bestUrl;
+    }
+    /**
+     * Pick the next resource to download or initialize.  If there
+         OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "All possible urls for "
+                 + resource.toString() + " : " + urls);
+         for (String requestMethod : requestMethods) {
+             for (int i = 0; i < urls.size(); i++) {
+                 URL url = urls.get(i);
+                 try {
+                     Map<String, String> requestProperties = new HashMap<String, String>();
+                     requestProperties.put("Accept-Encoding", "pack200-gzip, gzip");
+                     CodeWithRedirect response = getUrlResponseCodeWithRedirectonResult(url, requestProperties, requestMethod);
+                     if (response.shouldRedirect()){
+                         if (response.URL == null) {
+                             OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Although " + resource.toString() + " got redirect " + response.result + " code for " + requestMethod + " request for " + url.toExternalForm() + " the target was null. Not following");
+                         } else {
+                             OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Resource " + resource.toString() + " got redirect " + response.result + " code for " + requestMethod + " request for " + url.toExternalForm() + " adding " + response.URL.toExternalForm()+" to list of possible urls");
+                             if (!JNLPRuntime.isAllowRedirect()){
+                                 throw new RedirectionException("The resource " + url.toExternalForm() + " is being redirected (" + response.result + ") to " + response.URL.toExternalForm() + ". This is disabled by default. If you wont to allow it, run javaws with -allowredirect parameter.");
+                             }
+                             urls.add(response.URL);
+                         }
+                     } else if (response.isInvalid()) {
+                         OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "For " + resource.toString() + " the server returned " + response.result + " code for " + requestMethod + " request for " + url.toExternalForm());
+                     } else {
+                         OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "best url for " + resource.toString() + " is " + url.toString() + " by " + requestMethod);
+                         return url; /* This is the best URL */
+                     }
+                 } catch (IOException e) {
+                     // continue to next candidate
+                     OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "While processing " + url.toString() + " by " + requestMethod + " for resource " + resource.toString() + " got " + e + ": ");
+                     OutputController.getLogger().log(e);
+                 }
+             }
+         }
+        /* No valid URL, return null */
+        return null;
+    }
+    /**
+     * Pick the next resource to download or initialize. If there
      * are no more resources requested then one is taken from a
      * resource tracker with prefetch enabled.<p>
+     *
+     * resource tracker with prefetch enabled.
+     * <p>
      * The resource state is advanced before it is returned
+     * (CONNECT-&gt;CONNECTING).<p>
+     *
+     * Calls to this method should be synchronized on lock.<p>
+     *
+     * @return the resource to initialize or download, or null
+     * (CONNECT-&gt;CONNECTING).
+     * </p>
+     * <p>
+     * Calls to this method should be synchronized on lock.
+     * </p>
+     *
+     * @return the resource to initialize or download, or {@code null}
      */
     private static Resource selectNextResource() {
 …
     /**
      * Returns the next resource to be prefetched before
+     * requested.<p>
+     *
+     * Calls to this method should be synchronized on lock.<p>
+     * requested.
+     * <p>
+     * Calls to this method should be synchronized on lock.
+     * </p>
      */
     private static Resource getPrefetch() {
 …
     /**
      * Selects a resource from the source list that has the
      * specified flag set.<p>
+     *
+     * specified flag set.
+     * <p>
      * Calls to this method should be synchronized on lock and
+     * source list.<p>
+     * source list.
+     * </p>
      */
     private static Resource selectByFlag(List<Resource> source, int flag,
 …
+     *
      * @param resources the resources to wait for
      * @param timeout the timeout, or 0 to wait until completed
      * @returns true if the resources were downloaded or had errors,
      * false if the timeout was reached
+     * @param timeout the timeout, or {@code 0} to wait until completed
+     * @return {@code true} if the resources were downloaded or had errors,
+     * {@code false} if the timeout was reached
      * @throws InterruptedException if another thread interrupted the wait
      */
     private boolean wait(Resource resources[], long timeout) throws InterruptedException {
+    private boolean wait(Resource[] resources, long timeout) throws InterruptedException {
         long startTime = System.currentTimeMillis();
 …
+    }
+    private static class RedirectionException extends RuntimeException {
+        public RedirectionException(String string) {
+            super(string);
+        }
+        public RedirectionException(Throwable cause) {
+            super(cause);
+        }
+    }
     // inner classes
 …
                 } catch (Exception ex) {
+                    if (JNLPRuntime.isDebug())
+                        ex.printStackTrace();
+                    OutputController.getLogger().log(ex);
+                }
+            }
 …
+        }
     };
-    private static String normalizeChunk(String base, boolean debug) throws UnsupportedEncodingException {
-        if (base == null) {
-            return base;
+        }
-        if ("".equals(base)) {
-            return base;
+        }
-        String result = base;
-        String ssE = URLDecoder.decode(base, UTF8);
-        //            System.out.println("*" + base + "*");
-        //            System.out.println("-" + ssE + "-");
-        if (base.equals(ssE)) {
-            result = URLEncoder.encode(base, UTF8);
-            if (debug) {
-                System.out.println(base + " chunk needs to be encoded => " + result);
+            }
-        } else {
-            if (debug) {
-                System.out.println(base + " chunk already encoded");
+            }
+        }
-        return result;
+    }
-    public static URL normalizeUrl(URL u, boolean debug) throws MalformedURLException, UnsupportedEncodingException {
-        if (u == null) {
-            return null;
+        }
-        String protocol = u.getProtocol();
-        if (protocol == null || "file".equals(protocol)) {
-            return u;
+        }
-        String file = u.getPath();
-        if (file == null) {
-            return u;
+        }
-        String host = u.getHost();
-        String ref = u.getRef();
-        int port = u.getPort();
-        String query = u.getQuery();
-        String[] qq = {};
-        if (query != null) {
-            qq = query.split(QUERY_DELIMITER);
+        }
-        String[] ss = file.split(PATH_DELIMITER);
-        int normalized = 0;
-        if (debug) {
-            System.out.println("normalizing path " + file + " in " + u.toString());
+        }
-        for (int i = 0; i < ss.length; i++) {
-            String base = ss[i];
-            String r = normalizeChunk(base, debug);
-            if (!r.equals(ss[i])) {
-                normalized++;
+            }
-            ss[i] = r;
+        }
-        if (debug) {
-            System.out.println("normalizing query " + query + " in " + u.toString());
+        }
-        for (int i = 0; i < qq.length; i++) {
-            String base = qq[i];
-            String r = normalizeChunk(base, debug);
-            if (!r.equals(qq[i])) {
-                normalized++;
+            }
-            qq[i] = r;
+        }
-        if (normalized == 0) {
-            if (debug) {
-                System.out.println("Nothing was normalized in this url");
+            }
-            return u;
-        } else {
-            if (debug) {
-                System.out.println(normalized + " chunks normalized, rejoining url");
+            }
+        }
-        StringBuilder composed = new StringBuilder("");
-        for (int i = 0; i < ss.length; i++) {
-            String string = ss[i];
-            if (ss.length <= 1 || (string != null && !"".equals(string))) {
-                composed.append(PATH_DELIMITER_MARK).append(string);
+            }
+        }
-        String composed1 = composed.toString();
-        if (query != null && !query.trim().equals("")) {
-            composed.append(QUERY_MARK);
-            for (int i = 0; i < qq.length; i++) {
-                String string = qq[i];
-                if ((string != null && !"".equals(string))) {
-                    composed.append(string);
-                    if (i != qq.length - 1) {
-                        composed.append(QUERY_DELIMITER_MARK);
+                    }
+                }
+            }
+        }
-        String composed2 = composed.substring(composed1.length() - 1);
-        if (ref != null && !ref.trim().equals("")) {
-            composed.append(HREF_MARK).append(ref);
+        }
-        URL result = new URL(protocol, host, port, composed.toString());
-        if (debug) {
-            System.out.println("normalized `" + composed1 + "` and `" + composed2 + "` in " + result.toString());
+        }
-        return result;
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/ResourceUrlCreator.java

-              r348
+              r429
 import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URISyntaxException;
 import java.net.URL;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
 import java.util.LinkedList;
 import java.util.List;
+import java.io.UnsupportedEncodingException;
 import net.sourceforge.jnlp.DownloadOptions;
 …
      * The Resources may not be downloadable from any of them. The returned order is the order
      * the urls should be attempted in.
      * @return
+     * @return a list of URLs that the resources might be downloadable from
      */
     public List<URL> getUrls() {
 …
+        }
         url = getVersionedUrlUsingQuery(resource);
+        url = getVersionedUrl();
         urls.add(url);
 …
      * @param usePack whether the URL should point to the pack200 file
      * @param useVersion whether the URL should be modified to include the version
      * @return a URL for the resource or null if an appropraite URL can not be found
+     * @return a URL for the resource or null if an appropriate URL can not be found
      */
     protected URL getUrl(Resource resource, boolean usePack, boolean useVersion) {
+    static URL getUrl(Resource resource, boolean usePack, boolean useVersion) {
         if (!(usePack || useVersion)) {
             throw new IllegalArgumentException("either pack200 or version required");
 …
         String filename = location.substring(lastSlash + 1);
         if (useVersion && resource.requestVersion != null) {
+            String parts[] = filename.split("\\.", 2);
+            String name = parts[0];
+            String extension = parts[1];
+            filename = name + "__V" + resource.requestVersion + "." + extension;
+            // With 'useVersion', j2-commons-cli.jar becomes, for example, j2-commons-cli__V1.0.jar
+            String parts[] = filename.split("\\.", -1 /* Keep blank strings*/);
+            StringBuilder sb = new StringBuilder();
+            for (int i = 0; i < parts.length; i++) {
+                sb.append(parts[i]);
+                // Append __V<number> before last '.'
+                if (i == parts.length -2) {
+                    sb.append("__V" + resource.requestVersion);
+                }
+                sb.append('.');
+            }
+            sb.setLength(sb.length() - 1); // remove last '.'
+            filename = sb.toString();
+        }
         if (usePack) {
 …
     /**
+     * Returns the URL for a resource, relying on HTTP query for getting the
+     * right version
+     *
+     * @param resource the resource to get the url for
+     * Returns the URL for this resource, including the resource's version number in the query string
      */
+    protected URL getVersionedUrlUsingQuery(Resource resource) {
+        String actualLocation = resource.getLocation().getProtocol() + "://"
+                + resource.getLocation().getHost();
+        if (resource.getLocation().getPort() != -1) {
+            actualLocation += ":" + resource.getLocation().getPort();
+    protected URL getVersionedUrl() {
+        URL resourceUrl = resource.getLocation();
+        String protocol = uriPartToString(resourceUrl.getProtocol()) + "://";
+        String userInfo = uriPartToString(resourceUrl.getUserInfo());
+        if (!userInfo.isEmpty()) {
+            userInfo += "@";
+        }
+        actualLocation += resource.getLocation().getPath();
+        if (resource.requestVersion != null
+                && resource.requestVersion.isVersionId()) {
+            actualLocation += "?version-id=" + resource.requestVersion;
+        String host = uriPartToString(resourceUrl.getHost());
+        String port;
+        if (resourceUrl.getPort() == -1) {
+            port = "";
+        } else {
+            port = ":" + String.valueOf(resourceUrl.getPort());
+        }
+        URL versionedURL;
+        String path = uriPartToString(resourceUrl.getPath());
+        String query = uriPartToString(resourceUrl.getQuery());
+        if (!query.isEmpty()) {
+            query = "?" + query;
+        }
+        if (resource.requestVersion != null && resource.requestVersion.isVersionId()) {
+            if (!query.isEmpty()) {
+                query += "&";
+            } else {
+                query = "?" + query;
+            }
+            query += "version-id=" + resource.requestVersion;
+        }
         try {
+            versionedURL = new URL(actualLocation);
+            URL url = new URL(protocol + userInfo + host + port + path + query);
+            return url;
         } catch (MalformedURLException e) {
             return resource.getLocation();
+            return resourceUrl;
+        }
+        return versionedURL;
+    }
+    private static String uriPartToString(String part) {
+        if (part == null)
+            return "";
+        return part;
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/cache/UpdatePolicy.java

r348	r429
19	19	/**
20	20	* A policy that determines when a resource should be checked for
21		* an updated version.~~<p>~~
	21	* an updated version.
22	22	*
23	23	* @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author

trunk/icedtea-web/netx/net/sourceforge/jnlp/config/BasicValueValidators.java

-              r372
+              r429
 package net.sourceforge.jnlp.config;
+import java.io.File;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 …
      * file may or may not exist
      */
+    private static class FilePathValidator implements ValueValidator {
+    //package private for testing purposes
+    static class FilePathValidator implements ValueValidator {
         @Override
         public void validate(Object value) throws IllegalArgumentException {
 …
             if (!(possibleValue instanceof String)) {
                 throw new IllegalArgumentException();
+                throw new IllegalArgumentException("Value should be string!");
+            }
             String possibleFile = (String) possibleValue;
+            if (Defaults.OS_DOS_LIKE) {
+                if (!(Character.isLetter(possibleFile.charAt(0)) &&
+                      possibleFile.charAt(1) == ':' &&
+                      (possibleFile.charAt(2) == File.separatorChar ||
+                       possibleFile.charAt(2) == '/'))) {
+                    throw new IllegalArgumentException();
+                }
+            }
+            else
+            if (!(possibleFile.startsWith("/"))) {
+                throw new IllegalArgumentException();
+            }
+        }
+        @Override
+        public String getPossibleValues() {
+            return Defaults.OS_DOS_LIKE ? R("VVPossibleFileValuesDOS") : R("VVPossibleFileValues");
+                boolean absolute = new File(possibleFile).isAbsolute();
+                if (!absolute) {
+                    throw new IllegalArgumentException("File must be absolute");
+                }
+        }
+        @Override
+        public String getPossibleValues() {
+            return R("VVPossibleFileValues");
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/config/Defaults.java

-              r397
+              r429
 import java.util.HashMap;
 import java.util.Map;
+import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel;
 import net.sourceforge.jnlp.ShortcutDesc;
 …
  */
 public class Defaults {
+    final static String SYSTEM_HOME = System.getProperty("java.home");
+    final static String SYSTEM_SECURITY = SYSTEM_HOME + File.separator + "lib" + File.separator + "security";
+    final static String USER_CONFIG_HOME;
+    public final static String USER_CACHE_HOME;
+    final static String USER_SECURITY;
+    final static String LOCKS_DIR = System.getProperty("java.io.tmpdir") + File.separator
+            + System.getProperty("user.name") + File.separator + "netx" + File.separator
+            + "locks";
+    final static File userFile;
+    static {
+        String configHome = System.getProperty("user.home") + File.separator + DeploymentConfiguration.DEPLOYMENT_CONFIG_DIR;
+        String cacheHome = System.getProperty("user.home") + File.separator + DeploymentConfiguration.DEPLOYMENT_CACHE_DIR;
+        String XDG_CONFIG_HOME = System.getenv("XDG_CONFIG_HOME");
+        String XDG_CACHE_HOME = System.getenv("XDG_CACHE_HOME");
+        if (XDG_CONFIG_HOME != null) {
+            configHome = XDG_CONFIG_HOME + File.separator + DeploymentConfiguration.DEPLOYMENT_SUBDIR_DIR;
+        }
+        if (XDG_CACHE_HOME != null) {
+            cacheHome = XDG_CACHE_HOME + File.separator + DeploymentConfiguration.DEPLOYMENT_SUBDIR_DIR;
+        }
+        USER_CONFIG_HOME = configHome;
+        USER_CACHE_HOME = cacheHome;
+        USER_SECURITY = USER_CONFIG_HOME + File.separator + "security";
+        userFile = new File(USER_CONFIG_HOME + File.separator + DeploymentConfiguration.DEPLOYMENT_PROPERTIES);
+    }
     /**
 …
      */
     public static Map<String, Setting<String>> getDefaults() {
-        File userFile = new File(System.getProperty("user.home") + File.separator + DeploymentConfiguration.DEPLOYMENT_DIR
-                + File.separator + DeploymentConfiguration.DEPLOYMENT_PROPERTIES);
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
 …
+        }
-        final String SYSTEM_HOME = System.getProperty("java.home");
-        final String SYSTEM_SECURITY = SYSTEM_HOME + File.separator + "lib" + File.separator + "security";
-        final String USER_HOME = System.getProperty("user.home") + File.separator + DeploymentConfiguration.DEPLOYMENT_DIR;
-        final String USER_SECURITY = USER_HOME + File.separator + "security";
-        final String LOCKS_DIR = System.getProperty("java.io.tmpdir") + File.separator
-                + System.getProperty("user.name") + File.separator + "netx" + File.separator
-                + "locks";
         /*
 …
                         DeploymentConfiguration.KEY_USER_CACHE_DIR,
                         BasicValueValidators.getFilePathValidator(),
                         USER_HOME + File.separator + "cache"
+                        USER_CACHE_HOME + File.separator + "cache"
                 },
+                {
                         DeploymentConfiguration.KEY_USER_PERSISTENCE_CACHE_DIR,
                         BasicValueValidators.getFilePathValidator(),
                         USER_HOME + File.separator + "pcache"
+                        USER_CACHE_HOME + File.separator + "pcache"
                 },
+                {
 …
                         DeploymentConfiguration.KEY_USER_LOG_DIR,
                         BasicValueValidators.getFilePathValidator(),
                         USER_HOME + File.separator + "log"
+                        USER_CONFIG_HOME + File.separator + "log"
                 },
+                {
                         DeploymentConfiguration.KEY_USER_TMP_DIR,
                         BasicValueValidators.getFilePathValidator(),
                         USER_HOME + File.separator + "tmp"
+                        USER_CACHE_HOME + File.separator + "tmp"
                 },
+                {
 …
                                 DeploymentConfiguration.CONSOLE_DISABLE,
                                 DeploymentConfiguration.CONSOLE_HIDE,
+                                DeploymentConfiguration.CONSOLE_SHOW
+                                DeploymentConfiguration.CONSOLE_SHOW,
+                                DeploymentConfiguration.CONSOLE_SHOW_PLUGIN,
+                                DeploymentConfiguration.CONSOLE_SHOW_JAVAWS
                         }),
                         DeploymentConfiguration.CONSOLE_HIDE
                 },
-                /* tracing and logging */
+                {
-                        DeploymentConfiguration.KEY_ENABLE_TRACING,
-                        BasicValueValidators.getBooleanValidator(),
-                        String.valueOf(false)
-                },
+                {
                         DeploymentConfiguration.KEY_ENABLE_LOGGING,
                         BasicValueValidators.getBooleanValidator(),
                         String.valueOf(false)
+                },
+                {
+                        DeploymentConfiguration.KEY_ENABLE_LOGGING_HEADERS,
+                        BasicValueValidators.getBooleanValidator(),
+                        String.valueOf(false)
+                },
+                {
+                        DeploymentConfiguration.KEY_ENABLE_LOGGING_TOFILE,
+                        BasicValueValidators.getBooleanValidator(),
+                        String.valueOf(false)
+                },
+                {
+                        DeploymentConfiguration.KEY_ENABLE_LOGGING_TOSTREAMS,
+                        BasicValueValidators.getBooleanValidator(),
+                        String.valueOf(true)
+                },
+                {
+                        DeploymentConfiguration.KEY_ENABLE_LOGGING_TOSYSTEMLOG,
+                        BasicValueValidators.getBooleanValidator(),
+                        String.valueOf(true)
                 },
                 /* JNLP association */
 …
                         BasicValueValidators.getRangedIntegerValidator(0, 10000),
                         String.valueOf(500)
+                },
+                //JVM arguments for plugin
+                {
+                        DeploymentConfiguration.KEY_PLUGIN_JVM_ARGUMENTS,
+                        null,
+                        null
+                },
+               //unsigned applet security level
+                {
+                DeploymentConfiguration.KEY_SECURITY_LEVEL,
+                new SecurityValueValidator(),
+                null
+                },
+                //JVM executable for itw
+                {
+                        DeploymentConfiguration.KEY_JRE_DIR,
+                        null,
+                        null
+                },
+                //enable manifest-attributes checks
+                {
+                        DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK,
+                        BasicValueValidators.getBooleanValidator(),
+                        String.valueOf(true)
+                }
         };

trunk/icedtea-web/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java

-              r348
+              r429
 import javax.naming.ConfigurationException;
+import javax.swing.JOptionPane;
+import net.sourceforge.jnlp.cache.CacheLRUWrapper;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
 public final class DeploymentConfiguration {
+    public static final String DEPLOYMENT_DIR = ".icedtea";
+    public static final String DEPLOYMENT_CONFIG = "deployment.config";
+    public static final String DEPLOYMENT_SUBDIR_DIR = "icedtea-web";
+    public static final String DEPLOYMENT_CACHE_DIR = ".cache" + File.separator + DEPLOYMENT_SUBDIR_DIR;
+    public static final String DEPLOYMENT_CONFIG_DIR = ".config" + File.separator + DEPLOYMENT_SUBDIR_DIR;
+    public static final String DEPLOYMENT_CONFIG_FILE = "deployment.config";
     public static final String DEPLOYMENT_PROPERTIES = "deployment.properties";
+    public static final String APPLET_TRUST_SETTINGS = ".appletTrustSettings";
     public static final String DEPLOYMENT_COMMENT = "Netx deployment configuration";
 …
     public static final int JNLP_ASSOCIATION_REPLACE_ASK = 3;
+    /*
+     * FIXME these should be moved into JavaConsole, but there is a strange
+     * dependency in the build system. First all of netx is built. Then the
+     * plugin is built. So we cannot refer to plugin code in here :(
+    /**
+     * when set to as value of KEY_CONSOLE_STARTUP_MODE = "deployment.console.startup.mode",
+     * then console is not visible by default, but may be shown
      */
     public static final String CONSOLE_HIDE = "HIDE";
+    /**
+     * when set to as value of KEY_CONSOLE_STARTUP_MODE = "deployment.console.startup.mode",
+     * then console show for both javaws and plugin
+     */
     public static final String CONSOLE_SHOW = "SHOW";
+    /**
+     * when set to as value of KEY_CONSOLE_STARTUP_MODE = "deployment.console.startup.mode",
+     * then console is not visible by default, nop data are passed to it (save memory and cpu) but can not be shown
+     */
     public static final String CONSOLE_DISABLE = "DISABLE";
+    /**
+     * when set to as value of KEY_CONSOLE_STARTUP_MODE = "deployment.console.startup.mode",
+     * then console show for  plugin
+     */
+    public static final String CONSOLE_SHOW_PLUGIN = "SHOW_PLUGIN_ONLY";
+    /**
+     * when set to as value of KEY_CONSOLE_STARTUP_MODE = "deployment.console.startup.mode",
+     * then console show for javaws
+     */
+    public static final String CONSOLE_SHOW_JAVAWS = "SHOW_JAVAWS_ONLY";
     public static final String KEY_USER_CACHE_DIR = "deployment.user.cachedir";
 …
     public static final String KEY_SECURITY_PROMPT_USER = "deployment.security.askgrantdialog.show";
+    //enum of AppletSecurityLevel in result
+    public static final String KEY_SECURITY_LEVEL = "deployment.security.level";
     public static final String KEY_SECURITY_TRUSTED_POLICY = "deployment.security.trusted.policy";
 …
      * Networking
      */
+    /** the proxy type. possible values are {@code JNLPProxySelector.PROXY_TYPE_*} */
     public static final String KEY_PROXY_TYPE = "deployment.proxy.type";
+    /** Boolean. If true, the http host/port should be used for https and ftp as well */
     public static final String KEY_PROXY_SAME = "deployment.proxy.same";
     public static final String KEY_PROXY_AUTO_CONFIG_URL = "deployment.proxy.auto.config.url";
     public static final String KEY_PROXY_BYPASS_LIST = "deployment.proxy.bypass.list";
 …
     /*
+     * Tracing and Logging
+     */
+    public static final String KEY_ENABLE_TRACING = "deployment.trace";
+    public static final String KEY_ENABLE_LOGGING = "deployment.log";
+     * Logging
+     */
+    public static final String KEY_ENABLE_LOGGING = "deployment.log"; //same as verbose or ICEDTEAPLUGIN_DEBUG=true
+    public static final String KEY_ENABLE_LOGGING_HEADERS = "deployment.log.headers"; //will add header OutputContorll.getHeader To all messages
+    public static final String KEY_ENABLE_LOGGING_TOFILE = "deployment.log.file";
+    public static final String KEY_ENABLE_LOGGING_TOSTREAMS = "deployment.log.stdstreams";
+    public static final String KEY_ENABLE_LOGGING_TOSYSTEMLOG = "deployment.log.system";
     /*
+     * Console
+     * manifest check
+     */
+    public static final String KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK = "deployment.manifest.attributes.check";
+    /**
+     * Console initial status.
+     * One of CONSOLE_* values
+     * See declaration above:
+     * CONSOLE_HIDE = "HIDE";
+     * CONSOLE_SHOW = "SHOW";
+     * CONSOLE_DISABLE = "DISABLE";
+     * CONSOLE_SHOW_PLUGIN = "SHOW_PLUGIN_ONLY";
+     * CONSOLE_SHOW_JAVAWS = "SHOW_JAVAWS_ONLY";
      */
     public static final String KEY_CONSOLE_STARTUP_MODE = "deployment.console.startup.mode";
     /*
 …
     public static final String KEY_UPDATE_TIMEOUT = "deployment.javaws.update.timeout";
+    /*
+     * JVM arguments for plugin
+     */
+    public static final String KEY_PLUGIN_JVM_ARGUMENTS= "deployment.plugin.jvm.arguments";
+    public static final String KEY_JRE_DIR= "deployment.jre.dir";
+    private ConfigurationException loadingException = null;
+    public void setLoadingException(ConfigurationException ex) {
+        loadingException = ex;
+    }
+    public ConfigurationException getLoadingException() {
+        return loadingException;
+    }
+    public void resetToDefaults() {
+        currentConfiguration = Defaults.getDefaults();
+    }
     public enum ConfigType {
         System, User
 …
     private boolean systemPropertiesMandatory = false;
     /** The system's deployment.config file */
+    /** The system's subdirResult deployment.config file */
     private File systemPropertiesFile = null;
     /** The user's deployment.config file */
+    /** The user's subdirResult deployment.config file */
     private File userPropertiesFile = null;
+    /*default user file*/
+    public static final File USER_DEPLOYMENT_PROPERTIES_FILE = new File(Defaults.USER_CONFIG_HOME + File.separator + DEPLOYMENT_PROPERTIES);
     /** the current deployment properties */
 …
      * Generally, it will try to continue and ignore errors it finds (such as file not found).
+     *
      * @throws DeploymentException if it encounters a fatal error.
+     * @throws ConfigurationException if it encounters a fatal error.
      */
     public void load() throws ConfigurationException {
 …
+    }
+    public static File getAppletTrustUserSettingsPath() {
+        return new File(Defaults.USER_CONFIG_HOME + File.separator + APPLET_TRUST_SETTINGS);
+    }
+     public static File getAppletTrustGlobalSettingsPath() {
+       return new File(File.separator + "etc" + File.separator + ".java" + File.separator
+                + "deployment" + File.separator + APPLET_TRUST_SETTINGS);
+    }
     /**
      * Initialize this deployment configuration by reading configuration files.
 …
      * @param fixIssues If true, fix issues that are discovered when reading configuration by
      * resorting to the default values
      * @throws DeploymentException if it encounters a fatal error.
+     * @throws ConfigurationException if it encounters a fatal error.
      */
     public void load(boolean fixIssues) throws ConfigurationException {
         // make sure no state leaks if security check fails later on
+        File userFile = new File(System.getProperty("user.home") + File.separator + DEPLOYMENT_DIR
+                + File.separator + DEPLOYMENT_PROPERTIES);
+        File userFile = new File(USER_DEPLOYMENT_PROPERTIES_FILE.getAbsolutePath());
         SecurityManager sm = System.getSecurityManager();
 …
+        }
+        File systemConfigFile = findSystemConfigFile();
+        load(systemConfigFile, userFile, fixIssues);
+    }
+    void load(File systemConfigFile, File userFile, boolean fixIssues) throws ConfigurationException {
         Map<String, Setting<String>> initialProperties = Defaults.getDefaults();
 …
         /*
          * First, try to read the system's deployment.config file to find if
+         * First, try to read the system's subdirResult deployment.config file to find if
          * there is a system-level deployment.poperties file
          */
-        File systemConfigFile = findSystemConfigFile();
         if (systemConfigFile != null) {
             if (loadSystemConfiguration(systemConfigFile)) {
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("System level " + DEPLOYMENT_CONFIG + " is mandatory: " + systemPropertiesMandatory);
+                }
+                OutputController.getLogger().log("System level " + DEPLOYMENT_CONFIG_FILE + " is mandatory: " + systemPropertiesMandatory);
                 /* Second, read the System level deployment.properties file */
                 systemProperties = loadProperties(ConfigType.System, systemPropertiesFile,
 …
         /*
          * Third, read the user's deployment.properties file
+         * Third, read the user's subdirResult deployment.properties file
          */
         userPropertiesFile = userFile;
 …
     /**
+     * Copies the current configuration into the target
+     */
+    public void copyTo(Properties target) {
+        Set<String> names = getAllPropertyNames();
+        for (String name : names) {
+            String value = getProperty(name);
+            // for Properties, missing and null are identical
+            if (value != null) {
+                target.setProperty(name, value);
+            }
+        }
+    }
+    /**
      * Get the value for the given key
+     *
 …
             Setting<String> s = initial.get(key);
             if (!(s.getName().equals(key))) {
                 System.out.println(R("DCInternal", "key " + key + " does not match setting name " + s.getName()));
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("DCInternal", "key " + key + " does not match setting name " + s.getName()));
             } else if (!defaults.containsKey(key)) {
                 System.out.println(R("DCUnknownSettingWithName", key));
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("DCUnknownSettingWithName", key));
             } else {
                 ValueValidator checker = defaults.get(key).getValidator();
 …
                     checker.validate(s.getValue());
                 } catch (IllegalArgumentException e) {
                     System.out.println(R("DCIncorrectValue", key, s.getValue(), checker.getPossibleValues()));
+                    OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("DCIncorrectValue", key, s.getValue(), checker.getPossibleValues()));
                     s.setValue(s.getDefaultValue());
+                    OutputController.getLogger().log(e);
+                }
+            }
 …
     private File findSystemConfigFile() {
         File etcFile = new File(File.separator + "etc" + File.separator + ".java" + File.separator
                 + "deployment" + File.separator + DEPLOYMENT_CONFIG);
+                + "deployment" + File.separator + DEPLOYMENT_CONFIG_FILE);
         if (etcFile.isFile()) {
             return etcFile;
+        }
+        File jreFile = new File(System.getProperty("java.home") + File.separator + "lib"
+                + File.separator + DEPLOYMENT_CONFIG);
+        String jrePath = null;
+        try {
+            Map<String, Setting<String>> tmpProperties = parsePropertiesFile(USER_DEPLOYMENT_PROPERTIES_FILE);
+            Setting<String> jreSetting = tmpProperties.get(KEY_JRE_DIR);
+            if (jreSetting != null) {
+                jrePath = jreSetting.getValue();
+            }
+        } catch (Exception ex) {
+            OutputController.getLogger().log(ex);
+        }
+        File jreFile;
+        if (jrePath != null) {
+            jreFile = new File(jrePath + File.separator + "lib"
+                    + File.separator + DEPLOYMENT_CONFIG_FILE);
+        } else {
+            jreFile = new File(System.getProperty("java.home") + File.separator + "lib"
+                    + File.separator + DEPLOYMENT_CONFIG_FILE);
+        }
         if (jreFile.isFile()) {
             return jreFile;
 …
      * system-properties related variables
      */
+    private boolean loadSystemConfiguration(File configFile) {
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Loading system configuation from: " + configFile);
+        }
+    private boolean loadSystemConfiguration(File configFile) throws ConfigurationException {
+        OutputController.getLogger().log("Loading system configuation from: " + configFile);
         Map<String, Setting<String>> systemConfiguration = new HashMap<String, Setting<String>>();
 …
             systemConfiguration = parsePropertiesFile(configFile);
         } catch (IOException e) {
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("No System level " + DEPLOYMENT_PROPERTIES + " found.");
+            }
+            OutputController.getLogger().log("No System level " + DEPLOYMENT_CONFIG_FILE + " found.");
+            OutputController.getLogger().log(e);
             return false;
+        }
 …
          * completely
          */
+        String urlString = null;
         try {
+            String urlString = systemConfiguration.get("deployment.system.config").getValue();
+            if (urlString == null) {
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("No System level " + DEPLOYMENT_PROPERTIES + " found.");
+                }
+            Setting<String> urlSettings = systemConfiguration.get("deployment.system.config");
+            if (urlSettings == null || urlSettings.getValue() == null) {
+                OutputController.getLogger().log("No System level " + DEPLOYMENT_PROPERTIES + " found in "+configFile.getAbsolutePath());
                 return false;
+            }
+            urlString = urlSettings.getValue();
+            Setting<String> mandatory = systemConfiguration.get("deployment.system.config.mandatory");
+            systemPropertiesMandatory = Boolean.valueOf(mandatory == null ? null : mandatory.getValue()); //never null
+            OutputController.getLogger().log("System level settings " + DEPLOYMENT_PROPERTIES + " are mandatory:" + systemPropertiesMandatory);
             URL url = new URL(urlString);
             if (url.getProtocol().equals("file")) {
                 systemPropertiesFile = new File(url.getFile());
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("Using System level" + DEPLOYMENT_PROPERTIES + ": "
+                            + systemPropertiesFile);
+                }
+                Setting<String> mandatory = systemConfiguration.get("deployment.system.config.mandatory");
+                systemPropertiesMandatory = Boolean.valueOf(mandatory == null ? null : (String) mandatory.getValue());
+                OutputController.getLogger().log("Using System level" + DEPLOYMENT_PROPERTIES + ": " + systemPropertiesFile);
                 return true;
             } else {
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("Remote + " + DEPLOYMENT_PROPERTIES + " not supported");
+                }
+                OutputController.getLogger().log("Remote + " + DEPLOYMENT_PROPERTIES + " not supported: " + urlString + "in " + configFile.getAbsolutePath());
                 return false;
+            }
         } catch (MalformedURLException e) {
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("Invalid url for " + DEPLOYMENT_PROPERTIES);
+            }
+            return false;
+            OutputController.getLogger().log("Invalid url for " + DEPLOYMENT_PROPERTIES+ ": " + urlString + "in " + configFile.getAbsolutePath());
+            OutputController.getLogger().log(e);
+            if (systemPropertiesMandatory){
+                ConfigurationException ce = new ConfigurationException("Invalid url to system properties, which are mandatory");
+                ce.initCause(e);
+                throw ce;
+            } else {
+                return false;
+            }
+        }
+    }
 …
             throws ConfigurationException {
         if (file == null || !file.isFile()) {
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("No " + type.toString() + " level " + DEPLOYMENT_PROPERTIES + " found.");
+            }
+            OutputController.getLogger().log("No " + type.toString() + " level " + DEPLOYMENT_PROPERTIES + " found.");
             if (!mandatory) {
                 return null;
 …
+        }
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Loading " + type.toString() + " level properties from: " + file);
+        }
+        OutputController.getLogger().log("Loading " + type.toString() + " level properties from: " + file);
         try {
             return parsePropertiesFile(file);
         } catch (IOException e) {
+            if (mandatory){
+                ConfigurationException ce = new ConfigurationException("Exception during loading of " + file + " which is mandatory to read");
+                ce.initCause(e);
+                throw ce;
+            }
+            OutputController.getLogger().log(e);
             return null;
+        }
 …
+        }
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Saving properties into " + userPropertiesFile.toString());
+        }
+        OutputController.getLogger().log("Saving properties into " + userPropertiesFile.toString());
         Properties toSave = new Properties();
         for (String key : currentConfiguration.keySet()) {
             String oldValue = unchangeableConfiguration.get(key) == null ? null
                     : (String) unchangeableConfiguration.get(key).getValue();
             String newValue = currentConfiguration.get(key) == null ? null : (String) currentConfiguration
+                    : unchangeableConfiguration.get(key).getValue();
+            String newValue = currentConfiguration.get(key) == null ? null : currentConfiguration
                     .get(key).getValue();
             if (oldValue == null && newValue == null) {
 …
+     *
      * @param propertiesFile the file to read Properties from
-     * @param destination the map to which all the properties should be added
      * @throws IOException if an IO problem occurs
      */
 …
     @SuppressWarnings("unused")
     private static void dumpConfiguration(Map<String, Setting<String>> config, PrintStream out) {
         System.out.println("KEY: VALUE [Locked]");
+        OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "KEY: VALUE [Locked]");
         for (String key : config.keySet()) {
 …
+        }
+    }
+    public static void move14AndOlderFilesTo15StructureCatched() {
+        try {
+            move14AndOlderFilesTo15Structure();
+        } catch (Throwable t) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Critical error during converting old files to new. Continuing");
+            OutputController.getLogger().log(t);
+        }
+    }
+    private static void move14AndOlderFilesTo15Structure() {
+        int errors = 0;
+        String PRE_15_DEPLOYMENT_DIR = ".icedtea";
+        String LEGACY_USER_HOME = System.getProperty("user.home") + File.separator + PRE_15_DEPLOYMENT_DIR;
+        File configDir = new File(Defaults.USER_CONFIG_HOME);
+        File cacheDir = new File(Defaults.USER_CACHE_HOME);
+        File legacyUserDir = new File(LEGACY_USER_HOME);
+        if (legacyUserDir.exists()) {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Legacy configuration and cache found. Those will be now transported to new locations");
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Defaults.USER_CONFIG_HOME + " and " + Defaults.USER_CACHE_HOME);
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "You should not see this message next time you run icedtea-web!");
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Your custom dirs will not be touched and will work");
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "-----------------------------------------------");
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Preparing new directories:");
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, " " + Defaults.USER_CONFIG_HOME);
+            errors += resultToStd(configDir.mkdirs());
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, " " + Defaults.USER_CACHE_HOME);
+            errors += resultToStd(cacheDir.mkdirs());
+            String legacySecurity = LEGACY_USER_HOME + File.separator + "security";
+            String currentSecurity = Defaults.USER_SECURITY;
+            errors += moveLegacyToCurrent(legacySecurity, currentSecurity);
+            String legacyCache = LEGACY_USER_HOME + File.separator + "cache";
+            String currentCache = Defaults.getDefaults().get(DeploymentConfiguration.KEY_USER_CACHE_DIR).getDefaultValue();
+            errors += moveLegacyToCurrent(legacyCache, currentCache);
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Adapting " + CacheLRUWrapper.CACHE_INDEX_FILE_NAME + " to new destination");
+            //replace all legacyCache by currentCache in new recently_used
+            try {
+                File f = new File(currentCache, CacheLRUWrapper.CACHE_INDEX_FILE_NAME);
+                String s = FileUtils.loadFileAsString(f);
+                s = s.replace(legacyCache, currentCache);
+                FileUtils.saveFile(s, f);
+            } catch (IOException ex) {
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, ex);
+                errors++;
+            }
+            String legacyPcahceDir = LEGACY_USER_HOME + File.separator + "pcache";
+            String currentPcacheDir = Defaults.getDefaults().get(DeploymentConfiguration.KEY_USER_PERSISTENCE_CACHE_DIR).getDefaultValue();
+            errors += moveLegacyToCurrent(legacyPcahceDir, currentPcacheDir);
+            String legacyLogDir = LEGACY_USER_HOME + File.separator + "log";
+            String currentLogDir = Defaults.getDefaults().get(DeploymentConfiguration.KEY_USER_LOG_DIR).getDefaultValue();
+            errors += moveLegacyToCurrent(legacyLogDir, currentLogDir);
+            String legacyProperties = LEGACY_USER_HOME + File.separator + DEPLOYMENT_PROPERTIES;
+            String currentProperties = Defaults.USER_CONFIG_HOME + File.separator + DEPLOYMENT_PROPERTIES;
+            errors += moveLegacyToCurrent(legacyProperties, currentProperties);
+            String legacyPropertiesOld = LEGACY_USER_HOME + File.separator + DEPLOYMENT_PROPERTIES + ".old";
+            String currentPropertiesOld = Defaults.USER_CONFIG_HOME + File.separator + DEPLOYMENT_PROPERTIES + ".old";
+            errors += moveLegacyToCurrent(legacyPropertiesOld, currentPropertiesOld);
+            String legacyAppletTrust = LEGACY_USER_HOME + File.separator + APPLET_TRUST_SETTINGS;
+            String currentAppletTrust = getAppletTrustUserSettingsPath().getAbsolutePath();
+            errors += moveLegacyToCurrent(legacyAppletTrust, currentAppletTrust);
+            String legacyTmp = LEGACY_USER_HOME + File.separator + "tmp";
+            String currentTmp = Defaults.getDefaults().get(DeploymentConfiguration.KEY_USER_TMP_DIR).getDefaultValue();
+            errors += moveLegacyToCurrent(legacyTmp, currentTmp);
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Removing now empty " + LEGACY_USER_HOME);
+            errors += resultToStd(legacyUserDir.delete());
+            if (errors != 0) {
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "There occureed " + errors + " errors");
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Please double check content of old data in " + LEGACY_USER_HOME + " with ");
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "new " + Defaults.USER_CONFIG_HOME + " and " + Defaults.USER_CACHE_HOME);
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "To disable this check again, please remove " + LEGACY_USER_HOME);
+            }
+        } else {
+            OutputController.getLogger().log("System is already following XDG .cache and .config specifications");
+            try {
+                OutputController.getLogger().log("config: " + Defaults.USER_CONFIG_HOME + " file exists: " + configDir.exists());
+            } catch (Exception ex) {
+                OutputController.getLogger().log(ex);
+            }
+            try {
+                OutputController.getLogger().log("cache: " + Defaults.USER_CACHE_HOME + " file exists:" + cacheDir.exists());
+            } catch (Exception ex) {
+                OutputController.getLogger().log(ex);
+            }
+        }
+        //this call should endure even if (ever) will migration code be removed
+        DirectoryValidator.DirectoryCheckResults r = new DirectoryValidator().ensureDirs();
+        if (!JNLPRuntime.isHeadless()) {
+            if (r.getFailures() > 0) {
+                JOptionPane.showMessageDialog(null, r.getMessage());
+            }
+        }
+    }
+    private static int moveLegacyToCurrent(String legacy, String current) {
+        OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Moving " + legacy + " to " + current);
+        File cf = new File(current);
+        File old = new File(legacy);
+        if (cf.exists()) {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Warning! Destination " + current + " exists!");
+        }
+        if (old.exists()) {
+            boolean moved = old.renameTo(cf);
+            return resultToStd(moved);
+        } else {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "Source " + legacy + " do not exists, nothing to do");
+            return 0;
+        }
+    }
+    private static int resultToStd(boolean securityMove) {
+        if (securityMove) {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "OK");
+            return 0;
+        } else {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "ERROR");
+            return 1;
+        }
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/config/Setting.java

r348	r429
68	68	* recognized setting, use null.
69	69	* @param value the initial value of this setting
70		* @param source the origin of the value (a file, or perhaps "~~<internal>~~")
	70	* @param source the origin of the value (a file, or perhaps "{@code <internal>}")
71	71	*/
72	72	public Setting(String name, String description, boolean locked,

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/AboutPanel.java

-              r348
+              r429
 import java.awt.GridBagConstraints;
 import java.awt.GridBagLayout;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
 import javax.swing.Box;
+import javax.swing.JButton;
 import javax.swing.JLabel;
+import net.sourceforge.jnlp.about.AboutDialog;
 import net.sourceforge.jnlp.runtime.Translator;
 …
         JLabel logo = new JLabel();
         JLabel aboutLabel = new JLabel("<html>" + Translator.R("CPAboutInfo") + "</html>");
+        JButton aboutButton = new JButton(Translator.R("AboutDialogueTabAbout"));
+        aboutButton.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                AboutDialog.display();
+            }
+        });
         c.fill = GridBagConstraints.BOTH;
         c.gridy = 0;
 …
         c.weightx = 1;
         add(aboutLabel, c);
+        c.fill = GridBagConstraints.NONE;
+        c.weighty = 0;
+        c.weightx = 0;
+        c.gridy++;
+        c.gridx=1;
+        add(aboutButton, c);
         /* Keep all the elements at the top of the panel (Extra padding) */
+        c.fill = GridBagConstraints.BOTH;
         Component filler = Box.createRigidArea(new Dimension(1, 1));
         c.weighty = 1;
         c.gridy++;
         add(filler, c);
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/AdvancedProxySettingsDialog.java

-              r418
+              r429
 import net.sourceforge.jnlp.runtime.Translator;
 import net.sourceforge.jnlp.util.ImageResources;
+import net.sourceforge.jnlp.util.ScreenFinder;
 /**
  * This dialog provides a means for user to edit more of the proxy settings.
+ *
  * @author Andrew Su <asu@redhat.com, andrew.su@utoronto.ca>
+ * @author Andrew Su &lt;asu@redhat.com, andrew.su@utoronto.ca&gt;
+ *
  */
 …
      */
     private void centerDialog() {
+        Dimension screen = Toolkit.getDefaultToolkit().getScreenSize();
+        Dimension dialogSize = getSize();
+        setLocation((screen.width - dialogSize.width) / 2, (screen.height - dialogSize.height) / 2);
+        ScreenFinder.centerWindowsToCurrentScreen(this);
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/AdvancedProxySettingsPane.java

-              r348
+              r429
      * Make the button panel.
+     *
+     * @return
+     * @return the button panel created
+     * @see JPanel
      */
     private JPanel createButtonPanel() {

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/CachePane.java

-              r348
+              r429
 /* CachePane.java -- Displays the specified folder and allows modification to its content.
 Copyright (C) 2010 Red Hat
+Copyright (C) 2013 Red Hat
 This program is free software; you can redistribute it and/or modify
 …
 import java.awt.BorderLayout;
 import java.awt.Component;
+import java.awt.Cursor;
 import java.awt.Dimension;
+import java.awt.EventQueue;
 import java.awt.FlowLayout;
 import java.awt.GridBagConstraints;
 import java.awt.GridBagLayout;
 import java.awt.GridLayout;
+import java.awt.SystemColor;
+import java.awt.Toolkit;
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
+import java.awt.event.WindowEvent;
 import java.io.File;
 import java.io.FileNotFoundException;
 …
 import java.nio.channels.FileLock;
 import java.text.DateFormat;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.text.NumberFormat;
 import java.util.ArrayList;
 import java.util.Comparator;
+import java.util.Date;
 import java.util.Enumeration;
 import java.util.List;
 …
 import javax.swing.JComponent;
 import javax.swing.JDialog;
+import javax.swing.JOptionPane;
 import javax.swing.JPanel;
 import javax.swing.JScrollPane;
 import javax.swing.JTable;
 import javax.swing.ListSelectionModel;
+import javax.swing.table.DefaultTableModel;
+import javax.swing.event.ListSelectionEvent;
+import javax.swing.event.ListSelectionListener;
+import javax.swing.table.DefaultTableCellRenderer;
+import javax.swing.table.TableModel;
 import javax.swing.table.TableRowSorter;
 import net.sourceforge.jnlp.cache.CacheDirectory;
+import net.sourceforge.jnlp.cache.CacheLRUWrapper;
+import net.sourceforge.jnlp.cache.CacheUtil;
 import net.sourceforge.jnlp.cache.DirectoryNode;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 …
 import net.sourceforge.jnlp.util.FileUtils;
 import net.sourceforge.jnlp.util.PropertiesFile;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import net.sourceforge.jnlp.util.ui.NonEditableTableModel;
 public class CachePane extends JPanel {
     JDialog parent;
     DeploymentConfiguration config;
 …
     private JComponent defaultFocusComponent;
     DirectoryNode root;
+    String[] columns = { Translator.R("CVCPColName"),
+    String[] columns = {
+            Translator.R("CVCPColName"),
             Translator.R("CVCPColPath"),
             Translator.R("CVCPColType"),
 …
             Translator.R("CVCPColLastModified") };
     JTable cacheTable;
+    private JButton deleteButton, refreshButton, doneButton, cleanAll;
     /**
 …
         c.fill = GridBagConstraints.BOTH;
+        DefaultTableModel model = new DefaultTableModel(columns, 0) {
+            public boolean isCellEditable(int row, int column) {
+                return false;
+            }
+        };
+        TableModel model = new NonEditableTableModel(columns, 0);
         cacheTable = new JTable(model);
         cacheTable.getSelectionModel().setSelectionMode(ListSelectionModel.SINGLE_SELECTION);
+        cacheTable.getSelectionModel().addListSelectionListener(new ListSelectionListener() {
+            @Override
+            final public void valueChanged(ListSelectionEvent listSelectionEvent) {
+                // If no row has been selected, disable the delete button, else enable it
+                if (cacheTable.getSelectionModel().isSelectionEmpty()) {
+                    deleteButton.setEnabled(false);
+                }
+                else {
+                    deleteButton.setEnabled(true);
+                }
+            }
+        });
         cacheTable.setAutoResizeMode(JTable.AUTO_RESIZE_NEXT_COLUMN);
         cacheTable.setPreferredScrollableViewportSize(new Dimension(600, 200));
 …
         JScrollPane scrollPane = new JScrollPane(cacheTable);
+        populateTable();
+        TableRowSorter<DefaultTableModel> tableSorter = new TableRowSorter<DefaultTableModel>(model);
+        tableSorter.setComparator(4, new Comparator<Long>() { // Comparator for size column.
+            @Override
+            public int compare(Long o1, Long o2) {
+                return o1.compareTo(o2);
+            }
+        });
+        tableSorter.setComparator(5, new Comparator<String>() { // Comparator for date column.
+            @Override
+            public int compare(String o1, String o2) {
+                DateFormat format = new SimpleDateFormat("MM/dd/yyyy");
+                try {
+                    Long time1 = format.parse(o1).getTime();
+                    Long time2 = format.parse(o2).getTime();
+                    return time1.compareTo(time2);
+                } catch (ParseException e) {
+                    return 0;
+                }
+            }
+        });
+        TableRowSorter<TableModel> tableSorter = new TableRowSorter<TableModel>(model);
+        final Comparator<Comparable<?>> comparator = new Comparator<Comparable<?>>() { // General purpose Comparator
+            @Override
+            @SuppressWarnings("unchecked")
+            public final int compare(final Comparable a, final Comparable b) {
+                return a.compareTo(b);
+            }
+        };
+        tableSorter.setComparator(1, comparator); // Comparator for path column.
+        tableSorter.setComparator(4, comparator); // Comparator for size column.
+        tableSorter.setComparator(5, comparator); // Comparator for modified column.
         cacheTable.setRowSorter(tableSorter);
+        final DefaultTableCellRenderer tableCellRenderer = new DefaultTableCellRenderer() {
+            @Override
+            public final Component getTableCellRendererComponent(final JTable table, final Object value, final boolean isSelected, final boolean hasFocus, final int row, final int column) {
+                super.getTableCellRendererComponent(table, value, isSelected, hasFocus, row, column);
+                switch (column) {
+                    case 1: // Path column
+                    // Render absolute path
+                    super.setText(((File)value).getAbsolutePath());
+                    break;
+                    case 4: // Size column
+                    // Render size formatted to default locale's number format
+                    super.setText(NumberFormat.getInstance().format(value));
+                    break;
+                    case 5: // last modified column
+                    // Render modify date formatted to default locale's date format
+                    super.setText(DateFormat.getDateInstance().format(value));
+                }
+                return this;
+            }
+        };
+        // TableCellRenderer for path column
+        cacheTable.getColumn(this.columns[1]).setCellRenderer(tableCellRenderer);
+        // TableCellRenderer for size column
+        cacheTable.getColumn(this.columns[4]).setCellRenderer(tableCellRenderer);
+        // TableCellRenderer for last modified column
+        cacheTable.getColumn(this.columns[5]).setCellRenderer(tableCellRenderer);
         c.weightx = 1;
 …
         this.add(topPanel, BorderLayout.CENTER);
         this.add(createButtonPanel(), BorderLayout.SOUTH);
+    }
 …
         List<JButton> buttons = new ArrayList<JButton>();
         JButton deleteButton = new JButton(Translator.R("CVCPButDelete"));
+        this.deleteButton = new JButton(Translator.R("CVCPButDelete"));
         deleteButton.addActionListener(new ActionListener() {
             @Override
             public void actionPerformed(ActionEvent e) {
+                FileLock fl = null;
+                File netxRunningFile = new File(config.getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE));
+                if (!netxRunningFile.exists()) {
+                disableButtons();
+                // Delete on AWT thread after this action has been performed
+                // in order to allow the cache viewer to update itself
+                invokeLaterDelete();
+            }
+        });
+        deleteButton.setEnabled(false);
+        buttons.add(deleteButton);
+        this.cleanAll = new JButton(Translator.R("CVCPCleanCache"));
+        cleanAll.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                disableButtons();
+                // Delete on AWT thread after this action has been performed
+                // in order to allow the cache viewer to update itself
+                invokeLaterDeleteAll();
+            }
+        });
+        buttons.add(cleanAll);
+        this.refreshButton = new JButton(Translator.R("CVCPButRefresh"));
+        refreshButton.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                disableButtons();
+                // Populate cacheTable on AWT thread after this action event has been performed
+                invokeLaterPopulateTable();
+            }
+        });
+        refreshButton.setEnabled(false);
+        buttons.add(refreshButton);
+        this.doneButton = new JButton(Translator.R("ButDone"));
+        doneButton.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(
+                        new WindowEvent(parent, WindowEvent.WINDOW_CLOSING));
+            }
+        });
+        int maxWidth = 0;
+        int maxHeight = 0;
+        for (JButton button : buttons) {
+            maxWidth = Math.max(button.getMinimumSize().width, maxWidth);
+            maxHeight = Math.max(button.getMinimumSize().height, maxHeight);
+        }
+        int wantedWidth = maxWidth + 10;
+        int wantedHeight = maxHeight;
+        for (JButton button : buttons) {
+            button.setPreferredSize(new Dimension(wantedWidth, wantedHeight));
+            leftPanel.add(button);
+        }
+        doneButton.setPreferredSize(new Dimension(wantedWidth, wantedHeight));
+        doneButton.setEnabled(false);
+        rightPanel.add(doneButton);
+        buttonPanel.add(leftPanel);
+        buttonPanel.add(rightPanel);
+        return buttonPanel;
+    }
+    /**
+     * Posts an event to the event queue to delete the currently selected
+     * resource in {@link CachePane#cacheTable} after the {@code CachePane} and
+     * {@link CacheViewer} have been instantiated and painted.
+     * @see CachePane#cacheTable
+     */
+    private  void invokeLaterDelete() {
+        EventQueue.invokeLater(new Runnable() {
+            @Override
+            public void run() {
+                try {
+                    FileLock fl = null;
+                    File netxRunningFile = new File(config.getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE));
+                    if (!netxRunningFile.exists()) {
+                        try {
+                            FileUtils.createParentDir(netxRunningFile);
+                            FileUtils.createRestrictedFile(netxRunningFile, true);
+                        } catch (IOException e1) {
+                            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e1);
+                        }
+                    }
                     try {
+                        FileUtils.createParentDir(netxRunningFile);
+                        FileUtils.createRestrictedFile(netxRunningFile, true);
+                    } catch (IOException e1) {
+                        e1.printStackTrace();
+                    }
+                }
+                try {
+                    fl = FileUtils.getFileLock(netxRunningFile.getPath(), false, false);
+                } catch (FileNotFoundException e1) {
+                }
+                int row = cacheTable.getSelectedRow();
+                try {
+                    if (fl == null) return;
+                    if (row == -1 || row > cacheTable.getRowCount() - 1)
+                        return;
+                    int modelRow = cacheTable.convertRowIndexToModel(row);
+                    DirectoryNode fileNode = ((DirectoryNode) cacheTable.getModel().getValueAt(modelRow, 0));
+                    if (fileNode.getFile().delete()) {
+                        updateRecentlyUsed(fileNode.getFile());
+                        fileNode.getParent().removeChild(fileNode);
+                        FileUtils.deleteWithErrMesg(fileNode.getInfoFile());
+                        ((DefaultTableModel) cacheTable.getModel()).removeRow(modelRow);
+                        cacheTable.getSelectionModel().setSelectionInterval(row, row);
+                        CacheDirectory.cleanParent(fileNode);
+                        fl = FileUtils.getFileLock(netxRunningFile.getPath(), false, false);
+                    } catch (FileNotFoundException e1) {
+                    }
+                    int row = cacheTable.getSelectedRow();
+                    try {
+                        if (fl == null) {
+                            JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache"));
+                            return;
+                        }
+                        int modelRow = cacheTable.convertRowIndexToModel(row);
+                        DirectoryNode fileNode = ((DirectoryNode) cacheTable.getModel().getValueAt(modelRow, 0));
+                        if (fileNode.getFile().delete()) {
+                            updateRecentlyUsed(fileNode.getFile());
+                            fileNode.getParent().removeChild(fileNode);
+                            FileUtils.deleteWithErrMesg(fileNode.getInfoFile());
+                            ((NonEditableTableModel) cacheTable.getModel()).removeRow(modelRow);
+                            cacheTable.getSelectionModel().clearSelection();
+                            CacheDirectory.cleanParent(fileNode);
+                        }
+                    } catch (Exception exception) {
+                        // ignore
+                    }
+                    if (fl != null) {
+                        try {
+                            fl.release();
+                            fl.channel().close();
+                        } catch (IOException e1) {
+                            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e1);
+                        }
+                    }
                 } catch (Exception exception) {
+                    //ignore
+                }
+                if (fl != null) {
+                    try {
+                        fl.release();
+                        fl.channel().close();
+                    } catch (IOException e1) {
+                        e1.printStackTrace();
+                    }
+                        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, exception);
+                } finally {
+                    restoreDisabled();
+                }
+            }
             private void updateRecentlyUsed(File f) {
                 File recentlyUsedFile = new File(location + File.separator + "recently_used");
+                File recentlyUsedFile = new File(location + File.separator + CacheLRUWrapper.CACHE_INDEX_FILE_NAME);
                 PropertiesFile pf = new PropertiesFile(recentlyUsedFile);
                 pf.load();
 …
+            }
         });
+        buttons.add(deleteButton);
+        JButton refreshButton = new JButton(Translator.R("CVCPButRefresh"));
+        refreshButton.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                populateTable();
+            }
+        });
+        buttons.add(refreshButton);
+        JButton doneButton = new JButton(Translator.R("ButDone"));
+        doneButton.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                parent.dispose();
+            }
+        });
+        int maxWidth = 0;
+        int maxHeight = 0;
+        for (JButton button : buttons) {
+            maxWidth = Math.max(button.getMinimumSize().width, maxWidth);
+            maxHeight = Math.max(button.getMinimumSize().height, maxHeight);
+        }
+        int wantedWidth = maxWidth + 10;
+        int wantedHeight = maxHeight;
+        for (JButton button : buttons) {
+            button.setPreferredSize(new Dimension(wantedWidth, wantedHeight));
+            leftPanel.add(button);
+        }
+        doneButton.setPreferredSize(new Dimension(wantedWidth, wantedHeight));
+        rightPanel.add(doneButton);
+        buttonPanel.add(leftPanel);
+        buttonPanel.add(rightPanel);
+        return buttonPanel;
+    }
+    private void invokeLaterDeleteAll() {
+        EventQueue.invokeLater(new Runnable() {
+            @Override
+            public void run() {
+                try {
+                    visualCleanCache(parent);
+                    populateTable();
+                } catch (Exception exception) {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, exception);
+                } finally {
+                    restoreDisabled();
+                }
+            }
+        });
+    }
+    /**
+     * Posts an event to the event queue to populate the
+     * {@link CachePane#cacheTable} after the {@code CachePane} and
+     * {@link CacheViewer} have been instantiated and painted.
+     * @see CachePane#populateTable
+     */
+    final void invokeLaterPopulateTable() {
+        EventQueue.invokeLater(new Runnable() {
+            @Override
+            public void run() {
+                try {
+                    populateTable();
+                    // Disable cacheTable when no data to display, so no events are generated
+                    if (cacheTable.getModel().getRowCount() == 0) {
+                        cacheTable.setEnabled(false);
+                        cacheTable.setBackground(SystemColor.control);
+                        // No data in cacheTable, so nothing to delete
+                        deleteButton.setEnabled(false);
+                    } else {
+                        cacheTable.setEnabled(true);
+                        cacheTable.setBackground(SystemColor.text);
+                    }
+                } catch (Exception exception) {
+                        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, exception);
+                } finally {
+                    refreshButton.setEnabled(true);
+                    doneButton.setEnabled(true);
+                    cleanAll.setEnabled(true);
+                }
+            }
+        });
+    }
 …
      */
     private void populateTable() {
+        ((DefaultTableModel) cacheTable.getModel()).setRowCount(0); //Clears the table
+        for (Object[] v : generateData(root))
+            ((DefaultTableModel) cacheTable.getModel()).addRow(v);
+        try {
+            // Populating the cacheTable may take a while, so indicate busy by cursor
+            parent.getContentPane().setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));
+            NonEditableTableModel tableModel;
+            (tableModel = (NonEditableTableModel)cacheTable.getModel()).setRowCount(0); //Clears the table
+            for (Object[] v : generateData(root)) {
+                tableModel.addRow(v);
+            }
+        } catch (Exception exception) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, exception);
+        } finally {
+            // Reset cursor
+            parent.getContentPane().setCursor(Cursor.getDefaultCursor());
+        }
+    }
 …
                 for (DirectoryNode domain : type.getChildren()) {
                     for (DirectoryNode leaf : CacheDirectory.getLeafData(domain)) {
+                        Object[] o = { leaf,
+                                leaf.getFile().getAbsolutePath(),
+                                type,
+                                domain,
+                                leaf.getFile().length(),
+                                new SimpleDateFormat("MM/dd/yyyy").format(leaf.getFile().lastModified()) };
+                        final File f = leaf.getFile();
+                        Object[] o = {
+                            leaf,
+                            f.getParentFile(),
+                            type,
+                            domain,
+                            f.length(),
+                            new Date(f.lastModified())
+                        };
                         data.add(o);
+                    }
 …
+        }
+    }
+    public void disableButtons() {
+        // may take a while, so indicate busy by cursor
+        parent.getContentPane().setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));
+        // Disable dialog and buttons while operating
+        deleteButton.setEnabled(false);
+        refreshButton.setEnabled(false);
+        doneButton.setEnabled(false);
+        cleanAll.setEnabled(false);
+    }
+    public void restoreDisabled() {
+        cleanAll.setEnabled(true);
+        // If nothing selected then keep deleteButton disabled
+        if (!cacheTable.getSelectionModel().isSelectionEmpty()) {
+            deleteButton.setEnabled(true);
+        }
+        // Enable buttons
+        refreshButton.setEnabled(true);
+        doneButton.setEnabled(true);
+        // If cacheTable is empty disable it and set background
+        // color to indicate being disabled
+        if (cacheTable.getModel().getRowCount() == 0) {
+            cacheTable.setEnabled(false);
+            cacheTable.setBackground(SystemColor.control);
+        }
+        // Reset cursor
+        parent.getContentPane().setCursor(Cursor.getDefaultCursor());
+    }
+    public static void visualCleanCache(Component parent) {
+        try {
+            boolean success = CacheUtil.clearCache();
+            if (!success) {
+                JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache"));
+            }
+        } catch (Exception ex) {
+            JOptionPane.showMessageDialog(parent, Translator.R("CCannotClearCache"));
+        }
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/CacheViewer.java

-              r418
+              r429
 /* CacheViewer.java -- Display the GUI for viewing and deleting cache files.
 Copyright (C) 2010 Red Hat
+Copyright (C) 2013 Red Hat
 This program is free software; you can redistribute it and/or modify
 …
 import java.awt.GridBagConstraints;
 import java.awt.GridBagLayout;
+import java.awt.KeyEventDispatcher;
+import java.awt.KeyboardFocusManager;
 import java.awt.Toolkit;
+import java.awt.event.KeyEvent;
 import java.awt.event.WindowAdapter;
 import java.awt.event.WindowEvent;
 …
 import net.sourceforge.jnlp.runtime.Translator;
 import net.sourceforge.jnlp.util.ImageResources;
+import net.sourceforge.jnlp.util.ScreenFinder;
 /**
 …
     public CacheViewer(DeploymentConfiguration config) {
         super((Frame) null, dialogTitle, true); // Don't need a parent.
+        this.config = config;
+        if (config == null) {
+            throw new IllegalArgumentException("config: " + config);
+        }
         setIconImages(ImageResources.INSTANCE.getApplicationImages());
-        this.config = config;
         /* Prepare for adding components to dialog box */
 …
         pack();
+        this.topPanel.invokeLaterPopulateTable();
         /* Set focus to default button when first activated */
 …
             private boolean gotFocus = false;
+            @Override
             public void windowGainedFocus(WindowEvent we) {
                 // Once window gets focus, set initial focus
 …
         };
         addWindowFocusListener(adapter);
+        // Add a KeyEventDispatcher to dispatch events when this CacheViewer has focus
+        final CacheViewer cacheViewer = this;
+        KeyboardFocusManager.getCurrentKeyboardFocusManager().addKeyEventDispatcher(new KeyEventDispatcher() {
+            /**
+             * Dispatches mainly the {@code KeyEvent.VK_ESCAPE} key event to
+             * close the {@code CacheViewer} dialog.
+             * @return {@code true} after an {@link KeyEvent#VK_ESCAPE
+             * VK_ESCAPE} has been processed, otherwise {@code false}
+             * @see KeyEventDispatcher
+             */
+            public boolean dispatchKeyEvent(final KeyEvent keyEvent) {
+                // Check if Esc key has been pressed
+                if (keyEvent.getKeyCode() == KeyEvent.VK_ESCAPE &&
+                    keyEvent.getID() == KeyEvent.KEY_PRESSED) {
+                    // Exclude this key event from further processing
+                    keyEvent.consume();
+                    // Remove this low-level KeyEventDispatcher
+                    KeyboardFocusManager.getCurrentKeyboardFocusManager().removeKeyEventDispatcher(this);
+                    // Post close event to CacheViewer dialog
+                    Toolkit.getDefaultToolkit().getSystemEventQueue().postEvent(
+                            new WindowEvent(cacheViewer, WindowEvent.WINDOW_CLOSING));
+                    return true;
+                }
+                return false;
+            }
+        });
         initialized = true;
 …
      */
     private void centerDialog() {
+        Dimension screen = Toolkit.getDefaultToolkit().getScreenSize();
+        Dimension dialogSize = getSize();
+        setLocation((screen.width - dialogSize.width) / 2, (screen.height - dialogSize.height) / 2);
+        ScreenFinder.centerWindowsToCurrentScreen(this);
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/CommandLine.java

-              r348
+              r429
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.config.Setting;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
  * that specific command. For example, see {@link #handleListCommand(List)}
  * and {@link #printListHelp()}.
  * <p>
+ * </p>
  * Sample usage:
  * <pre>
+ * <pre><code>
  * CommandLine cli = new CommandLine();
  * // the string array represents input using the command line
 …
  *    // bad!
  * }
  * </pre>
+ * </code></pre>
+ *
  * @author Omair Majid (omajid@redhat.com)
+ * @author <a href="mailto:Omair%20Majid%20&lt;omajid@redhat.com&gt;">Omair Majid</a>
  */
 public class CommandLine {
 …
             config.load(false);
         } catch (ConfigurationException e) {
+            System.out.println(R("RConfigurationFatal"));
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("RConfigurationFatal"));
+            OutputController.getLogger().log(e);
+        }
+    }
 …
      */
     public int handleHelpCommand(List<String> args) {
         System.out.println(R("Usage"));
         System.out.println("  " + PROGRAM_NAME + " "
+        OutputController.getLogger().printOutLn(R("Usage"));
+        OutputController.getLogger().printOutLn("  " + PROGRAM_NAME + " "
                 + allCommands.toString().replace(',', '|').replaceAll(" ", "") + " [help]");
         System.out.println(R("CLHelpDescription", PROGRAM_NAME));
+        OutputController.getLogger().printOutLn(R("CLHelpDescription", PROGRAM_NAME));
         return SUCCESS;
+    }
 …
      */
     public void printListHelp() {
         System.out.println(R("Usage"));
         System.out.println("  " + PROGRAM_NAME + " list [--details]");
         System.out.println(R("CLListDescription"));
+        OutputController.getLogger().printOutLn(R("Usage"));
+        OutputController.getLogger().printOutLn("  " + PROGRAM_NAME + " list [--details]");
+        OutputController.getLogger().printOutLn(R("CLListDescription"));
+    }
 …
         for (String key : all.keySet()) {
             Setting<String> value = all.get(key);
             System.out.println(key + ": " + value.getValue());
+            OutputController.getLogger().printOutLn(key + ": " + value.getValue());
             if (verbose) {
                 System.out.println("\t" + R("CLDescription", value.getDescription()));
+                OutputController.getLogger().printOutLn("\t" + R("CLDescription", value.getDescription()));
+            }
+        }
 …
      */
     public void printGetHelp() {
         System.out.println(R("Usage"));
         System.out.println("  " + PROGRAM_NAME + " get property-name");
         System.out.println(R("CLGetDescription"));
+        OutputController.getLogger().printOutLn(R("Usage"));
+        OutputController.getLogger().printOutLn("  " + PROGRAM_NAME + " get property-name");
+        OutputController.getLogger().printOutLn(R("CLGetDescription"));
+    }
 …
         if (all.containsKey(key)) {
             value = all.get(key).getValue();
             System.out.println(value);
             return SUCCESS;
         } else {
             System.out.println(R("CLUnknownProperty", key));
+            OutputController.getLogger().printOutLn(value);
+            return SUCCESS;
+        } else {
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("CLUnknownProperty", key));
             return ERROR;
+        }
 …
      */
     public void printSetHelp() {
         System.out.println(R("Usage"));
         System.out.println("  " + PROGRAM_NAME + " set property-name value");
         System.out.println(R("CLSetDescription"));
+        OutputController.getLogger().printOutLn(R("Usage"));
+        OutputController.getLogger().printOutLn("  " + PROGRAM_NAME + " set property-name value");
+        OutputController.getLogger().printOutLn(R("CLSetDescription"));
+    }
 …
                     old.getValidator().validate(value);
                 } catch (IllegalArgumentException e) {
+                    System.out.println(R("CLIncorrectValue", old.getName(), value, old.getValidator().getPossibleValues()));
+                    OutputController.getLogger().log(OutputController.Level.WARNING_ALL, R("CLIncorrectValue", old.getName(), value, old.getValidator().getPossibleValues()));
+                    OutputController.getLogger().log(e);
                     return ERROR;
+                }
 …
             config.setProperty(key, value);
         } else {
             System.out.println(R("CLWarningUnknownProperty", key));
+            OutputController.getLogger().printOutLn(R("CLWarningUnknownProperty", key));
             config.setProperty(key, value);
+        }
 …
             config.save();
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             return ERROR;
+        }
 …
      */
     public void printResetHelp() {
         System.out.println(R("Usage"));
         System.out.println("  " + PROGRAM_NAME + " reset [all|property-name]");
         System.out.println(R("CLResetDescription"));
+        OutputController.getLogger().printOutLn(R("Usage"));
+        OutputController.getLogger().printOutLn("  " + PROGRAM_NAME + " reset [all|property-name]");
+        OutputController.getLogger().printOutLn(R("CLResetDescription"));
+    }
 …
         Map<String, Setting<String>> all = config.getRaw();
         if (!resetAll && !all.containsKey(key)) {
             System.out.println(R("CLUnknownProperty", key));
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("CLUnknownProperty", key));
             return ERROR;
+        }
 …
             config.save();
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             return ERROR;
+        }
 …
      */
     public void printInfoHelp() {
         System.out.println(R("Usage"));
         System.out.println("  " + PROGRAM_NAME + " info property-name");
         System.out.println(R("CLInfoDescription"));
+        OutputController.getLogger().printOutLn(R("Usage"));
+        OutputController.getLogger().printOutLn("  " + PROGRAM_NAME + " info property-name");
+        OutputController.getLogger().printOutLn(R("CLInfoDescription"));
+    }
 …
         Setting<String> value = all.get(key);
         if (value == null) {
             System.out.println(R("CLNoInfo"));
             return ERROR;
         } else {
             System.out.println(R("CLDescription", value.getDescription()));
             System.out.println(R("CLValue", value.getValue()));
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("CLNoInfo"));
+            return ERROR;
+        } else {
+            OutputController.getLogger().printOutLn(R("CLDescription", value.getDescription()));
+            OutputController.getLogger().printOutLn(R("CLValue", value.getValue()));
             if (value.getValidator() != null) {
                 System.out.println("\t" + R("VVPossibleValues", value.getValidator().getPossibleValues()));
+                OutputController.getLogger().printOutLn("\t" + R("VVPossibleValues", value.getValidator().getPossibleValues()));
+            }
             System.out.println(R("CLValueSource", value.getSource()));
+            OutputController.getLogger().printOutLn(R("CLValueSource", value.getSource()));
             return SUCCESS;
+        }
 …
      */
     public void printCheckHelp() {
         System.out.println(R("Usage"));
         System.out.println("  " + PROGRAM_NAME + " check");
         System.out.println(R("CLCheckDescription"));
+        OutputController.getLogger().printOutLn(R("Usage"));
+        OutputController.getLogger().printOutLn("  " + PROGRAM_NAME + " check");
+        OutputController.getLogger().printOutLn(R("CLCheckDescription"));
+    }
 …
         boolean allValid = true;
         for (Setting<String> setting : validator.getIncorrectSetting()) {
             System.out.println(R("CLIncorrectValue", setting.getName(), setting.getValue(), setting.getValidator().getPossibleValues()));
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("CLIncorrectValue", setting.getName(), setting.getValue(), setting.getValidator().getPossibleValues()));
             allValid = false;
+        }
         for (Setting<String> setting : validator.getUnrecognizedSetting()) {
             System.out.println(R("CLUnknownProperty", setting.getName()));
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("CLUnknownProperty", setting.getName()));
             allValid = false;
+        }
         if (allValid) {
             System.out.println(R("CLNoIssuesFound"));
+            OutputController.getLogger().printOutLn(R("CLNoIssuesFound"));
             return SUCCESS;
         } else {
 …
             val = handleCheckCommand(arguments);
         } else if (allCommands.contains(command)) {
             System.out.println("INTERNAL ERROR: " + command + " should have been implemented");
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "INTERNAL ERROR: " + command + " should have been implemented");
             val = ERROR;
         } else {
             System.out.println(R("CLUnknownCommand", command));
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, R("CLUnknownCommand", command));
             handleHelpCommand(new ArrayList<String>());
             val = ERROR;
 …
      */
     public static void main(String[] args) throws Exception {
+        DeploymentConfiguration.move14AndOlderFilesTo15StructureCatched();
         if (args.length == 0) {
             ControlPanel.main(new String[] {});
 …
             int result = cli.handle(args);
             // instead of returning, use System.exit() so we can pass back
+            // instead of returning, use JNLPRuntime.exit() so we can pass back
             // error codes indicating success or failure. Otherwise using
             // this program for scripting will become much more challenging
             System.exit(result);
+            JNLPRuntime.exit(result);
+        }
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/ControlPanel.java

-              r418
+              r429
 import javax.swing.JLabel;
 import javax.swing.JList;
+import javax.swing.JOptionPane;
 import javax.swing.JPanel;
 import javax.swing.JScrollPane;
 …
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.controlpanel.JVMPanel.JvmValidationResult;
 import net.sourceforge.jnlp.runtime.Translator;
 import net.sourceforge.jnlp.security.KeyStores;
 import net.sourceforge.jnlp.security.viewer.CertificatePane;
 import net.sourceforge.jnlp.util.ImageResources;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
  */
 public class ControlPanel extends JFrame {
+    private JVMPanel jvmPanel;
     /**
 …
         setDefaultCloseOperation(WindowConstants.DISPOSE_ON_CLOSE);
         pack();
-        setMinimumSize(getPreferredSize());
+    }
     private JPanel createTopPanel() {
         Font currentFont = null;
+        Font currentFont;
         JLabel about = new JLabel(R("CPMainDescriptionShort"));
         currentFont = about.getFont();
 …
             image.setIcon(new ImageIcon(ImageIO.read(imgUrl)));
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
 …
         return topPanel;
+    }
+    private int validateJdk() {
+        String s = ControlPanel.this.config.getProperty(DeploymentConfiguration.KEY_JRE_DIR);
+        JvmValidationResult validationResult = JVMPanel.validateJvm(s);
+        if (validationResult.id == JvmValidationResult.STATE.NOT_DIR
+                || validationResult.id == JvmValidationResult.STATE.NOT_VALID_DIR
+                || validationResult.id == JvmValidationResult.STATE.NOT_VALID_JDK) {
+            return JOptionPane.showConfirmDialog(ControlPanel.this,
+                    "<html>"+Translator.R("CPJVMNotokMessage1", s)+"<br/>"
+                    + validationResult.formattedText+"<br/>"
+                    + Translator.R("CPJVMNotokMessage2", DeploymentConfiguration.KEY_JRE_DIR, DeploymentConfiguration.USER_DEPLOYMENT_PROPERTIES_FILE)+"</html>",
+                    Translator.R("CPJVMconfirmInvalidJdkTitle"),JOptionPane.OK_CANCEL_OPTION);
+        }
+        return JOptionPane.OK_OPTION;
+    }
     /**
 …
             public void actionPerformed(ActionEvent e) {
                 ControlPanel.this.saveConfiguration();
+                int validationResult = validateJdk();
+                if (validationResult!= JOptionPane.OK_OPTION){
+                    return;
+                }
                 ControlPanel.this.dispose();
+            }
 …
             public void actionPerformed(ActionEvent e) {
                 ControlPanel.this.saveConfiguration();
+                int validationResult = validateJdk();
+                if (validationResult != JOptionPane.OK_OPTION) {
+                    int i = JOptionPane.showConfirmDialog(ControlPanel.this,
+                            Translator.R("CPJVMconfirmReset"),
+                            Translator.R("CPJVMconfirmReset"), JOptionPane.OK_CANCEL_OPTION);
+                    if (i == JOptionPane.OK_OPTION) {
+                        jvmPanel.resetTestFieldArgumentsExec();
+                    }
+                }
+            }
         });
 …
      */
     private JPanel createMainSettingsPanel() {
+        jvmPanel =  (JVMPanel) createJVMSettingsPanel();
         SettingsPanel[] panels = new SettingsPanel[] { new SettingsPanel(Translator.R("CPTabAbout"), createAboutPanel()),
                 new SettingsPanel(Translator.R("CPTabCache"), createCacheSettingsPanel()),
 …
                 new SettingsPanel(Translator.R("CPTabDebugging"), createDebugSettingsPanel()),
                 new SettingsPanel(Translator.R("CPTabDesktopIntegration"), createDesktopSettingsPanel()),
+                new SettingsPanel(Translator.R("CPTabJVMSettings"),jvmPanel),
                 new SettingsPanel(Translator.R("CPTabNetwork"), createNetworkSettingsPanel()),
                 // TODO: This is commented out since this is not implemented yet
                 // new SettingsPanel(Translator.R("CPTabRuntimes"), createRuntimesSettingsPanel()),
+                new SettingsPanel(Translator.R("CPTabSecurity"), createSecuritySettingsPanel()), };
+                new SettingsPanel(Translator.R("CPTabSecurity"), createSecuritySettingsPanel()),
+                //todo refactor to work with tmp file and apply as asu designed it
+                new SettingsPanel(Translator.R("CPTabPolicy"), createPolicySettingsPanel()),
+                new SettingsPanel(Translator.R("APPEXTSECControlPanelExtendedAppletSecurityTitle"), new UnsignedAppletsTrustingListPanel(DeploymentConfiguration.getAppletTrustGlobalSettingsPath(), DeploymentConfiguration.getAppletTrustUserSettingsPath(), this.config))
+        };
         // Add panels.
 …
             JPanel p = panel.getPanel();
             Dimension d = p.getMinimumSize();
             if (d.height > height)
+            if (d.height > height) {
                 height = d.height;
+            if (d.width > width)
+            }
+            if (d.width > width) {
                 width = d.width;
+            }
+        }
         Dimension dim = new Dimension(width, height);
 …
         });
         JScrollPane settingsListScrollPane = new JScrollPane(settingsList);
         settingsListScrollPane.setHorizontalScrollBarPolicy(JScrollPane.HORIZONTAL_SCROLLBAR_NEVER);
+        settingsListScrollPane.setHorizontalScrollBarPolicy(JScrollPane.HORIZONTAL_SCROLLBAR_AS_NEEDED);
         final JPanel settingsDetailPanel = new JPanel();
 …
+    }
+    private JPanel createPolicySettingsPanel() {
+        return new PolicyPanel(this, this.config);
+    }
+    private JPanel createJVMSettingsPanel() {
+        return new JVMPanel(this.config);
+    }
     /**
      * This is a placeholder panel.
+     *
+     * @return
+     * @return a placeholder panel
+     * @see JPanel
      */
     private JPanel createNotImplementedPanel() {
 …
             notImplementedPanel.add(label);
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
         return notImplementedPanel;
 …
             config.save();
         } catch (IOException e) {
+            e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            JOptionPane.showMessageDialog(this, e);
+        }
+    }
     public static void main(String[] args) throws Exception {
+        DeploymentConfiguration.move14AndOlderFilesTo15StructureCatched();
         final DeploymentConfiguration config = new DeploymentConfiguration();
         try {
 …
             // if configuration is not loaded, we will get NullPointerExceptions
             // everywhere
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/DebuggingPanel.java

-              r348
+              r429
 import java.awt.GridBagConstraints;
 import java.awt.GridBagLayout;
+import java.awt.event.ActionEvent;
+import java.awt.event.ActionListener;
 import java.awt.event.ItemEvent;
 import java.awt.event.ItemListener;
 import javax.swing.Box;
+import javax.swing.JButton;
 import javax.swing.JCheckBox;
 import javax.swing.JComboBox;
 import javax.swing.JLabel;
 import javax.swing.JPanel;
+import javax.swing.JTextField;
+import javax.swing.event.DocumentEvent;
+import javax.swing.event.DocumentListener;
+import net.sourceforge.jnlp.config.Defaults;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.runtime.Translator;
+import net.sourceforge.jnlp.util.logging.LogConfig;
 /**
 …
 public class DebuggingPanel extends NamedBorderPanel implements ItemListener {
+    /** List of properties used by this panel */
+    public static String[] properties = { "deployment.trace", // Debugging
+            "deployment.log", // Debugging
+            "deployment.console.startup.mode", // Java Console
+    /** List of properties used by checkboxes in this panel */
+    public static String[] properties = {
+            DeploymentConfiguration.KEY_ENABLE_LOGGING,
+            DeploymentConfiguration.KEY_ENABLE_LOGGING_HEADERS,
+            DeploymentConfiguration.KEY_ENABLE_LOGGING_TOFILE,
+            DeploymentConfiguration.KEY_ENABLE_LOGGING_TOSTREAMS,
+            DeploymentConfiguration.KEY_ENABLE_LOGGING_TOSYSTEMLOG
     };
+    private DeploymentConfiguration config;
+     private DeploymentConfiguration config;
     /**
 …
         GridBagConstraints c = new GridBagConstraints();
+        JLabel debuggingDescription = new JLabel("<html>" + Translator.R("CPDebuggingDescription") + "<hr /><br /></html>");
+        JCheckBox[] debuggingOptions = { new JCheckBox(Translator.R("DPEnableTracing")),
+                new JCheckBox(Translator.R("DPEnableLogging")), };
+        ComboItem[] javaConsoleItems = { new ComboItem(Translator.R("DPDisable"), "DISABLE"),
+                new ComboItem(Translator.R("DPHide"), "HIDE"),
+                new ComboItem(Translator.R("DPShow"), "SHOW"), };
+        final JLabel debuggingDescription = new JLabel("<html>" + Translator.R("CPDebuggingDescription") + "<hr /><br /></html>");
+        final JLabel logsDestinationTitle = new JLabel(Translator.R("CPFilesLogsDestDir")+": ");
+        final JTextField logsDestination = new JTextField(config.getProperty(DeploymentConfiguration.KEY_USER_LOG_DIR));
+        logsDestination.getDocument().addDocumentListener(new DocumentListener() {
+            @Override
+            public void insertUpdate(DocumentEvent e) {
+                 save();
+            }
+            @Override
+            public void removeUpdate(DocumentEvent e) {
+                 save();
+            }
+            @Override
+            public void changedUpdate(DocumentEvent e) {
+                save();
+            }
+            private void save() {
+                config.setProperty(DeploymentConfiguration.KEY_USER_LOG_DIR, logsDestination.getText());
+            }
+        });
+        final JButton logsDestinationReset = new JButton(Translator.R("CPFilesLogsDestDirResert"));
+        logsDestinationReset.addActionListener(new ActionListener() {
+            @Override
+            public void actionPerformed(ActionEvent e) {
+                logsDestination.setText(Defaults.getDefaults().get(DeploymentConfiguration.KEY_USER_LOG_DIR).getDefaultValue());
+            }
+        });
+        JCheckBox[] debuggingOptions = {
+                new JCheckBox(Translator.R("DPEnableLogging")),
+                new JCheckBox(Translator.R("DPEnableHeaders")),
+                new JCheckBox(Translator.R("DPEnableFile")),
+                new JCheckBox(Translator.R("DPEnableStds")),
+                new JCheckBox(Translator.R("DPEnableSyslog"))
+        };
+        String[] hints = {
+                (Translator.R("DPEnableLoggingHint")),
+                (Translator.R("DPEnableHeadersHint")),
+                (Translator.R("DPEnableFileHint", LogConfig.getLogConfig().getIcedteaLogDir())),
+                (Translator.R("DPEnableStdsHint")),
+                (Translator.R("DPEnableSyslogHint"))
+        };
+        ComboItem[] javaConsoleItems = { new ComboItem(Translator.R("DPDisable"), DeploymentConfiguration.CONSOLE_DISABLE),
+                new ComboItem(Translator.R("DPHide"), DeploymentConfiguration.CONSOLE_HIDE),
+                new ComboItem(Translator.R("DPShow"), DeploymentConfiguration.CONSOLE_SHOW),
+                new ComboItem(Translator.R("DPShowPluginOnly"), DeploymentConfiguration.CONSOLE_SHOW_PLUGIN),
+                new ComboItem(Translator.R("DPShowJavawsOnly"), DeploymentConfiguration.CONSOLE_SHOW_JAVAWS) };
         JLabel consoleLabel = new JLabel(Translator.R("DPJavaConsole"));
         JComboBox consoleComboBox = new JComboBox();
         consoleComboBox.setActionCommand("deployment.console.startup.mode"); // The property this comboBox affects.
+        consoleComboBox.setActionCommand(DeploymentConfiguration.KEY_CONSOLE_STARTUP_MODE); // The property this comboBox affects.
         JPanel consolePanel = new JPanel();
 …
          */
         for (int i = 0; i < properties.length; i++) {
+            try {
+                String s = config.getProperty(properties[i]);
+                c.gridy = i + 1;
+                switch (i) {
+                    case 0:
+                    case 1:
+                        debuggingOptions[i].setSelected(Boolean.parseBoolean(s));
+                        debuggingOptions[i].setActionCommand(properties[i]);
+                        debuggingOptions[i].addItemListener(this);
+                        add(debuggingOptions[i], c);
+                        break;
+                    case 2:
+                        for (int j = 0; j < javaConsoleItems.length; j++) {
+                            consoleComboBox.addItem(javaConsoleItems[j]);
+                            if (config.getProperty("deployment.console.startup.mode").equals(javaConsoleItems[j].getValue()))
+                                consoleComboBox.setSelectedIndex(j);
+                        }
+                        consoleComboBox.addItemListener(this);
+                        add(consolePanel, c);
+                }
+            } catch (Exception e) {
+                debuggingOptions[i] = null;
+            String s = config.getProperty(properties[i]);
+            c.gridy++;
+            if (i == 2) {
+                JLabel space = new JLabel("<html>" + Translator.R("CPDebuggingPossibilites") + ":</html>");
+                add(space, c);
+                c.gridy++;
+            }
+            debuggingOptions[i].setSelected(Boolean.parseBoolean(s));
+            debuggingOptions[i].setActionCommand(properties[i]);
+            debuggingOptions[i].setToolTipText(hints[i]);
+            debuggingOptions[i].addItemListener(this);
+            add(debuggingOptions[i], c);
+              if (i == 2) {
+                 c.gridx++;
+                add(logsDestinationTitle, c);
+                c.gridx++;
+                add(logsDestination, c);
+                c.gridx++;
+                add(logsDestinationReset, c);
+                c.gridx-=3;
+            }
+        }
+        for (int j = 0; j < javaConsoleItems.length; j++) {
+            consoleComboBox.addItem(javaConsoleItems[j]);
+            if (config.getProperty(DeploymentConfiguration.KEY_CONSOLE_STARTUP_MODE).equals(javaConsoleItems[j].getValue())) {
+                consoleComboBox.setSelectedIndex(j);
+            }
+        }
+        c.gridy++;
+        consoleComboBox.addItemListener(this);
+        add(consolePanel, c);
         // pack the bottom so that it doesn't change size if resized.
         Component filler = Box.createRigidArea(new Dimension(1, 1));
 …
     @Override
+    @SuppressWarnings("unchecked")
     public void itemStateChanged(ItemEvent e) {

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/DesktopShortcutPanel.java

-              r348
+              r429
         for (int j = 0; j < items.length; j++) {
             shortcutComboOptions.addItem(items[j]);
             if (config.getProperty("deployment.javaws.shortcut").equals(items[j].getValue()))
+            if (config.getProperty("deployment.javaws.shortcut").equals(items[j].getValue())) {
                 shortcutComboOptions.setSelectedIndex(j);
+            }
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/DocumentAdapter.java

r348	r429
24	24
25	25	import net.sourceforge.jnlp.config.DeploymentConfiguration;
	26	import net.sourceforge.jnlp.util.logging.OutputController;
26	27
27	28	/**
…	…
95	96	}
96	97	} catch (BadLocationException e1) {
97		// TODO Auto-generated catch block
98		e1.printStackTrace();
	98	OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e1);
99	99	}
100	100	}

trunk/icedtea-web/netx/net/sourceforge/jnlp/controlpanel/TemporaryInternetFilesPanel.java

-              r418
+              r429
             @Override
             public void actionPerformed(ActionEvent e) {
                 JFileChooser fileChooser = new JFileChooser();
+                JFileChooser fileChooser = new JFileChooser(location.getText());
                 fileChooser.setFileSelectionMode(JFileChooser.DIRECTORIES_ONLY);
                 fileChooser.setFileHidingEnabled(false);
+                if (fileChooser.showOpenDialog(null) == JFileChooser.APPROVE_OPTION) {
+                fileChooser.setAcceptAllFileFilterUsed(false);
+                fileChooser.setDialogTitle(Translator.R("TIFPLocationLabel"));
+                if (fileChooser.showDialog(null, Translator.R("TIFPFileChooserChooseButton")) == JFileChooser.APPROVE_OPTION) {
                     // Check if we have permission to write to that location.
                     String result = fileChooser.getSelectedFile().getAbsolutePath();

trunk/icedtea-web/netx/net/sourceforge/jnlp/resources/Messages.properties

-              r418
+              r429
 ButProceed=Proceed
 ButRun=Run
+ButSandbox=Sandbox
 ButApply=Apply
 ButDone=Done
 ButShowDetails=Show Details
 ButHideDetails=Hide Details
+ButYes=Yes
+ButNo=No
+CertWarnRunTip=Trust this applet and run with full permissions
+CertWarnSandboxTip=Do not trust this applet and run with restricted permissions
+CertWarnCancelTip=Do not run this applet
+CertWarnPolicyTip=Advanced sandbox settings
+CertWarnPolicyEditorItem=Launch PolicyEditor
 AFileOnTheMachine=a file on the machine
 …
 Usage=Usage:
 Error=Error
+Warning=Warning
 Continue=Do you want to continue?
 …
 Value=Value
 Version=Version
+# about dialogue
+AboutDialogueTabAbout=About
+AboutDialogueTabAuthors=Authors
+AboutDialogueTabChangelog=Changelog
+AboutDialogueTabNews=News
+AboutDialogueTabGPLv2=GPLv2
+# missing permissions dialogue
+MissingPermissionsMainTitle=Application <span color='red'> {0} </span> \
+from <span color='red'> {1} </span> is missing the permissions attribute. \
+Applications without this attribute should not be trusted. Do you wish to allow this application to run?
+MissingPermissionsInfo=For more information you can visit:<br/>\
+<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> \
+JAR File Manifest Attributes</a> <br/> \
+and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
+Preventing the repurposing of Applications</a>
+# missing Application-Library-Allowable-Codebase dialogue
+ALACAMissingMainTitle=The application <span color='red'> {0} </span> \
+from <span color='red'> {1} </span> uses resources from the following remote locations: \
+{2} \
+Are you sure you want to run this application?
+ALACAMissingInfo=For more information see:<br/>\
+<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
+JAR File Manifest Attributes</a> <br/> \
+and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
+Preventing the Repurposing of an Application</a>
+# matching Application-Library-Allowable-Codebase dialogue
+ALACAMatchingMainTitle=The application <span color='red'> {0} </span> \
+from <span color='red'> {1} </span> uses resources from the following remote locations:<br/>{2} <br/> \
+Are you sure you want to run this application?
+ALACAMatchingInfo=For more information you can visit:<br/>\
+<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
+JAR File Manifest Attributes</a> <br/> \
+and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \
+Preventing the Repurposing of an Application</a>
 # LS - Severity
 …
 LThreadInterrupted=Thread interrupted while waiting for file to launch.
 LThreadInterruptedInfo=
+LThreadInterruptedInfo=This can lead to deadlock or yield other damage during execution. Please restart your application/browser.
 LCouldNotLaunch=Could not launch JNLP file.
 LCouldNotLaunchInfo=
+LCouldNotLaunchInfo=The application has not been initialized, for more information execute javaws/browser from the command line and send a bug report.
 LCantRead=Could not read or parse the JNLP file.
 LCantReadInfo=
+LCantReadInfo=You can try to download this file manually and send it as bug report to IcedTea-Web team.
 LNullLocation=Could not determine .jnlp file location.
 LNullLocationInfo=An attempt was made to launch a JNLP file in another JVM, but the file could not be located.  In order to launch in an external JVM, the runtime must be able to locate the .jnlp file either in the local filesystem or on a server.
 …
 LNoInstallersInfo=JNLP installer files are not yet supported.
 LInitApplet=Could not initialize applet.
 LInitAppletInfo=
+LInitAppletInfo=For more information click "more information button".
 LInitApplication=Could not initialize application.
 LInitApplicationInfo=
+LInitApplicationInfo=The application has not been initialized, for more information execute javaws from the command line.
 LNotLaunchable=Not a launchable JNLP file.
 LNotLaunchableInfo=File must be a JNLP application, applet, or installer type.
 …
 LUnsignedJarWithSecurity=Cannot grant permissions to unsigned jars.
 LUnsignedJarWithSecurityInfo=Application requested security permissions, but jars are not signed.
+LSignedJNLPAppDifferentCerts=The JNLP application is not fully signed by a single cert.
+LSignedJNLPAppDifferentCertsInfo=The JNLP application has its components individually signed, however there must be a common signer to all entries.
+LUnsignedApplet=The applet was unsigned.
+LUnsignedAppletPolicyDenied=The applet was unsigned, and the security policy prevented it from running.
+LUnsignedAppletUserDenied=The applet was unsigned, and was not trusted.
+LPartiallySignedApplet=The applet was partially signed.
+LPartiallySignedAppletUserDenied=The applet was partially signed, and the user did not trust it.
 LSignedAppJarUsingUnsignedJar=Signed application using unsigned jars.
 LSignedAppJarUsingUnsignedJarInfo=The main application jar is signed, but some of the jars it is using aren't.
+LRunInSandboxError=Run in Sandbox call performed too late.
+LRunInSandboxErrorInfo=The classloader was notified to run the applet sandboxed, but security settings were already initialized.
 LSignedJNLPFileDidNotMatch=The signed JNLP file did not match the launching JNLP file.
 LNoSecInstance=Error: No security instance for {0}. The application may have trouble continuing
 LCertFoundIn={0} found in cacerts ({1})
+LSingleInstanceExists=Another instance of this applet already exists and only one may be run at the same time.
 JNotApplet=File is not an applet.
 …
 LCancelOnUserRequest=Canceled on user request.
 LFatalVerification=A fatal error occurred while trying to verify jars.
 LFatalVerificationInfo=
+LFatalVerificationInfo=An exception has been thrown in class JarCertVerifier. Being unable to read the cacerts or trusted.certs files could be a possible cause for this exception.
 LNotVerifiedDialog=Not all jars could be verified.
 …
 # Parser
 PInvalidRoot=Root node is not a jnlp node
 PNoResources=No resources section defined
+PInvalidRoot=Root element is not a jnlp element.
+PNoResources=No resources element specified.
 PUntrustedNative=nativelib element cannot be specified unless a trusted environment is requested.
 PExtensionHasJ2SE=j2se element cannot be specified in a component extension file.
 PInnerJ2SE=j2se element cannot be specified within a j2se element.
 PTwoMains=Duplicate main JAR defined in a resources element (there can be only one)
 PNativeHasMain=Cannot specify main attribute on native JARs.
 PNoInfoElement=No information section defined.
+PTwoMains=Duplicate main attribute specified on a resources element (there can be only one)
+PNativeHasMain=main attribute cannot be specified on a nativelib element.
+PNoInfoElement=No information element specified.
 PMissingTitle=title
 PMissingVendor=vendor
 PMissingElement=The {0} section has not been defined for your locale nor does a default value exist in the JNLP file.
 PTwoDescriptions=Duplicate description of kind {0}
 PSharing=Element "sharing-allowed" is illegal in a standard JNLP file
 PTwoSecurity=Only one security element allowed per JNLPFile.
 PEmptySecurity=Security element specified but does not contain a permissions element.
 PTwoDescriptors=Only one application descriptor element allowed per JNLPFile.
+PMissingElement=The {0} section has not been specified for your locale nor does a default value exist in the JNLP file.
+PTwoDescriptions=Duplicate description elements of kind {0} are illegal.
+PSharing=sharing-allowed element is illegal in a standard JNLP file
+PTwoSecurity=Only one security element allowed per JNLP file.
+PEmptySecurity=security element specified but does not contain a permissions element.
+PTwoDescriptors=Only one application-desc element allowed per JNLP file.
 PTwoDesktops=Only one desktop element allowed
 PTwoMenus=Only one menu element allowed
 …
 # Runtime
 BLaunchAbout=Launching about window...
+BLaunchAboutFailure=Was not able to launch About window
 BNeedsFile=Must specify a .jnlp file
 RNoAboutJnlp=Unable to find about.jnlp
 …
 BBadParam=Incorrect parameter format {0} (should be name=value)
 BNoDir=Directory {0} does not exist.
+BNoCodeOrObjectApplet=Applet tag must specify a 'code' or 'object' attribute.
 RNoResource=Missing Resource: {0}
 RShutdown=This exception to prevent shutdown of JVM, but the process has been terminated.
 …
 RCantCreateFile=Cant create file {0}
 RCantDeleteFile=Cant delete file {0}
+RCantOpenFile=Could not open file {0}
+RCantWriteFile=Could not write to file {0}
+RFileReadOnly=Opening file in read-only mode
+RExpectedFile=Expected {0} to be a file but it was not
 RRemoveRPermFailed=Removing read permission on file {0} failed
 RRemoveWPermFailed=Removing write permissions on file {0} failed
 …
 RNestedJarExtration=Unable to extract nested jar.
 RUnexpected=Unexpected {0} at {1}
 RConfigurationError=Fatal error while reading the configuration
+RConfigurationError=Fatal error while reading the configuration, continuing with empty. Please fix
 RConfigurationFatal=ERROR: a fatal error has occurred while loading configuration. Perhaps a global configuration was required but could not be found
+RFailingToDefault=Failing to default configuration
 RPRoxyPacNotSupported=Using Proxy Auto Config (PAC) files is not supported.
 RProxyFirefoxNotFound=Unable to use Firefox's proxy settings. Using "DIRECT" as proxy type.
 …
 RBrowserLocationPromptMessage=Specify Browser Location
 RBrowserLocationPromptMessageWithReason=Specify Browser Location (the browser command "{0}" is invalid).
+BAboutITW=The IcedTea-Web project provides a Free Software web browser plugin running applets written in the Java programming language and an implementation of Java Web Start, originally based on the NetX project. Visit the IcedTea-Web homepage: http://icedtea.classpath.org/wiki/IcedTea-Web . Use "man javaws" or "javaws -help" for more information.
+BFileInfoAuthors=Names and email addresses of contributors to this project can be found in the file AUTHORS in the IcedTea-Web root directory.
+BFileInfoCopying=The full GPLv2 license of this project can be found in the file COPYING in the IcedTea-Web root directory.
+BFileInfoNews=News about releases of this project can be found in the file NEWS in the IcedTea-Web root directory.
 # Boot options, message should be shorter than this ---------------->
 …
 BOParam     = Adds an applet parameter before launching.
 BOProperty  = Sets a system property before launching.
 BOUpdate    = Update check if seconds since last checked.
+BOUpdate    = Check for updates.
 BOLicense   = Display the GPL license and exit.
 BOVerbose   = Enable verbose output.
 BOAbout     = Shows a sample application.
+BOVersion   = Print the IcedTea-Web version and exit.
 BONosecurity= Disables the secure runtime environment.
 BONoupdate  = Disables checking for updates.
 …
 BOStrict    = Enables strict checking of JNLP file format.
 BOViewer    = Shows the trusted certificate viewer.
+BOXml       = Uses a strict XML parser to parse the JNLP file.
+BOredirect  = Follows HTTP redirects.
 BXnofork    = Do not create another JVM.
 BXclearcache= Clean the JNLP application cache.
+BXignoreheaders= Skip jar header verification.
 BOHelp      = Print this message and exit.
 …
 CComplete=Complete
 CChooseCache=Choose a cache directory...
 CChooseCacheInfo=Netx needs a location for storing cache files.
+CChooseCacheInfo=NetX needs a location for storing cache files.
 CChooseCacheDir=Cache directory
 CCannotClearCache=Can not clear cache at this time
+CCannotClearCache=Can not clear the cache at this time. Try later. If the problem persists, try closing your browser(s) & JNLP applications. At the end you can try to kill all java applications. \\\n You can clear cache by javaws -Xclearcache or via itw-settings Cache -> View files -> Purge
 CFakeCache=Cache is corrupt. Fixing.
 CFakedCache=Cache is corrupt and has been fixed. It is strongly recommended that you run 'javaws -Xclearcache' and rerun your application as soon as possible.
+CFakedCache=Cache was corrupt and has been fixed. It is strongly recommended that you run 'javaws -Xclearcache' and rerun your application as soon as possible. You can also use via itw-settings Cache -> View files -> Purge
 # Security
 …
 SFileWriteAccess=The application has requested write access to {0}. Do you want to allow this action?
 SDesktopShortcut=The application has requested permission to create a desktop launcher. Do you want to allow this action?
 SSigUnverified=The application's digital signature cannot be verified. Do you want to run the application?
 SSigVerified=The application's digital signature has been verified. Do you want to run the application?
 SSignatureError=The application's digital signature has an error. Do you want to run the application?
+SSigUnverified=The application's digital signature cannot be verified. Do you want to run the application? It will be granted unrestricted access to your computer.
+SSigVerified=The application's digital signature has been verified. Do you want to run the application? It will be granted unrestricted access to your computer.
+SSignatureError=The application's digital signature has an error. Do you want to run the application? It will be granted unrestricted access to your computer.
 SUntrustedSource=The digital signature could not be verified by a trusted source. Only run if you trust the origin of the application.
 SWarnFullPermissionsIgnorePolicy=The code executed will be given full permissions, ignoring any java policies you may have.
+SWarnFullPermissionsIgnorePolicy=The code executed will be given full permissions, ignoring any Java policies you may have.
 STrustedSource=The digital signature has been validated by a trusted source.
 SClipboardReadAccess=The application has requested read-only access to the system clipboard. Do you want to allow this action?
 …
 SAlwaysTrustPublisher=Always trust content from this publisher
 SHttpsUnverified=The website's HTTPS certificate cannot be verified.
+SNotAllSignedSummary=Only parts of this application code are signed.
+SNotAllSignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control.
+SNotAllSignedQuestion=Do you wish to proceed and run this application anyway?
+SRememberOption=<b>Remember this option?</b>
+SRememberAppletOnly=For applet
+SRememberCodebase=For site <u>{0}</u>
+SUnsignedSummary=An unsigned Java application wants to run
+SUnsignedDetail=An unsigned application from the following location wants to run:<br/>&nbsp;&nbsp;<u>{0}</u><br/>The page which made the request was:<br/>&nbsp;&nbsp;<u>{1}</u><br/><br/><b>It is recommended you only run applications from sites you trust.</b>
+SUnsignedAllowedBefore=<font color="green">You have accepted this applet previously.</font>
+SUnsignedRejectedBefore=<font color="red">You have rejected this applet previously.</font>
+SUnsignedQuestion=Allow the applet to run?
+SPartiallySignedSummary=Only parts of this application code are signed.
+SPartiallySignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control.
+SPartiallySignedQuestion=Do you wish to proceed and run this application anyway?
 SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}"
 SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed.
+SAppletTitle=Applet title: {0}
+STrustedOnlyAttributeFailure=This application specifies Trusted-only as True in its Manifest. {0} and requests permission level: {1}. This is not allowed.
+STOAsignedMsgFully = The applet is fully signed
+STOAsignedMsgAndSandbox = The applet is fully signed and sandboxed
+STOAsignedMsgPartiall = The applet is not fully signed
+STempPermNoFile=No file access
+STempPermNoNetwork=No network access
+STempPermNoExec=No command execution
+STempNoFileOrNetwork=No file or network access
+STempNoExecOrNetwork=No command execution or network access
+STempNoFileOrExec=No file access or command execution
+STempNoFileOrNetworkOrExec=No file access, network access, or command execution
+STempAllMedia=All media
+STempSoundOnly=Play audio
+STempClipboardOnly=Access clipboard
+STempPrintOnly=Print documents
+STempAllFileAndPropertyAccess=All file and properties access
+STempReadLocalFilesAndProperties=Read-only local files and properties
+STempReflectionOnly=Java Reflection only
 # Security - used for the More Information dialog
 …
 SBadExtendedKeyUsage=Resources contain entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing.
 SBadNetscapeCertType=Resources contain entries whose signer certificate's NetscapeCertType extension doesn't allow code signing.
-SHasUnsignedEntry=Resources contain unsigned entries which have not been integrity-checked.
 SHasExpiredCert=The digital signature has expired.
 SHasExpiringCert=Resources contain entries whose signer certificate will expire within six months.
 …
 SUntrustedCertificate=The digital signature was generated with an untrusted certificate.
 STrustedCertificate=The digital signature was generated with a trusted certificate.
 SCNMisMatch=The expected hostname for this certificate is: "{0}"<BR>The address being connected to is: "{1}"
 SRunWithoutRestrictions=This application will be run without the security restrictions normally provided by java.
+SCNMisMatch=The expected hostname for this certificate is: "{0}"<br/>The address being connected to is: "{1}"
+SRunWithoutRestrictions=This application will be run without the security restrictions normally provided by Java.
 SCertificateDetails=Certificate Details
 …
 CVSystem=System
 #KeyStores: see KeyStores.java
+# KeyStores: see KeyStores.java
 KS=KeyStore
 KSCerts=Trusted Certificates
 KSJsseCerts=Trusted JSSE Certificates
 KSCaCerts=Trusted Root CA Certificates
 KSJsseCaCerts=Trusted JSSE Root CA Certificates,
+KSJsseCaCerts=Trusted JSSE Root CA Certificates
 KSClientCerts=Client Authentication Certificates
 …
 DCSourceInternal=<internal>
 DCUnknownSettingWithName=Property "{0}" is unknown.
+DCmaindircheckNotexists=After all attempts, your configuration directory {0} do not exists.
+DCmaindircheckNotdir=Your configuration directory {0} is not directory.
+DCmaindircheckRwproblem=Your configuration directory {0} can not be read/written properly.
 # Value Validator messages. Messages should follow "Possible values ..."
 VVPossibleValues=Possible values {0}
 VVPossibleBooleanValues=are {0} or {1}
+VVPossibleFileValues=include the absolute location of a file - it must begin with a /
+VVPossibleFileValuesDOS=include the absolute location of a file - it must begin with a drive letter
+VVPossibleFileValues=include an absolute path to a file or directory
 VVPossibleRangedIntegerValues=are in range {0} to {1} (inclusive)
 VVPossibleUrlValues=include any valid url (eg http://icedtea.classpath.org/hg/)
 …
 # Control Panel - Tab Descriptions
 CPAboutDescription=View version information about Icedtea Control Panel.
+CPAboutDescription=View version information about IcedTea Control Panel.
 CPNetworkSettingsDescription=Configure network settings, including how IcedTea-Web connects to the internet and whether to use any proxies.
 CPTempInternetFilesDescription=Java stores application data for faster execution the next time you run it.
 …
 CPDebuggingDescription=Enable options here to help with debugging
 CPDesktopIntegrationDescription=Set whether or not to allow creation of desktop shortcut.
+CPJVMPluginArguments=Set JVM arguments for plugin.
+CPJVMitwExec=Set JVM for IcedTea-Web \u2014 working best with OpenJDK
+CPJVMitwExecValidation=Validate JVM for IcedTea-Web
+CPJVMPluginSelectExec=Browse for JVM for IcedTea-Web
+CPJVMnone=No validation result for
+CPJVMvalidated=Validation result for
+CPJVMvalueNotSet=Value is not set. Hardcoded JVM will be used.
+CPJVMnotLaunched=Error, process was not launched, see console output for more info.
+CPJVMnoSuccess=Error, process have not ended successfully, see output for details, but your java is not set correctly.
+CPJVMopenJdkFound=Excellent, OpenJDK detected
+CPJVMoracleFound=Great, Oracle java detected
+CPJVMibmFound=Good, IBM java detected
+CPJVMgijFound=Warning, gij detected
+CPJVMstrangeProcess=Your path had an executable process, but it was not recognized. Verify the Java version in the console output.
+CPJVMnotDir=Error, The path you chose is not a directory.
+CPJVMisDir=Ok, the path you chose is a directory.
+CPJVMnoJava=Error, the directory you chose does not contain bin/java.
+CPJVMjava=Ok, the directory you chose contains bin/java.
+CPJVMnoRtJar=Error, the directory you chose does not contain lib/rt.jar
+CPJVMrtJar=Ok, the directory you chose contains lib/rt.jar.
+CPJVMPluginAllowTTValidation=Validate JRE immediately
+CPJVMNotokMessage1=You have entered invalid JDK value <u>({0})</u> with following error message:
+CPJVMNotokMessage2=You might be seeing this message because: <blockquote> * Some validity tests have not been passed<br/> * Non-OpenJDK is detected</blockquote>With invalid JDK IcedTea-Web will probably not be able to start.<br/>You will have to modify or remove <u>{0}</u> property in your configuration file <u>{1}</u>. <br/>You should try to search for OpenJDK in your system or be sure you know what you are doing.
+CPJVMconfirmInvalidJdkTitle=Confirm invalid JDK
+CPJVMconfirmReset=Reset to default?
+CPPolicyDetail=View or edit your user-level Java Policy File. This allows you to grant or deny runtime permissions to applets regardless of the standard security sandboxing rules.
+CPPolicyTooltip=Open {0} in policy editor
+CPPolicyEditorNotFound=Could not find a system policy file editor. Check that policytool is on your PATH.
 # Control Panel - Buttons
 …
 CPButView=View...
 CPButCertificates=Certificates...
+CPButSimpleEditor=Simple editor
+CPButAdvancedEditor=Advanced editor
 # Control Panel - Headers
+CPHead=IcedTea Web Control Panel
+CPHeadAbout=About
+CPHeadNetworkSettings=Network Proxy Settings
+CPHeadTempInternetFiles=Temporary Internet Files
+CPHeadJRESettings=Java Runtime Environment Settings
+CPHeadCertificates=Certificates
+CPHeadDebugging=Debugging Settings
+CPHeadDesktopIntegration=Desktop Integrations
+CPHeadSecurity=Security Settings
+CPHead=IcedTea-Web Control Panel
+CPHeadAbout=\u00a0About\u00a0IcedTea-Web\u00a0
+CPHeadNetworkSettings=\u00a0Network\u00a0Proxy\u00a0Settings\u00a0
+CPHeadTempInternetFiles=\u00a0Temporary\u00a0Internet\u00a0Files\u00a0
+CPHeadJRESettings=\u00a0Java\u00a0Runtime\u00a0Environment\u00a0Settings\u00a0
+CPHeadCertificates=\u00a0Certificates\u00a0
+CPHeadDebugging=\u00a0Debugging\u00a0Settings\u00a0
+CPHeadDesktopIntegration=\u00a0Desktop\u00a0Integrations\u00a0
+CPHeadSecurity=\u00a0Security\u00a0Settings\u00a0
+CPHeadJVMSettings=\u00a0JVM\u00a0Settings\u00a0
+CPHeadPolicy=\u00a0Custom\u00a0Policy\u00a0Settings\u00a0
 # Control Panel - Tabs
 …
 CPTabRuntimes=Runtimes
 CPTabSecurity=Security
+CPTabJVMSettings=JVM Settings
+CPTabPolicy=Policy Settings
 # Control Panel - AboutPanel
 CPAboutInfo=This is the control panel for setting deployments.properties.<br/>Not all options will take effect until implemented.<br/>The use of multiple JREs is currently unsupported.<br/>
+CPAboutInfo=This is the control panel for setting deployments.properties.<br/>Not all options will take effect until implemented.<br/>The use of multiple JREs is currently limited to OpenJDK.<br/>
 # Control Panel - AdvancedProxySettings
 …
 # Control Panel - DebugginPanel
+DPEnableTracing=Enable tracing
+DPEnableLogging=Enable logging
+CPDebuggingPossibilites=Logging outputs
+DPEnableLogging=Enable debugging
+DPEnableLoggingHint=When this switch is on,  then also debug messages are logged. Same as -verbose or ICEDTEAPLUGIN_DEBUG=true
+DPEnableHeaders=Enable headers
+DPEnableHeadersHint=When this switch is on, each logged message have header with additional information like user, place in code  and time
+DPEnableFile=Enable logging to file
+CPFilesLogsDestDir=File logs directory
+CPFilesLogsDestDirResert=Reset to default
+DPEnableFileHint=output messages will be saved to file in your {0}  directory
+DPEnableStds=Enable logging to standard outputs
+DPEnableStdsHint=messages will be printed to standard outputs
+DPEnableSyslog=Enable logging to system logs
+DPEnableSyslogHint=output messages will be saved to system logs
 DPDisable=Disable
 DPHide=Hide on startup
 DPShow=Show on startup
+DPShowPluginOnly=Show on plugin startup
+DPShowJavawsOnly=Show on javaws startup
 DPJavaConsole=Java Console
+DPJavaConsoleDisabledHint=Java console is disabled. Use itweb-settings to configure it out of disabled to any show or hide value.
+# PolicyEditor
+PEUsage=policyeditor [-file policyfile]
+PEHelpFlag=Print this message and exit
+PEFileFlag=Specify a policyfile path to open
+PECodebaseFlag=Specify (a) codebase URL(s) to add and/or focus in the editor
+PETitle=Policy Editor
+PEReadProps=Read system properties
+PEReadPropsDetail=Allow applets to read system properties such as your username and home directory location
+PEWriteProps=Write system properties
+PEWritePropsDetail=Allow applets to (over)write system properties
+PEReadFiles=Read from local files
+PEReadFilesDetail=Allow applets to read from files in your home directory
+PEWriteFiles=Write to local files
+PEWriteFilesDetail=Allow applets to write to files in your home directory
+PEDeleteFiles=Delete local files
+PEDeleteFilesDetail=Allow applets to delete files in your home directory
+PEReadSystemFiles=Read all system files
+PEReadSystemFilesDetail=Allow applets read-only access to all locations on your computer
+PEWriteSystemFiles=Write all system files
+PEWriteSystemFilesDetail=Allow applets write-only access to all locations on your computer
+PEReadTempFiles=Read from temp files
+PEReadTempFilesDetail=Allow applets to read from your temporary files directory
+PEWriteTempFiles=Write to temp files
+PEWriteTempFilesDetail=Allow applets to write to your temporary files directory
+PEDeleteTempFiles=Delete temp files
+PEDeleteTempFilesDetail=Allow applets to delete files in your temporary files directory
+PEAWTPermission=Window System Access
+PEAWTPermissionDetail=Allow applets all AWT windowing system access
+PEClipboard=Access clipboard
+PEClipboardDetail=Allow applets to read from and write to your clipboard
+PENetwork=Access the network
+PENetworkDetail=Allow applets to establish any network connections
+PEPrint=Print documents
+PEPrintDetail=Allow applets to queue print jobs
+PEPlayAudio=Play sounds
+PEPlayAudioDetail=Allow applets to play sounds, but not record
+PERecordAudio=Record audio
+PERecordAudioDetail=Allow applets to record audio, but not play back
+PEReflection=Java reflection
+PEReflectionDetail=Allow applets to access the Java Reflection API
+PEClassLoader=Get ClassLoader
+PEClassLoaderDetail=Allow applets to access the system classloader (often used with Reflection)
+PEClassInPackage=Access other packages
+PEClassInPackageDetail=Allow applets to access classes from other applet packages (often used with Reflection)
+PEDeclaredMembers=Access private class data
+PEDeclaredMembersDetail=Allow applets to access normally hidden data from other Java classes (often used with Reflection)
+PEAccessThreads=Modify threads
+PEAccessThreadsDetail=Allow applets to start, stop, and otherwise manage threads
+PEAccessThreadGroups=Modify threadgroups
+PEAccessThreadGroupsDetail=Allow applets to start, stop, and otherwise manage thread groups
+PEExec=Execute commands
+PEExecDetail=Allow applets to execute system commands
+PEGetEnv=Get environment variables
+PEGetEnvDetail=Allow applets to read system environment variables
+PECouldNotOpen=Unable to open policy file
+PECouldNotSave=Unable to save policy file
+PEAddCodebase=Add new Codebase
+PERemoveCodebase=Remove
+PECodebasePrompt=Enter a new codebase
+PEGlobalSettings=All Applets
+PESaveChanges=Save changes before exiting?
+PEChangesSaved=Changes saved
+PECheckboxLabel=Permissions
+PECodebaseLabel=Codebases
+PEFileMenu=File
+PEOpenMenuItem=Open...
+PESaveMenuItem=Save
+PESaveAsMenuItem=Save As...
+PEExitMenuItem=Exit
+PEViewMenu=View
+PECustomPermissionsItem=Custom Permissions...
+PEFileModified=File Modification Warning
+PEFileModifiedDetail=The policy file at {0} has been modified since it was opened. Reload and re-edit before saving?
+PEGAccesUnowenedCode = Execute unowned code
+PEGMediaAccess = Media access
+PEGrightClick = right click to fold/unfold
+PEGReadFileSystem = Read to system
+PEGWriteFileSystem = Write to system
+# Policy Editor CustomPolicyViewer
+PECPTitle=Custom Policy Viewer
+PECPListLabel=Other policies for {0}
+PECPAddButton=Add
+PECPRemoveButton=Remove
+PECPCloseButton=Close
+PECPType=type
+PECPTarget=target
+PECPActions=actions
+PECPPrompt=Enter a custom permission. Do not include \"permission\" or punctuation marks.
+# PolicyEditor key mnemonics. See KeyEvent.VK_*
+# N
+PEAddCodebaseMnemonic=78
+# R
+PERemoveCodebaseMnemonic=82
+# A
+PEOkButtonMnemonic=65
+# C
+PECancelButtonMnemonic=67
+# F
+PEFileMenuMnemonic=70
+# I
+PEViewMenuMnemonic=73
+# O
+PEOpenMenuItemMnemonic=79
+# S
+PESaveMenuItemMnemonic=83
+# A
+PESaveAsMenuItemMnemonic=65
+# X
+PEExitMenuItemMnemonic=88
+# U
+PECustomPermissionsItemMnemonic=85
+#conole itself labels
+CONSOLErungc = Run GC
+CONSOLErunFinalizers = Run Finalizers
+CONSOLErunningFinalizers = Running finalization....
+CONSOLEmemoryInfo = Memory Info
+CONSOLEsystemProperties = System Properties
+CONSOLEclassLoaders = Available Classloaders
+CONSOLEthreadList = Thread List
+CONSOLEthread = Thread
+CONSOLEnoClassLoaders = No Classloader info exists in system
+CONSOLEmemoryMax = Max Memory
+CONSOLEmemoryTotal = Total Memory
+CONSOLEmemoryFree = Free Memory
+CONSOLEClean=Clear
+# console output pane labels
+COPsortCopyAllDate=sort copy all by date
+COPshowHeaders=Show headers:
+COPuser=user
+COPorigin=origin
+COPlevel=level
+COPdate=date
+COPthread1=thread 1
+COPthread2=thread 2
+COPShowMessages=Show messages
+COPstdOut=std. Out
+COPstdErr=std. Err
+COPjava=java
+COPplugin=plugin
+COPpreInit=pre-init
+COPpluginOnly=plugin only
+COPSortBy=Sort by
+COPregex=Regular expression filter
+COPAsArrived=As arrived (no sort)
+COPcode=code
+COPmessage=message
+COPSearch=Search
+COPautoRefresh=auto refresh
+COPrefresh=refresh
+COPApply=Apply
+COPmark=mark
+COPCopyAllPlain=Copy all (plain)
+COPCopyAllRich=Copy all (rich)
+COPnext=next>>>
+COPprevious=<<<previous
+COPcaseSensitive=case sensitive
+COPincomplete=incomplete
+COPhighlight=highlight
+COPwordWrap=word wrap
+COPdebug=debug
+COPinfo=info
+COPpostInit=post-init
+COPcomplete=complete
+COPmatch=match
+COPnot=not
+COPrevert=revert
+COPitw=IcedTea-Web
+COPclientApp=Client app.
 # Control Panel - DesktopShortcutPanel
 …
 # Control Panel - SecurityGeneralPanel
 SGPAllowUserGrantSigned=Allow users to grant permissions to signed content
 SGPAllowUserGrantUntrust=Allow users to grant permissions to content from an untrusted authority
+SGPAllowUserGrantSigned=Allow users to grant permissions to signed content
+SGPAllowUserGrantUntrust=Allow users to grant permissions to content from an untrusted authority
 SGPUseBrowserKeystore=Use certificates and keys in browser keystore (Unsupported)
 SGPUsePersonalCertOneMatch=Use personal certificate automatically if only one matches server request (Unsupported)
 SGPWarnCertHostMismatch=Warn if site certificate does not match hostname
+SGPWarnCertHostMismatch=Warn if site certificate does not match hostname
 SGPShowValid=Show site certificate even if it is valid (Unsupported)
 SGPShowSandboxWarning=Show sandbox warning banner
 SGPAllowUserAcceptJNLPSecurityRequests=Allow user to accept JNLP security requests
+SGPShowSandboxWarning=Show sandbox warning banner
+SGPAllowUserAcceptJNLPSecurityRequests=Allow user to accept JNLP security requests
 SGPCheckCertRevocationList=Check certificates for revocation using Certificate Revocation Lists (CRLs) (Unsupported)
 SGPEnableOnlineCertValidate=Enable online certificate validation (Unsupported)
 …
 # Control Panel - TemporaryInternetFilesPanel
 TIFPEnableCache=Keep temporary files on my computer
 TIFPLocation=Location
+TIFPLocation=\u00a0Location\u00a0
 TIFPLocationLabel=Select the location where temporary files are kept
 TIFPChange=Change
 TIFPDiskSpace=Disk space
+TIFPDiskSpace=\u00a0Disk\u00a0space\u00a0
 TIFPCompressionLevel=Select the compression level for JAR files
 TIFPNone=None
 TIFPMax=Max
 TIFPCacheSize=Set the amount of disk space for storing temporary files
+TIFPCacheSize=Set the amount of disk space for storing temporary files (MB)
 TIFPDeleteFiles=Delete files
 TIFPViewFiles=View files...
+TIFPFileChooserChooseButton=Choose
 # Control Panel - Cache Viewer
 …
 CVCPButRefresh=Refresh
 CVCPButDelete=Delete
+CVCPCleanCache=Purge
+CVCPCleanCacheTip=Some errors may be caused by old files in your cache. Before submitting the bug, you may clear cache and try to run application again. \\\n You can clear cache by javaws -Xclearcache or via itw-settings Cache -> View files -> Purge
 CVCPColLastModified=Last Modified
 CVCPColSize=Size (Bytes)
 …
 CLGetDescription=Shows the value for property-name
 CLSetDescription=Sets the property-name to value if possible. The value is checked for being valid. If the administrator has locked the property, this will have no effect
 CLResetDescription=Resets the value for property-name to it\'s default value
+CLResetDescription=Resets the value for property-name to it\'s default value.\nall resets all properties recognized by IcedTea-Web to their default value.
 CLInfoDescription=Shows more information about the given property
+CLCheckDescription=Shows any properties that have been defined but are not recognized by IcedTea Web
+CLHelpDescription=The itweb-settings tool allows a user to modify, view and check configuration. \nTo use the GUI, do not pass any arguments. To use the CLI mode, pass in the approrpiate command and parameters. For help with a particular command, try: {0} command help
+CLCheckDescription=Shows any properties that have been defined but are not recognized by IcedTea-Web
+CLHelpDescription=The itweb-settings tool allows a user to modify, view and check configuration.\nTo use the GUI, do not pass any arguments. To use the CLI mode, pass in the approrpiate command and parameters. For help with a particular command, try: {0} command help
+#  splash screen related
+SPLASHerror = Click here for details. An exception has occurred.
+SPLASH_ERROR = ERROR
+SPLASHtitle = Title
+SPLASHvendor = Vendor
+SPLASHhomepage = Homepage
+SPLASHdescription = Description
+SPLASHClose= Close
+SPLASHclosewAndCopyException = Close and copy the stack trace to clipboard
+SPLASHexOccured = An exception has occurred...
+SPLASHHome = Home
+SPLASHcantCopyEx = Can not copy exception
+SPLASHnoExRecorded = No exception recorded
+SPLASHmainL1 = For even more information you can visit {0} and follow the steps described there on how to obtain necessary information to file bug
+SPLASHurl = http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs
+SPLASHurlLooks = http://icedtea.classpath.org/wiki/IcedTea-Web
+SPLASHmainL3 = No further information available, try to launch the browser from the command line and examine the output.
+SPLASHcloseAndCopyShorter = Close and copy to clipboard
+SPLASHmainL4 = The folloing exception has occured. For more information, try to launch the browser from the command line and examine the output.
+SPLASHmainL2 = Additional information may be available in the console or logs. Even more information is available if debugging is enabled.
+SPLASHexWas = Exception was:
+SPLASHcfl = Can't follow link to
+SPLASHvendorsInfo = Information from vendor of your application
+SPLASHanotherInfo = Another available info
+SPLASHdefaultHomepage = Unspecified homepage, verify source rather
+SPLASHerrorInInformation = Error during loading of information element, verify source rather
+SPLASHmissingInformation = Information element is missing, verify source rather
+SPLASHchainWas = This is the list of exceptions that occurred launching your applet. Please note, those exceptions can originate from multiple applets. For a helpful bug report, be sure to run only one applet.
+CBCheckFile = The application is a local file. Codebase validation is disabled. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
+CBCheckNoEntry = This application does not specify a Codebase in its manifest. Please verify with the applet's vendor. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
+CBCheckUnsignedPass = Codebase matches codebase manifest attribute, but application is unsigned. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
+CBCheckUnsignedFail= The application's codebase does NOT match the codebase specified in its manifest, but the application is unsigned. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
+CBCheckOkSignedOk = Codebase matches codebase manifest attribute, and  application is signed. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
+CBCheckSignedAppletDontMatchException = Signed applets are not allowed to run when their actual Codebase does not match the Codebase specified in their manifest. Expected: {0}. Actual: {1}. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
+CBCheckSignedFail = Application Codebase does NOT match the Codebase specified in the application's manifest, and this application is signed. You are strongly discouraged from running this application. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
+APPEXTSECappletSecurityLevelExtraHighId=Disable running of all Java applets
+APPEXTSECappletSecurityLevelVeryHighId=Very High Security
+APPEXTSECappletSecurityLevelHighId=High Security
+APPEXTSECappletSecurityLevelLowId=Low Security
+APPEXTSECappletSecurityLevelExtraHighExplanation=No applet will be run
+APPEXTSECappletSecurityLevelVeryHighExplanation=No unsigned applets will be run
+APPEXTSECappletSecurityLevelHighExplanation=User will be prompted for each unsigned applet
+APPEXTSECappletSecurityLevelLowExplanation=All, even unsigned, applets will be run
+APPEXTSECunsignedAppletActionAlways=Always trust this (matching) applet(s)
+APPEXTSECunsignedAppletActionNever=Never trust this (matching) applet(s)
+APPEXTSECunsignedAppletActionYes=This applet was visited and allowed
+APPEXTSecunsignedAppletActionSandbox=This applet was visited and allowed to run with restricted privileges
+APPEXTSECunsignedAppletActionNo=This applet was visited and denied
+APPEXTSECControlPanelExtendedAppletSecurityTitle=Extended applet security
+APPEXTSECguiTableModelTableColumnAction=Action
+APPEXTSECguiTableModelTableColumnDateOfAction=Date of action
+APPEXTSECguiTableModelTableColumnDocumentBase=Document-base
+APPEXTSECguiTableModelTableColumnCodeBase=Code-base
+APPEXTSECguiTableModelTableColumnArchives=Archives
+APPEXTSECguiPanelAppletInfoHederPart1={0} {1}
+APPEXTSECguiPanelAppletInfoHederPart2={0} from  {1}
+APPEXTSECguiPanelConfirmDeletionOf=Are you sure you want to delete following {0} items
+APPEXTSECguiPanelHelpButton=Help
+APPEXTSECguiPanelSecurityLevel=Security Level
+APPEXTSECguiPanelGlobalBehaviourCaption=Settings of global behavior for applets
+APPEXTSECguiPanelDeleteMenuSelected=selected
+APPEXTSECguiPanelDeleteMenuAllA=all allowed (A)
+APPEXTSECguiPanelDeleteMenuAllN=all forbidden (N)
+APPEXTSECguiPanelDeleteMenuAlly=all approved (y)
+APPEXTSECguiPanelDeleteMenuAlln=all rejected (n)
+APPEXTSECguiPanelDeleteMenuAllAll=absolute all
+APPEXTSECguiPanelDeleteButton=Delete
+APPEXTSECguiPanelDeleteButtonToolTip=You can press delete key during browsing the table. It will act as delete selected
+APPEXTSECguiPanelTestUrlButton=Test url
+APPEXTSECguiPanelAddRowButton=Add new row
+APPEXTSECguiPanelValidateTableButton=Validate table
+APPEXTSECguiPanelAskeforeActionBox=Ask me before action
+APPEXTSECguiPanelShowRegExesBox=Show full regular expressions
+APPEXTSECguiPanelInverSelection=Invert selection
+APPEXTSECguiPanelMoveRowUp=Move row up
+APPEXTSECguiPanelMoveRowDown=Move row down
+APPEXTSECguiPanelCustomDefs=User definitions
+APPEXTSECguiPanelGlobalDefs=System definitions
+APPEXTSECguiPanelDocTest=Type document base URL
+APPEXTSECguiPanelCodeTest=Type code base URL
+APPEXTSECguiPanelNoMatch=Nothing matched
+APPEXTSECguiPanelMatchingNote=Please note, that only first matched result will be considered as result.
+APPEXTSECguiPanelMatched=Matched
+APPEXTSECguiPanelMatchingError=Error during matching: {0}
+APPEXTSECguiPanelCanNotValidate=Can not validate, can not create tmp file - {0}
+APPEXTSECguiPanelEmptyDoc=All document-bases must be full
+APPEXTSECguiPanelEmptyCode=All code-bases must be full
+APPEXTSECguiPanelTableValid=Table looks valid
+APPEXTSECguiPanelTableInvalid=Invalid with following error: {0}
+APPEXTSECguiPanelShowOnlyPermanent=Show only permanent records
+APPEXTSECguiPanelShowOnlyTemporal=Show only previously temporarily decided records
+APPEXTSECguiPanelShowAll=Show all records
+APPEXTSECguiPanelShowOnlyPermanentA=Show only allowed permanent records
+APPEXTSECguiPanelShowOnlyPermanentN=Show only forbidden permanent records
+APPEXTSECguiPanelShowOnlyTemporalY=Show previously allowed applets records
+APPEXTSECguiPanelShowOnlyTemporalN=Show previously denied applets records
+APPEXTSEChelpHomeDialogue=Dialogue
+APPEXTSEChelp=<body> \
+<h1>Help for Extended applet security - itw-settings, files and structures, dialogue</h1> \
+<p> \
+Extended Applet Security refers to security features for unsigned applets. Traditionally, only signed applets required user confirmation and unsigned applets ran automatically. This is represented by the 'low security' setting. Unsigned applets must be allowed or disallowed individually on 'high security' (the default), and additionally do not run at all on 'very high security'. In theory, unsigned applets can safely run automatically. In practice, however, any vulnerability in the Java security sandbox will prevent this from being true. \
+</p> \
+<p> \
+To do so it uses  the <b>Security Level</b> main settings switch rules in the tables of <b>Custom definitions</b> and <b>Global definitions</b><br/> \
+You can read much more about development of (and help us to improve!) this feature at <a href="http://icedtea.classpath.org/wiki/Extended_Applets_Security">dedicated IcedTea-Web page</a> \
+</p> \
+<A name="level"><h2>Security Level</h2></A> \
+<p> \
+Its a main switch for "extended applet security". Its value is commonly stored in usrs_home/.icedtea/deployment.properties, but can be enforced via global settings in /etc/.java/deployment/deployment.properties or JAVA_HOME/lib/deployment.properties under the key <b>deployment.security.level</b><br/> \
+<li/><b>Disable running of all Java applets</b> - stored as <i>DENY_ALL</i> - No applet will be run<br/> \
+<blockquote cite="" > \
+No applet will be allowed to run. However the Java virtual machine will always be executed (and an error screen with reason appear instead of applets). To disable Java completely you can uninstall IcedTea-Web or disable it in your browser (if supported). The tables with records are of course ignored. \
+</blockquote> \
+<li/><b>Very High Security</b> - stored as <i>DENY_UNSIGNED</i> - No unsigned applets will be run<br/> \
+<blockquote cite="" > \
+No applet <b>unsigned</b> will be allowed to run (and an error screen with reason will appear instead of such applets). The tables with records are of course again ignored. \
+</blockquote> \
+<li/><b>High Security</b> - stored as <i>ASK_UNSIGNED</i> - User will be prompted for each unsigned applet<br/> \
+<blockquote cite="" > \
+All <b>unsigned</b> applets will be tested against the tables below if they should be allowed or forbidden to run. If they are not matched in the table then the user is prompted and the decision is stored in <a href="#table">tables</a> below. If the user denies the applet, an error screen with reason appears and the applet does not run. If the user allows applets to run, the user can choose to save this decision and whether to allow just one applet or a whole group of applets (see <a href="#dialogue"><b>Dialogue</b> paragraph </a>below). \
+<br/>This is default behavior. \
+</blockquote> \
+<li/><b>Low Security</b> - stored as <i>ALLOW_UNSIGNED</i> - All, even unsigned, applets will be run<br/> \
+<blockquote cite="" > \
+All applets <b>even unsigned</b> will be allowed to run. User will not be warned and the tables with records are of course again ignored. \
+</blockquote> \
+You need to press <b>ok</b> or <b>apply</b> button to make the changes take effect. \
+</p> \
+ \
+ \
+<h2><A name="table">Table with recorded actions</A></h2> \
+<p> \
+<h4>Custom x Global table</h4> \
+After each action in <b>High Security</b> dialogue the record is added to, or updated in, the table or configuration file. Commonly in users file - home/.icedtea/.appletTrustSettings - "Custom definition" panel.<br/> \
+But superuser can specify default behavior in /etc/.java/deployment/ .appletTrustSettings - "Global definition" panel.<br/> \
+<h4>"Syntax"</h4> \
+<li/><b>Action</b> - Desired behavior when applet is matched<br/> \
+<blockquote cite="" > \
+<li/><b>Always trust this applet</b> - This unsigned applet will always be run in High Security Security Level. It is stored as <i>A</i> in .appletTrustSettings<br/> \
+<li/><b>Never trust this applet</b> - This unsigned applet will never be run in High Security Security Level. It is stored as <i>N</i> in .appletTrustSettings<br/> \
+<li/><b>Visited and allowed</b> - When the user is asked about this applet again, a note that this applet was already trusted in past will be displayed. It is stored as <i>y</i> in .appletTrustSettings<br/> \
+<li/><b>Visited and denied</b> - When user will be asked about this applet again, he will see information that this applet was already denied in past. It is stored as <i>n</i> in .appletTrustSettings<br/> \
+</blockquote> \
+<li/><b>Date</b> - date of last action on this item (read only item)<br/> \
+<li/><b>Document base</b> - is the page from which the applet was requested. It is actually a regular expression to match a specific URL. See about regular expressions and their usage <a href="#regexes">lower</a><br/> \
+<li/><b>Code base</b> - is the URL where an applets code came from. It is actually a regular expression to match a specific URL. See about regular expressions and their usage <a href="#regexes">lower</a><br/> \
+<li/><b>Archives</b> - coma separated list of archives with applet's code. Can be empty if source code are just classes or group of applets is allowed<br/> \
+<br/> \
+When you change a value in the table, its effect is immediate. \
+<h4>Controls of tables</h4> \
+<p> \
+<li/><b>Delete</b> - deletes items as specified in combo box on side<br/> \
+<blockquote cite="" > \
+<li/><b>selected</b> - removes all selected items. Key <b>Del</b> does the same. Default behavior. <b>Multiple selections</b> allowed. Selection can be inverted by button even more on side<br/> \
+<li/><b>all allowed (A)</b> - removes all permanently trusted records<br/> \
+<li/><b>all forbidden (N)</b> - removes all permanently forbidden records<br/> \
+<li/><b>all approved (y)</b> - removes all previously (temporarily) trusted records<br/> \
+<li/><b>all rejected (n)</b> - removes all previously (temporarily) denied records<br/> \
+<li/><b>all</b> - will clear the table<br/> \
+<br/> \
+<b>Ask me before action</b> - switch to ask before each deletion (in bulk) or not to ask. Asking dialogue can be pretty long, so if you do not see the buttons, just press <b>Esc</b> \
+</blockquote> \
+<li/><b>Show full regular expressions</b> - Disable or Enable filtering of quotation marks \Q\E in code/document base columns. About regular expressions see more <a href="#regexes">lower</a><br/> \
+<br/> \
+<li/>Filtering in table(s)<br/> \
+<blockquote cite="" > \
+<li/><b>Show only permanent records</b> - Shows only permanently allowed <b>(A)</b> or denied <b>(N)</b> records. Default behavior<br/> \
+<li/><b>Show only temporarily decided records</b> - Shows only once allowed <b>(y)</b> or denied <b>(n)</b> informative records.<br/> \
+<li/><b>Show only permanently allowed records</b> - Shows only permanently allowed <b>(A)</b> records<br/> \
+<li/><b>Show only permanently denied records</b> - Shows only permanently denied <b>(N)</b> records<br/> \
+<li/><b>Show only temporarily allowed records</b> - Shows only once allowed <b>(y)</b> informative records.<br/> \
+<li/><b>Show only temporarily denied records</b> - Shows only once denied <b>(n)</b> informative records.<br/> \
+</blockquote> \
+</p> \
+<li/><b>Add new row</b> - will add new, exemplary filled, row with current date and empty archives  <br/> \
+<li/><b>Validate table</b> - will test if table can save, load, and if each value is valid:<br/> \
+<blockquote cite="" > \
+<li/><b>Action</b> - is one of A,N,y,n<br/> \
+<li/><b>Date</b> - is valid date<br/> \
+<li/><b>Code base and document base</b> - are valid <a href="#regexes">regular expressions</a> or empty<br/> \
+<li/><b>Archives</b> - coma separated list of archives or empty<br/> \
+</blockquote> \
+<li/><b>Test url</b> - In two dialogues (in two steps) will let you enter document base and codebase, and then try to match them against all records. All matching items are returned! Last values are remembered> \
+<li/><b>Move row down/up</b><br/> \
+<blockquote cite="" > \
+Order of rows is important. First matched result is returned (permanent have priority). So you can prioritize your matches using these buttons. <br/> \
+For example, if you \Qhttp://blogs.com/\E.* regular expression to allow all applets on http://blogs.com, then it must be AFTER your \Qhttp://blogs.com/evilJohn\E.* regular expression forbidding all applets from blog of hacker evilJohn. \
+</blockquote> \
+</p> \
+<p> \
+<h2><A name="dialogue">Dialogue</A></h2> \
+If <a href="#level"><b>High Security</b></a> is set, and a new unsigned applet is hit then the dialogue is shown asking you to allow it or deny it. You can also <b>choose</b> if you want to allow or deny this applet <b>every-time</b> (A or N) you encounter it or for <b>just one run</b> (y,n).<br/> \
+You can also select to trust or deny (again temporarily or permanently)  <b>all</b> the applets from <b>same, exact, codebase</b>. If you are visiting one page, which has various applets on various documents then this is a choice for you.<br/> \
+If you decide not to allow remembering your decision, then just a temporary record is made. If you revisit a page, a small green or red label will inform you about your last decision.<br/> \
+Once you select <b>remember</b> your decision, the dialog will <b>never appear again</b>.  But you can <b>edit</b> your decision in <b>itw-settings application <a href="#table">table</a></b> (packed with IcedTea-Web). If you change your decision to temporary one (n,y)  or delete its row, the dialogue will appear again. Of course you can switch also from Always to Never or vice versa. \
+<br/> \
+The dialogue always mentions the page on which an applet is displayed, and the URL from which it comes.  There is also a hint, if you have ever visited this applet saying if you have allowed or rejected it in the past <br/> \
+<blockquote cite="" > \
+<h3>Controls</h3> \
+<blockquote cite="" > \
+<li/><b>Remember this option</b> - If set, then dialogue will never be shown for this applet or page again. \
+<blockquote cite="" > \
+<li/><b>For applet</b> - Exact applet will be allowed or denied \
+<li/><b>For site</b> - All applets from this place will be allowed or denied  \
+</blockquote> \
+<li/><b>Proceed</b> - Applets, as selected above will be allowed \
+<li/><b>Cancel</b> - Applets, as selected above will be forbidden \
+</blockquote> \
+Be aware to "proceed" + "Remember this option" + "For site" on pages you do not know! It can make you vulnerable! \
+</blockquote> \
+</p> \
+<p> \
+<h2><A name="regexes">Regular expressions</A></h2> \
+IcedTea-Web extended applet security - uses a powerful matching engine to match exact (sets of) applets. Base stone is <b>Quotation</b> of URL \Q\E and <b>wildchars</b> llike .* or .? or more.<br/> \
+This was designed to suits the need to block or allow exact pages. The best is to show some examples:<br/> \
+N 12.12.2012 .* \Qhttp://blogs.com/evilJohn\E.* <br/> \
+N 12.12.2012 \Qhttp://blogs.com/goodJohn/evilApplet.html\E.* \Qhttp://blogs.com/goodJohn/\E goodJohnsArchive.jar <br/> \
+A 12.12.2012 \Qhttp://blogs.com/\E.* \Qhttp://blogs.com/\E.* <br/> \
+N 12.12.2012 .* \Qhttp://adds.com\E.* <br/> \
+Y 12.12.2012 .* \Qhttp://www.walter-fendt.de/ph14_jar/\E <br/> \
+<br/> \
+<i>So this table, created 12.12.2012:<br/></i> \
+<li/>Forbid all stuff which have some code on http://blogs.com/evilJohn pages<br/> \
+<li/>Forbidding also one exact applet from http://blogs.com/goodJohn/ with archive goodJohnsArchive.jar<br/> \
+<li/>Allowing all (other) applets from http://blogs.com/ but only when displayed also on http://blogs.com/<br/> \
+<li/>Forbidding all applets with code saved on  http://adds.com (except on http://blogs.com/ - to have forbidden http://adds.com also on http://blogs.com/, this (http://adds.com) record must be above blogs record)<br/> \
+<li/>And finally allowing all nice physical applets on  walter-fendt's pages <br/> \
+<br/> \
+Note - the date saved in .appletTrustSettings has a not so nice format, but I left this for now...<br/> \
+<br/> \
+All information about full regular expression syntax can be found on <a href="http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html">http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html</a> \
+</p> \
+<h2>Conclusion</h2> \
+<p> \
+Stay tuned to our homepage at <a href="http://icedtea.classpath.org/wiki/IcedTea-Web">http://icedtea.classpath.org/wiki/IcedTea-Web</a>!<br/> \
+If you encounter any bug, feel free to file it in our <a href="http://icedtea.classpath.org/bugzilla/">bugzilla</a> ... According to <a href="http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs">http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs</a><br/> \
+<br/> \
+Safe browsing from your IcedTea-Web team... \
+</p> \
+</body> \

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/AppletAudioClip.java

-              r348
+              r429
 import java.applet.*;
 import javax.sound.sampled.*;
+import net.sourceforge.jnlp.util.logging.OutputController;
 // based on Deane Richan's AppletAudioClip
 …
             clip.open(stream);
         } catch (Exception ex) {
+            System.err.println("Error loading sound:" + location.toString());
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Error loading sound:" + location.toString());
+            OutputController.getLogger().log(ex);
             clip = null;
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/AppletEnvironment.java

-              r418
+              r429
 package net.sourceforge.jnlp.runtime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import java.applet.*;
 import java.awt.*;
 …
 import net.sourceforge.jnlp.*;
+import net.sourceforge.jnlp.splashscreen.SplashController;
 import net.sourceforge.jnlp.util.*;
 …
         // that do not have app code on the stack
         WindowListener closer = new WindowAdapter() {
+            @Override
             public void windowClosing(WindowEvent event) {
                 appletInstance.destroy();
                 System.exit(0);
+                JNLPRuntime.exit(0);
+            }
         };
 …
      */
     private void checkDestroyed() {
         if (destroyed)
+        if (destroyed) {
             throw new IllegalStateException("Illegal applet stub/context access: applet destroyed.");
+        }
+    }
 …
+    }
+     /**
+     * container must be SplashContoler
+     *
+     */
+    public SplashController getSplashControler() {
+        return (SplashController)cont;
+    }
     /**
      * Initialize, start, and show the applet.
 …
         checkDestroyed();
         if (appletStarted)
+        if (appletStarted) {
             return;
+        }
         appletStarted = true;
 …
             AppletDesc appletDesc = file.getApplet();
             if (cont instanceof AppletStub)
+            if (cont instanceof AppletStub) {
                 applet.setStub((AppletStub) cont);
+            else
+            }
+            else {
                 applet.setStub(this);
+            }
             cont.setLayout(new BorderLayout());
 …
             try {
                 SwingUtilities.invokeAndWait(new Runnable() {
+                    @Override
                     public void run() {
                         // do first because some applets need to be displayed before
 …
+            }
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
             // should also kill the applet?
 …
      * otherwise return null.
      */
+    @Override
     public Applet getApplet(String name) {
         checkDestroyed();
         if (name != null && name.equals(file.getApplet().getName()))
+        if (name != null && name.equals(file.getApplet().getName())) {
             return applet;
         else
+        } else {
             return null;
+        }
+    }
 …
     public void setApplet(Applet applet) {
         if (this.applet != null) {
+            if (JNLPRuntime.isDebug()) {
+                Exception ex = new IllegalStateException("Applet can only be set once.");
+                ex.printStackTrace();
+            }
+            OutputController.getLogger().log(new IllegalStateException("Applet can only be set once."));
             return;
+        }
 …
      * from the JNLP file.
      */
+    @Override
     public Enumeration<Applet> getApplets() {
         checkDestroyed();
 …
      * Returns an audio clip.
      */
+    @Override
     public AudioClip getAudioClip(URL location) {
         checkDestroyed();
 …
      * Return an image loaded from the specified location.
      */
+    @Override
     public Image getImage(URL location) {
         checkDestroyed();
 …
      * Not implemented yet.
      */
+    @Override
     public void showDocument(java.net.URL uRL) {
         checkDestroyed();
 …
      * Not implemented yet.
      */
+    @Override
     public void showDocument(java.net.URL uRL, java.lang.String str) {
         checkDestroyed();
 …
      * Not implemented yet.
      */
+    @Override
     public void showStatus(java.lang.String str) {
         checkDestroyed();
 …
      * Required for JRE1.4, but not implemented yet.
      */
+    @Override
     public void setStream(String key, InputStream stream) {
         checkDestroyed();
 …
      * Required for JRE1.4, but not implemented yet.
      */
+    @Override
     public InputStream getStream(String key) {
         checkDestroyed();
 …
      * Required for JRE1.4, but not implemented yet.
      */
+    @Override
     public Iterator<String> getStreamKeys() {
         checkDestroyed();
 …
     // stub methods
+    @Override
     public void appletResize(int width, int height) {
         checkDestroyed();
 …
+    }
+    @Override
     public AppletContext getAppletContext() {
         checkDestroyed();
 …
+    }
+    @Override
     public URL getCodeBase() {
         checkDestroyed();
 …
+    }
+    @Override
     public URL getDocumentBase() {
         checkDestroyed();
 …
     // FIXME: Sun's applet code forces all parameters to lower case.
     // Does Netx's JNLP code do the same, so we can remove the first lookup?
+    @Override
     public String getParameter(String name) {
         checkDestroyed();
         String s = (String) parameters.get(name);
         if (s != null)
+        String s = parameters.get(name);
+        if (s != null) {
             return s;
+        return (String) parameters.get(name.toLowerCase());
+    }
+        }
+        return  parameters.get(name.toLowerCase());
+    }
+    @Override
     public boolean isActive() {
         checkDestroyed();

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/AppletInstance.java

-              r418
+              r429
 import net.sourceforge.jnlp.*;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
     public void setApplet(Applet applet) {
         if (this.applet != null) {
+            if (JNLPRuntime.isDebug()) {
+                Exception ex = new IllegalStateException("Applet can only be set once.");
+                ex.printStackTrace();
+            }
+                OutputController.getLogger().log(new IllegalStateException("Applet can only be set once."));
             return;
+        }
 …
             applet.destroy();
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java

-              r418
+              r429
 import java.awt.Window;
+import java.io.File;
 import java.net.URL;
 import java.security.AccessControlContext;
 …
 import net.sourceforge.jnlp.security.SecurityDialogs;
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import net.sourceforge.jnlp.util.WeakList;
 import net.sourceforge.jnlp.util.XDesktopEntry;
 …
 /**
  * Represents a running instance of an application described in a
  * JNLPFile.  This class provides a way to track the application's
  * resources and destroy the application.<p>
+ * JNLPFile. This class provides a way to track the application's
+ * resources and destroy the application.
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
     /**
+     * <p>
      * Every application/applet gets its own AppContext. This allows us to do
      * things like have two different look and feels for two different applets
      * (running in the same VM), allows untrusted programs to manipulate the
+     * event queue (safely) and (possibly) more.<p>
+     *
+     * event queue (safely) and (possibly) more.
+     * </p>
+     * <p>
      * It is set to the AppContext which created this ApplicationInstance
+     * </p>
      */
     private AppContext appContext;
 …
         XDesktopEntry entry = new XDesktopEntry(file);
         ShortcutDesc sd = file.getInformation().getShortcut();
+        File possibleDesktopFile = entry.getLinuxDesktopIconFile();
+        if (possibleDesktopFile.exists()) {
+            OutputController.getLogger().log("ApplicationInstance.addMenuAndDesktopEntries(): file - "
+                    + possibleDesktopFile.getAbsolutePath() + " already exists. Not proceeding with desktop additions");
+            return;
+        }
         if (shouldCreateShortcut(sd)) {
             entry.createDesktopShortcut();
 …
              * Sun's WebStart implementation doesnt seem to do anything under GNOME
              */
+            if (JNLPRuntime.isDebug()) {
+                System.err.println("ApplicationInstance.addMenuAndDesktopEntries():"
+                        + " Adding menu entries NOT IMPLEMENTED");
+            }
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "ApplicationInstance.addMenuAndDesktopEntries():"
+                    + " Adding menu entries NOT IMPLEMENTED");
+        }
 …
      */
     private boolean shouldCreateShortcut(ShortcutDesc sd) {
+        if (JNLPRuntime.isTrustAll()) {
+            return (sd != null && sd.onDesktop());
+        }
         String currentSetting = JNLPRuntime.getConfiguration()
                 .getProperty(DeploymentConfiguration.KEY_CREATE_DESKTOP_SHORTCUT);
 …
      * also collectable so basically is almost never called (an
      * application would have to close its windows and exit its
      * threads but not call System.exit).
+     * threads but not call JNLPRuntime.exit).
      */
     public void finalize() {
 …
             int nthreads = group.enumerate(threads);
             for (int i = 0; i < nthreads; i++) {
+                if (JNLPRuntime.isDebug())
+                    System.out.println("Interrupt thread: " + threads[i]);
+                OutputController.getLogger().log("Interrupt thread: " + threads[i]);
                 threads[i].interrupt();
+            }
             // then stop
             Thread.currentThread().yield();
+            Thread.yield();
             nthreads = group.enumerate(threads);
             for (int i = 0; i < nthreads; i++) {
+                if (JNLPRuntime.isDebug())
+                    System.out.println("Stop thread: " + threads[i]);
+                OutputController.getLogger().log("Stop thread: " + threads[i]);
                 threads[i].stop();
+            }

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/Boot.java

-              r418
+              r429
 import java.util.Map;
+import javax.swing.UIManager;
 import net.sourceforge.jnlp.LaunchException;
 import net.sourceforge.jnlp.Launcher;
 import net.sourceforge.jnlp.ParserSettings;
+import net.sourceforge.jnlp.about.AboutDialog;
 import net.sourceforge.jnlp.cache.CacheUtil;
 import net.sourceforge.jnlp.cache.UpdatePolicy;
+import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.security.viewer.CertificateViewer;
 import net.sourceforge.jnlp.services.ServiceUtil;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import sun.awt.AppContext;
+import sun.awt.SunToolkit;
 /**
  * This is the main entry point for the JNLP client.  The main
+ * This is the main entry point for the JNLP client. The main
  * method parses the command line parameters and loads a JNLP
  * file into the secure runtime environment.  This class is meant
+ * file into the secure runtime environment. This class is meant
  * to be called from the command line or file association; to
  * initialize the netx engine from other code invoke the
  * <code>JNLPRuntime.initialize</code> method after configuring
+ * {@link JNLPRuntime#initialize} method after configuring
  * the runtime.
+ *
 …
     // should inherit the same options as this instance (store argv?)
+    private static final String name = Boot.class.getPackage().getImplementationTitle();
+    private static final String version = Boot.class.getPackage().getImplementationVersion();
+    /** the text to display before launching the about link */
+    private static final String aboutMessage = ""
+            + name + " " + version
+            + "\n"
+            + R("BLaunchAbout");
+    public static final String name = Boot.class.getPackage().getImplementationTitle();
+    public static final String version = Boot.class.getPackage().getImplementationVersion();
+    private static final String nameAndVersion = name + " " + version;
     private static final String miniLicense = "\n"
 …
             + "\n";
+    private static final String itwInfoMessage = ""
+            + nameAndVersion
+            + "\n\n*  "
+            + R("BAboutITW")
+            + "\n*  "
+            + R("BFileInfoAuthors")
+            + "\n*  "
+            + R("BFileInfoNews")
+            + "\n*  "
+            + R("BFileInfoCopying");
     private static final String helpMessage = "\n"
             + "Usage:   " + R("BOUsage") + "\n"
 …
             + "\n"
             + "run-options:" + "\n"
+            + "  -version              " + R("BOVersion") + "\n"
             + "  -arg arg              " + R("BOArg") + "\n"
             + "  -param name=value     " + R("BOParam") + "\n"
 …
             + "  -headless             " + R("BOHeadless") + "\n"
             + "  -strict               " + R("BOStrict") + "\n"
+            + "  -xml                  " + R("BOXml") + "\n"
+            + "  -allowredirect        " + R("BOredirect") + "\n"
             + "  -Xnofork              " + R("BXnofork") + "\n"
             + "  -Xclearcache          " + R("BXclearcache") + "\n"
+            + "  -Xignoreheaders       " + R("BXignoreheaders") + "\n"
             + "  -help                 " + R("BOHelp") + "\n";
 …
         args = argsIn;
+        if (AppContext.getAppContext() == null) {
+            SunToolkit.createNewAppContext();
+        }
+        if (null != getOption("-headless")) {
+            JNLPRuntime.setHeadless(true);
+        }
+        DeploymentConfiguration.move14AndOlderFilesTo15StructureCatched();
         if (null != getOption("-viewer")) {
             try {
                 CertificateViewer.main(null);
                 System.exit(0);
+                JNLPRuntime.exit(0);
             } catch (Exception e) {
+                // TODO Auto-generated catch block
+                e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
+        }
+        if (null != getOption("-version")) {
+            OutputController.getLogger().printOutLn(nameAndVersion);
+            JNLPRuntime.exit(0);
+        }
         if (null != getOption("-license")) {
             System.out.println(miniLicense);
             System.exit(0);
+            OutputController.getLogger().printOutLn(miniLicense);
+            JNLPRuntime.exit(0);
+        }
         if (null != getOption("-help")) {
+            System.out.println(helpMessage);
+            System.exit(0);
+        }
+        if (null != getOption("-about"))
+            System.out.println(aboutMessage);
+            OutputController.getLogger().printOutLn(helpMessage);
+            JNLPRuntime.exit(0);
+        }
+        if (null != getOption("-about")) {
+                OutputController.getLogger().printOutLn(itwInfoMessage);
+            if (null != getOption("-headless")) {
+                JNLPRuntime.exit(0);
+            } else {
+                try {
+                    UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+                } catch (Exception e) {
+                    OutputController.getLogger().log("Unable to set system look and feel");
+                }
+                OutputController.getLogger().printOutLn(R("BLaunchAbout"));
+                AboutDialog.display();
+                return;
+            }
+        }
         if (null != getOption("-verbose"))
 …
+        }
-        if (null != getOption("-headless"))
-            JNLPRuntime.setHeadless(true);
         if (null != getOption("-noupdate"))
             JNLPRuntime.setDefaultUpdatePolicy(UpdatePolicy.NEVER);
 …
             JNLPRuntime.setTrustAll(true);
+        }
+        if (null != getOption("-Xtrustnone")) {
+            JNLPRuntime.setTrustNone(true);
+        }
+        if (null != getOption("-Xignoreheaders")) {
+            JNLPRuntime.setIgnoreHeaders(true);
+        }
+        if (null != getOption("-allowredirect")) {
+            JNLPRuntime.setAllowRedirect(true);
+        }
         JNLPRuntime.setInitialArgments(Arrays.asList(argsIn));
-        // do in a privileged action to clear the security context of
-        // the Boot13 class, which doesn't have any privileges in
-        // JRE1.3; JRE1.4 works without Boot13 or this PrivilegedAction.
         AccessController.doPrivileged(new Boot());
 …
         extra.put("properties", getOptions("-property"));
+        boolean strict = (null != getOption("-strict"));
+        ParserSettings settings = new ParserSettings(strict);
+        ParserSettings settings = ParserSettings.setGlobalParserSettingsFromArgs(args);
         try {
 …
             launcher.setParserSettings(settings);
             launcher.setInformationToMerge(extra);
             launcher.launch(getFileLocation(), true);
+            launcher.launch(getFileLocation());
         } catch (LaunchException ex) {
             // default handler prints this
         } catch (Exception ex) {
+            if (JNLPRuntime.isDebug())
+                ex.printStackTrace();
+            OutputController.getLogger().log(ex);
             fatalError(R("RUnexpected", ex.toString(), ex.getStackTrace()[0]));
+        }
 …
     private static void fatalError(String message) {
+        System.err.println("netx: " + message);
+        System.exit(1);
+    }
+    /**
+     * Returns the location of the about.jnlp file or null if this file
+     * does not exist.
+     */
+    private static String getAboutFile() {
+        ClassLoader cl = Boot.class.getClassLoader();
+        if (cl == null) {
+            cl = ClassLoader.getSystemClassLoader();
+        }
+        try {
+                    //extracts full path to about.jnlp
+            String s = cl.getResource("net/sourceforge/jnlp/runtime/Boot.class").toString();
+            s=s.substring(0,s.indexOf("!"));
+            s=s.substring(s.indexOf(":")+1);
+            s=s.substring(s.indexOf(":")+1);
+            s="file://"+s.replace("netx.jar","about.jnlp");
+            if (JNLPRuntime.isDebug()){
+                System.out.println("Using " + s + " as about.jnlp URL");
+            }
+            return s;
+         } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "netx: " + message);
+        JNLPRuntime.exit(1);
+    }
 …
         String location = getJNLPFile();
-        // override -jnlp with aboutFile
-        if (getOption("-about") != null) {
-            location = getAboutFile();
-            if (location == null)
-                fatalError(R("RNoAboutJnlp"));
-        } else {
-            location = getJNLPFile();
+        }
         if (location == null) {
+            System.out.println(helpMessage);
+            System.exit(1);
+        }
+        if (JNLPRuntime.isDebug())
+            System.out.println(R("BFileLoc") + ": " + location);
+            OutputController.getLogger().printOutLn(helpMessage);
+            JNLPRuntime.exit(1);
+        }
+        OutputController.getLogger().log(R("BFileLoc") + ": " + location);
         URL url = null;
 …
                 url = new URL(ServiceUtil.getBasicService().getCodeBase(), location);
         } catch (Exception e) {
+            OutputController.getLogger().log(e);
             fatalError("Invalid jnlp file " + location);
-            if (JNLPRuntime.isDebug())
-                e.printStackTrace();
+        }
 …
         if (args.length == 0) {
             System.out.println(helpMessage);
             System.exit(0);
+            OutputController.getLogger().printOutLn(helpMessage);
+            JNLPRuntime.exit(0);
         } else if (args.length == 1) {
             return args[args.length - 1];
 …
                 return lastArg;
             } else {
                 System.out.println(helpMessage);
                 System.exit(0);
+                OutputController.getLogger().printOutLn(helpMessage);
+                JNLPRuntime.exit(0);
+            }
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/CachedJarFileCallback.java

-              r418
+              r429
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.jar.JarFile;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import net.sourceforge.jnlp.util.JarFile;
 import net.sourceforge.jnlp.util.UrlUtils;
 …
     @Override
     public JarFile retrieve(URL url) throws IOException {
+    public java.util.jar.JarFile retrieve(URL url) throws IOException {
         URL localUrl = mapping.get(url);
 …
                 returnFile.getManifest().getMainAttributes().putValue("Class-Path", "");
+                if (JNLPRuntime.isDebug()) {
+                    System.err.println("Class-Path attribute cleared for " + returnFile.getName());
+                }
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Class-Path attribute cleared for " + returnFile.getName());
             } catch (NullPointerException npe) {
 …
      * This method is a copy of URLJarFile.retrieve() without the callback check.
      */
     private JarFile cacheJarFile(URL url) throws IOException {
         JarFile result = null;
+    private  java.util.jar.JarFile cacheJarFile(URL url) throws IOException {
+        java.util.jar.JarFile result = null;
         final int BUF_SIZE = 2048;
 …
         try {
             result =
                     AccessController.doPrivileged(new PrivilegedExceptionAction<JarFile>() {
+                    AccessController.doPrivileged(new PrivilegedExceptionAction<java.util.jar.JarFile>() {
                         @Override
                         public JarFile run() throws IOException {
+                        public java.util.jar.JarFile run() throws IOException {
                             OutputStream out = null;
                             File tmpFile = null;

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/FakePacEvaluator.java

-              r348
+              r429
 import static net.sourceforge.jnlp.runtime.Translator.R;
 import java.net.URL;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
     @Override
     public String getProxies(URL url) {
+        if (JNLPRuntime.isDebug()) {
+            System.err.println(R("RPRoxyPacNotSupported"));
+        }
+        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RPRoxyPacNotSupported"));
         return "DIRECT";
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java

-              r418
+              r429
 import static net.sourceforge.jnlp.runtime.Translator.R;
-import java.io.Closeable;
 import java.io.File;
 import java.io.FileOutputStream;
 …
 import java.util.Vector;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.locks.ReentrantLock;
+import java.util.jar.Attributes;
 import java.util.jar.JarEntry;
-import java.util.jar.JarFile;
 import java.util.jar.Manifest;
 import net.sourceforge.jnlp.AppletDesc;
 import net.sourceforge.jnlp.ApplicationDesc;
-import net.sourceforge.jnlp.DownloadOptions;
 import net.sourceforge.jnlp.ExtensionDesc;
 import net.sourceforge.jnlp.JARDesc;
 …
 import net.sourceforge.jnlp.LaunchDesc;
 import net.sourceforge.jnlp.LaunchException;
+import net.sourceforge.jnlp.NullJnlpFileException;
 import net.sourceforge.jnlp.ParseException;
+import net.sourceforge.jnlp.ParserSettings;
 import net.sourceforge.jnlp.PluginBridge;
 import net.sourceforge.jnlp.ResourcesDesc;
 …
 import net.sourceforge.jnlp.cache.CacheUtil;
 import net.sourceforge.jnlp.cache.IllegalResourceDescriptorException;
+import net.sourceforge.jnlp.cache.NativeLibraryStorage;
 import net.sourceforge.jnlp.cache.ResourceTracker;
 import net.sourceforge.jnlp.cache.UpdatePolicy;
+import net.sourceforge.jnlp.security.SecurityDialogs;
+import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
+import net.sourceforge.jnlp.security.AppVerifier;
+import net.sourceforge.jnlp.security.JNLPAppVerifier;
+import net.sourceforge.jnlp.security.PluginAppVerifier;
+import net.sourceforge.jnlp.security.appletextendedsecurity.UnsignedAppletTrustConfirmation;
 import net.sourceforge.jnlp.tools.JarCertVerifier;
+import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.JarFile;
+import net.sourceforge.jnlp.util.StreamUtils;
+import net.sourceforge.jnlp.util.UrlUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import sun.misc.JarIndex;
 /**
  * Classloader that takes it's resources from a JNLP file.  If the
+ * Classloader that takes it's resources from a JNLP file. If the
  * JNLP file defines extensions, separate classloaders for these
  * will be created automatically.  Classes are loaded with the
+ * will be created automatically. Classes are loaded with the
  * security context when the classloader was created.
+ *
 …
     final public static String TEMPLATE = "JNLP-INF/APPLICATION_TEMPLATE.JNLP";
     final public static String APPLICATION = "JNLP-INF/APPLICATION.JNLP";
+    /** Actions to specify how cache is to be managed **/
+    public static enum DownloadAction {
+        DOWNLOAD_TO_CACHE, REMOVE_FROM_CACHE, CHECK_CACHE
+    }
+    public static enum SigningState {
+        FULL, PARTIAL, NONE
+    }
     /** True if the application has a signed JNLP File */
     private boolean isSignedJNLP = false;
     /** map from JNLPFile url to shared classloader */
     private static Map<String, JNLPClassLoader> urlToLoader =
+            new HashMap<String, JNLPClassLoader>(); // never garbage collected!
     /** the directory for native code */
     private File nativeDir = null; // if set, some native code exists
     /** a list of directories that contain native libraries */
     private List<File> nativeDirectories = Collections.synchronizedList(new LinkedList<File>());
+    /** map from JNLPFile unique key to shared classloader */
+    private static Map<String, JNLPClassLoader> uniqueKeyToLoader = new ConcurrentHashMap<String, JNLPClassLoader>();
+    /** map from JNLPFile unique key to lock, the lock is needed to enforce correct
+     * initialization of applets that share a unique key*/
+    private static Map<String, ReentrantLock> uniqueKeyToLock = new HashMap<String, ReentrantLock>();
+    /** Provides a search path & temporary storage for native code */
+    private NativeLibraryStorage nativeLibraryStorage;
     /** security context */
 …
     private ArrayList<Permission> runtimePermissions = new ArrayList<Permission>();
+    /** all jars not yet part of classloader or active */
+    private List<JARDesc> available = new ArrayList<JARDesc>();
+    /** all of the jar files that were verified */
+    private ArrayList<String> verifiedJars = null;
+    /** all of the jar files that were not verified */
+    private ArrayList<String> unverifiedJars = null;
+    /** all jars not yet part of classloader or active
+     * Synchronized since this field may become shared data between multiple classloading threads.
+     * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String).
+     */
+    private List<JARDesc> available = Collections.synchronizedList(new ArrayList<JARDesc>());
     /** the jar cert verifier tool to verify our jars */
+    private JarCertVerifier jcv = null;
+    private boolean signing = false;
+    /** ArrayList containing jar indexes for various jars available to this classloader */
+    private ArrayList<JarIndex> jarIndexes = new ArrayList<JarIndex>();
+    /** Set of classpath strings declared in the manifest.mf files */
+    private Set<String> classpaths = new HashSet<String>();
+    /** File entries in the jar files available to this classloader */
+    private TreeSet<String> jarEntries = new TreeSet<String>();
+    /** Map of specific original (remote) CodeSource Urls  to securitydesc */
+    private HashMap<URL, SecurityDesc> jarLocationSecurityMap =
+            new HashMap<URL, SecurityDesc>();
+    private final JarCertVerifier jcv;
+    private SigningState signing = SigningState.NONE;
+    /** ArrayList containing jar indexes for various jars available to this classloader
+     * Synchronized since this field may become shared data between multiple classloading threads/
+     * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String).
+     */
+    private List<JarIndex> jarIndexes = Collections.synchronizedList(new ArrayList<JarIndex>());
+    /** Set of classpath strings declared in the manifest.mf files
+     * Synchronized since this field may become shared data between multiple classloading threads.
+     * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String).
+     */
+    private Set<String> classpaths = Collections.synchronizedSet(new HashSet<String>());
+    /** File entries in the jar files available to this classloader
+     * Synchronized sinc this field may become shared data between multiple classloading threads.
+     * See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String).
+     */
+    private Set<String> jarEntries = Collections.synchronizedSet(new TreeSet<String>());
+    /** Map of specific original (remote) CodeSource Urls  to securitydesc
+     *  Synchronized since this field may become shared data between multiple classloading threads.
+     *  See loadClass(String) and CodebaseClassLoader.findClassNonRecursive(String).
+     */
+    private Map<URL, SecurityDesc> jarLocationSecurityMap =
+            Collections.synchronizedMap(new HashMap<URL, SecurityDesc>());
     /*Set to prevent once tried-to-get resources to be tried again*/
 …
     /** Name of the application's main class */
     private String mainClass = null;
     /**
      * Variable to track how many times this loader is in use
      */
     private int useCount = 0;
+    private boolean enableCodeBase = false;
+    private final SecurityDelegate securityDelegate;
     /**
 …
      */
     protected JNLPClassLoader(JNLPFile file, UpdatePolicy policy) throws LaunchException {
         this(file,policy,null);
+        this(file, policy, null, false);
+    }
 …
+     *
      * @param file the JNLP file
+     * @param name of the application's main class
+     */
+    protected JNLPClassLoader(JNLPFile file, UpdatePolicy policy, String mainName) throws LaunchException {
+     * @param policy the UpdatePolicy for this class loader
+     * @param mainName name of the application's main class
+     */
+    protected JNLPClassLoader(JNLPFile file, UpdatePolicy policy, String mainName, boolean enableCodeBase) throws LaunchException {
         super(new URL[0], JNLPClassLoader.class.getClassLoader());
+        if (JNLPRuntime.isDebug())
+            System.out.println("New classloader: " + file.getFileLocation());
+        OutputController.getLogger().log("New classloader: " + file.getFileLocation());
         this.file = file;
 …
         this.resources = file.getResources();
+        this.nativeLibraryStorage = new NativeLibraryStorage(tracker);
         this.mainClass = mainName;
+        this.enableCodeBase = enableCodeBase;
+        AppVerifier verifier;
+        if (file instanceof PluginBridge && !((PluginBridge)file).useJNLPHref()) {
+            verifier = new PluginAppVerifier();
+        } else {
+            verifier = new JNLPAppVerifier();
+        }
+        jcv = new JarCertVerifier(verifier);
+        if (this.enableCodeBase) {
+            addToCodeBaseLoader(this.file.getCodeBase());
+        }
+        this.securityDelegate = new SecurityDelegateImpl(this);
         // initialize extensions
 …
         initializeResources();
+        //loading mainfests before resources are initialised may cause waiting for resources
+        file.getManifestsAttributes().setLoader(this);
         // initialize permissions
 …
         setSecurity();
+        ManifestAttributesChecker mac = new ManifestAttributesChecker(security, file, signing, securityDelegate);
+        mac.checkAll();
         installShutdownHooks();
+    }
 …
                  * cleanup things they created
                  */
+                if (nativeDir != null) {
+                    if (JNLPRuntime.isDebug()) {
+                        System.out.println("Cleaning up native directory" + nativeDir.getAbsolutePath());
+                    }
+                    try {
+                        FileUtils.recursiveDelete(nativeDir,
+                                new File(System.getProperty("java.io.tmpdir")));
+                    } catch (IOException e) {
+                        /*
+                         * failed to delete a file in tmpdir, no big deal (not
+                         * to mention that the VM is shutting down at this
+                         * point so no much we can do)
+                         */
+                    }
+                }
+                nativeLibraryStorage.cleanupTemporaryFolder();
+            }
         });
 …
     private void setSecurity() throws LaunchException {
+        URL codebase = null;
+        if (file.getCodeBase() != null) {
+            codebase = file.getCodeBase();
+        } else {
+            //Fixme: codebase should be the codebase of the Main Jar not
+            //the location. Although, it still works in the current state.
+            codebase = file.getResources().getMainJAR().getLocation();
+        }
+        /**
+         * When we're trying to load an applet, file.getSecurity() will return
+         * null since there is no jnlp file to specify permissions. We
+         * determine security settings here, after trying to verify jars.
+         */
+        if (file instanceof PluginBridge) {
+            if (signing == true) {
+                this.security = new SecurityDesc(file,
+                        SecurityDesc.ALL_PERMISSIONS,
+                        codebase.getHost());
+            } else {
+                this.security = new SecurityDesc(file,
+                        SecurityDesc.SANDBOX_PERMISSIONS,
+                        codebase.getHost());
+            }
+        } else { //regular jnlp file
+            /*
+             * Various combinations of the jars being signed and <security> tags being
+             * present are possible. They are treated as follows
+             *
+             * Jars          JNLP File         Result
+             *
+             * Signed        <security>        Appropriate Permissions
+             * Signed        no <security>     Sandbox
+             * Unsigned      <security>        Error
+             * Unsigned      no <security>     Sandbox
+             *
+             */
+            if (!file.getSecurity().getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS) && !signing) {
+                throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LUnsignedJarWithSecurity"), R("LUnsignedJarWithSecurityInfo"));
+            } else if (signing == true) {
+                this.security = file.getSecurity();
+            } else {
+                this.security = new SecurityDesc(file,
+                        SecurityDesc.SANDBOX_PERMISSIONS,
+                        codebase.getHost());
+            }
+        }
+    }
+    /**
+     * Returns a JNLP classloader for the specified JNLP file.
+        URL codebase = UrlUtils.guessCodeBase(file);
+        this.security = securityDelegate.getClassLoaderSecurity(codebase.getHost());
+    }
+    /**
+     * Gets the lock for a given unique key, creating one if it does not yet exist.
+     * This operation is atomic & thread-safe.
+     *
+     * @param uniqueKey the file whose unique key should be used
+     * @return the lock
+     */
+    private static ReentrantLock getUniqueKeyLock(String uniqueKey) {
+        synchronized (uniqueKeyToLock) {
+            ReentrantLock storedLock = uniqueKeyToLock.get(uniqueKey);
+            if (storedLock == null) {
+                storedLock = new ReentrantLock();
+                uniqueKeyToLock.put(uniqueKey, storedLock);
+            }
+            return storedLock;
+        }
+    }
+    /**
+     * Creates a fully initialized JNLP classloader for the specified JNLPFile,
+     * to be used as an applet/application's classloader.
+     * In contrast, JNLP classloaders can also be constructed simply to merge
+     * its resources into another classloader.
+     *
      * @param file the file to load classes for
      * @param policy the update policy to use when downloading resources
+     */
+    public static JNLPClassLoader getInstance(JNLPFile file, UpdatePolicy policy) throws LaunchException {
+        return getInstance(file, policy, null);
+     * @param mainName Overrides the main class name of the application
+     */
+    private static JNLPClassLoader createInstance(JNLPFile file, UpdatePolicy policy, String mainName, boolean enableCodeBase) throws LaunchException {
+        String uniqueKey = file.getUniqueKey();
+        JNLPClassLoader baseLoader = uniqueKeyToLoader.get(uniqueKey);
+        JNLPClassLoader loader = new JNLPClassLoader(file, policy, mainName, enableCodeBase);
+        // If security level is 'high' or greater, we must check if the user allows unsigned applets
+        // when the JNLPClassLoader is created. We do so here, because doing so in the constructor
+        // causes unwanted side-effects for some applets. However, if the loader has been tagged
+        // with "runInSandbox", then we do not show this dialog - since this tag indicates that
+        // the user was already shown a CertWarning dialog and has chosen to run the applet sandboxed.
+        // This means they've already agreed to running the applet and have specified with which
+        // permission level to do it!
+        if (loader.getSigningState() == SigningState.PARTIAL) {
+            loader.securityDelegate.promptUserOnPartialSigning();
+        } else if (!loader.getSigning() && !loader.securityDelegate.userPromptedForSandbox() && file instanceof PluginBridge) {
+            UnsignedAppletTrustConfirmation.checkUnsignedWithUserIfRequired((PluginBridge)file);
+        }
+        // New loader init may have caused extentions to create a
+        // loader for this unique key. Check.
+        JNLPClassLoader extLoader = uniqueKeyToLoader.get(uniqueKey);
+        if (extLoader != null && extLoader != loader) {
+            if (loader.getSigning() != extLoader.getSigning()) {
+                loader.securityDelegate.promptUserOnPartialSigning();
+            }
+            loader.merge(extLoader);
+            extLoader.decrementLoaderUseCount(); // loader urls have been merged, ext loader is no longer used
+        }
+        // loader is now current + ext. But we also need to think of
+        // the baseLoader
+        if (baseLoader != null && baseLoader != loader) {
+           loader.merge(baseLoader);
+        }
+        return loader;
+    }
+    /**
+     * Returns a JNLP classloader for the specified JNLP file.
+     *
+     * @param file the file to load classes for
+     * @param policy the update policy to use when downloading resources
+     */
+    public static JNLPClassLoader getInstance(JNLPFile file, UpdatePolicy policy, boolean enableCodeBase) throws LaunchException {
+        return getInstance(file, policy, null, enableCodeBase);
+    }
 …
      * @param mainName Overrides the main class name of the application
      */
     public static JNLPClassLoader getInstance(JNLPFile file, UpdatePolicy policy, String mainName) throws LaunchException {
+    public static JNLPClassLoader getInstance(JNLPFile file, UpdatePolicy policy, String mainName, boolean enableCodeBase) throws LaunchException {
         JNLPClassLoader baseLoader = null;
         JNLPClassLoader loader = null;
         String uniqueKey = file.getUniqueKey();
+        if (uniqueKey != null)
+            baseLoader = urlToLoader.get(uniqueKey);
+        try {
+        synchronized ( getUniqueKeyLock(uniqueKey) ) {
+            baseLoader = uniqueKeyToLoader.get(uniqueKey);
             // A null baseloader implies that no loader has been created
 …
                      !baseLoader.getJNLPFile().getFileLocation().equals(file.getFileLocation()))) {
+                loader = new JNLPClassLoader(file, policy, mainName);
+                // New loader init may have caused extentions to create a
+                // loader for this unique key. Check.
+                JNLPClassLoader extLoader = urlToLoader.get(uniqueKey);
+                if (extLoader != null && extLoader != loader) {
+                    if (loader.signing && !extLoader.signing)
+                        if (!SecurityDialogs.showNotAllSignedWarningDialog(file))
+                            throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo"));
+                    loader.merge(extLoader);
+                    extLoader.decrementLoaderUseCount(); // loader urls have been merged, ext loader is no longer used
+                }
+                // loader is now current + ext. But we also need to think of
+                // the baseLoader
+                if (baseLoader != null && baseLoader != loader) {
+                   loader.merge(baseLoader);
+                }
+                loader = createInstance(file, policy, mainName, enableCodeBase);
             } else {
                 // if key is same and locations match, this is the loader we want
                 if (!file.isApplication()) {
                     // If this is an applet, we do need to consider its loader
                    loader = new JNLPClassLoader(file, policy, mainName);
+                    loader = new JNLPClassLoader(file, policy, mainName, enableCodeBase);
                     if (baseLoader != null)
 …
+            }
+        } catch (LaunchException e) {
+            throw e;
+        }
+        // loaders are mapped to a unique key. Only extensions and parent
+        // share a key, so it is safe to always share based on it
+        loader.incrementLoaderUseCount();
+        synchronized(urlToLoader) {
+            urlToLoader.put(uniqueKey, loader);
+            // loaders are mapped to a unique key. Only extensions and parent
+            // share a key, so it is safe to always share based on it
+            loader.incrementLoaderUseCount();
+            uniqueKeyToLoader.put(uniqueKey, loader);
+        }
 …
      * @param mainName Overrides the main class name of the application
      */
     public static JNLPClassLoader getInstance(URL location, String uniqueKey, Version version, UpdatePolicy policy, String mainName)
+    public static JNLPClassLoader getInstance(URL location, String uniqueKey, Version version, ParserSettings settings, UpdatePolicy policy, String mainName, boolean enableCodeBase)
             throws IOException, ParseException, LaunchException {
+        JNLPClassLoader loader = urlToLoader.get(uniqueKey);
+        if (loader == null || !location.equals(loader.getJNLPFile().getFileLocation())) {
+            JNLPFile jnlpFile = new JNLPFile(location, uniqueKey, version, false, policy);
+            loader = getInstance(jnlpFile, policy, mainName);
+        JNLPClassLoader loader;
+        synchronized ( getUniqueKeyLock(uniqueKey) ) {
+            loader = uniqueKeyToLoader.get(uniqueKey);
+            if (loader == null || !location.equals(loader.getJNLPFile().getFileLocation())) {
+                JNLPFile jnlpFile = new JNLPFile(location, uniqueKey, version, settings, policy);
+                loader = getInstance(jnlpFile, policy, mainName, enableCodeBase);
+            }
+        }
 …
      */
     void initializeExtensions() {
         ExtensionDesc[] ext = resources.getExtensions();
+        ExtensionDesc[] extDescs = resources.getExtensions();
         List<JNLPClassLoader> loaderList = new ArrayList<JNLPClassLoader>();
 …
         //if (ext != null) {
         for (int i = 0; i < ext.length; i++) {
+        for (ExtensionDesc ext : extDescs) {
             try {
                 String uniqueKey = this.getJNLPFile().getUniqueKey();
                 JNLPClassLoader loader = getInstance(ext[i].getLocation(), uniqueKey, ext[i].getVersion(), updatePolicy, mainClass);
+                JNLPClassLoader loader = getInstance(ext.getLocation(), uniqueKey, ext.getVersion(), file.getParserSettings(), updatePolicy, mainClass, this.enableCodeBase);
                 loaderList.add(loader);
             } catch (Exception ex) {
                 ex.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+            }
+        }
 …
         JARDesc jars[] = resources.getJARs();
+        for (int i = 0; i < jars.length; i++) {
+            Permission p = CacheUtil.getReadPermission(jars[i].getLocation(),
+                                                       jars[i].getVersion());
+            if (JNLPRuntime.isDebug()) {
+                if (p == null)
+                    System.out.println("Unable to add permission for " + jars[i].getLocation());
+                else
+                    System.out.println("Permission added: " + p.toString());
+        for (JARDesc jar : jars) {
+            Permission p = CacheUtil.getReadPermission(jar.getLocation(), jar.getVersion());
+            if (p == null) {
+                OutputController.getLogger().log("Unable to add permission for " + jar.getLocation());
+            } else {
+                OutputController.getLogger().log("Permission added: " + p.toString());
+            }
             if (p != null)
 …
      * @return true if file exists AND is an invalid jar, false otherwise
      */
     private boolean isInvalidJar(JARDesc jar){
+    boolean isInvalidJar(JARDesc jar){
         File cacheFile = tracker.getCacheFile(jar.getLocation());
         if (cacheFile == null)
 …
                     addToCodeBaseLoader(new URL(file.getCodeBase(), codeBaseFolder));
                 } catch (MalformedURLException mfe) {
                     System.err.println("Problem trying to add folder to code base:");
                     System.err.println(mfe.getMessage());
+                    OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Problem trying to add folder to code base:");
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, mfe);
+                }
+            }
 …
         JARDesc jars[] = resources.getJARs();
         if (jars == null || jars.length == 0) {
             boolean allSigned = true;
+        if (jars.length == 0) {
+            boolean allSigned = (loaders.length > 1) /* has extensions */;
             for (int i = 1; i < loaders.length; i++) {
                 if (!loaders[i].getSigning()) {
 …
+            }
             if(allSigned)
                 signing = true;
+            if (allSigned)
+                signing = SigningState.FULL;
             //Check if main jar is found within extensions
 …
         List<JARDesc> initialJars = new ArrayList<JARDesc>();
+        for (int i = 0; i < jars.length; i++) {
+            available.add(jars[i]);
+            if (jars[i].isEager())
+                initialJars.add(jars[i]); // regardless of part
+            tracker.addResource(jars[i].getLocation(),
+                                jars[i].getVersion(),
+                                getDownloadOptionsForJar(jars[i]),
+                                jars[i].isCacheable() ? JNLPRuntime.getDefaultUpdatePolicy() : UpdatePolicy.FORCE
+                               );
+        }
+        for (JARDesc jar : jars) {
+            available.add(jar);
+            if (jar.isEager())
+                initialJars.add(jar); // regardless of part
+            tracker.addResource(jar.getLocation(),
+                    jar.getVersion(), file.getDownloadOptions(),
+                    jar.isCacheable() ? JNLPRuntime.getDefaultUpdatePolicy() : UpdatePolicy.FORCE);
+        }
         //If there are no eager jars, initialize the first jar
         if(initialJars.size() == 0)
 …
         if (JNLPRuntime.isVerifying()) {
-            JarCertVerifier jcv;
             try {
                 jcv = verifyJars(initialJars);
+                jcv.add(initialJars, tracker);
             } catch (Exception e) {
                 //we caught an Exception from the JarCertVerifier class.
                 //Note: one of these exceptions could be from not being able
                 //to read the cacerts or trusted.certs files.
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
                 throw new LaunchException(null, null, R("LSFatal"),
                                         R("LCInit"), R("LFatalVerification"), R("LFatalVerificationInfo"));
+                                        R("LCInit"), R("LFatalVerification"), R("LFatalVerificationInfo") + ": " +e.getMessage());
+            }
             //Case when at least one jar has some signing
+            if (jcv.anyJarsSigned() && jcv.isFullySignedByASingleCert()) {
+                signing = true;
+                if (!jcv.allJarsSigned() &&
+                                    !SecurityDialogs.showNotAllSignedWarningDialog(file))
+                    throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo"));
+            if (jcv.isFullySigned()) {
+                signing = SigningState.FULL;
                 // Check for main class in the downloaded jars, and check/verify signed JNLP fill
 …
                 // If jar with main class was not found, check available resources
                 while (!foundMainJar && available != null && available.size() != 0)
+                while (!foundMainJar && available != null && available.size() != 0)
                     addNextResource();
 …
                 foundMainJar = foundMainJar || hasMainInExtensions();
+                // If jar with main class was not found and there are no more
+                // available jars, throw a LaunchException
+                if (file.getLaunchInfo() != null) {
+                    if (!foundMainJar
+                            && (available == null || available.size() == 0))
+                        throw new LaunchException(file, null, R("LSFatal"),
+                                R("LCClient"), R("LCantDetermineMainClass"),
+                                R("LCantDetermineMainClassInfo"));
+                boolean externalAppletMainClass = (file.getLaunchInfo() != null && !foundMainJar
+                        && (available == null || available.size() == 0));
+                // We do this check here simply to ensure that if there are no JARs at all,
+                // and also no main-class in the codebase (ie the applet doesn't really exist), we
+                // fail ASAP rather than continuing (and showing the NotAllSigned dialog for no applet)
+                if (externalAppletMainClass) {
+                    if (codeBaseLoader != null) {
+                        try {
+                            codeBaseLoader.findClass(mainClass);
+                        } catch (ClassNotFoundException extCnfe) {
+                            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, extCnfe);
+                            throw new LaunchException(file, extCnfe, R("LSFatal"), R("LCInit"), R("LCantDetermineMainClass"), R("LCantDetermineMainClassInfo"));
+                        }
+                    } else {
+                        throw new LaunchException(file, null, R("LSFatal"), R("LCInit"), R("LCantDetermineMainClass"), R("LCantDetermineMainClassInfo"));
+                    }
+                }
+                // If externalAppletMainClass is true and a LaunchException was not thrown above,
+                // then the main-class can be loaded from the applet codebase, but is obviously not signed
+                if (!jcv.allJarsSigned()) {
+                    checkPartialSigningWithUser();
+                }
                 // If main jar was found, but a signed JNLP file was not located
                 if (!isSignedJNLP && foundMainJar)
+                if (!isSignedJNLP && foundMainJar)
                     file.setSignedJNLPAsMissing();
                 //user does not trust this publisher
                 if (!jcv.getAlreadyTrustPublisher()) {
                     checkTrustWithUser(jcv);
+                if (!jcv.isTriviallySigned()) {
+                    checkTrustWithUser();
                 } else {
                     /**
 …
             } else {
+                signing = false;
+                //otherwise this jar is simply unsigned -- make sure to ask
+                //for permission on certain actions
+            }
+        }
+                // Otherwise this jar is simply unsigned -- make sure to ask
+                // for permission on certain actions
+                signing = SigningState.NONE;
+            }
+        }
+        boolean containsSignedJar = false, containsUnsignedJar = false;
         for (JARDesc jarDesc : file.getResources().getJARs()) {
+            File cachedFile;
             try {
+                File cachedFile;
+                try {
+                    cachedFile = tracker.getCacheFile(jarDesc.getLocation());
+                } catch (IllegalResourceDescriptorException irde){
+                    //Caused by ignored resource being removed due to not being valid
+                    System.err.println("JAR " + jarDesc.getLocation() + " is not a valid jar file. Continuing.");
+                    continue;
+                }
+                if (cachedFile == null) {
+                    System.err.println("JAR " + jarDesc.getLocation() + " not found. Continuing.");
+                    continue; // JAR not found. Keep going.
+                }
+                // TODO: Should be toURI().toURL()
+                URL location = cachedFile.toURL();
+                SecurityDesc jarSecurity = file.getSecurity();
+                if (file instanceof PluginBridge) {
+                    URL codebase = null;
+                    if (file.getCodeBase() != null) {
+                        codebase = file.getCodeBase();
+                    } else {
+                        //Fixme: codebase should be the codebase of the Main Jar not
+                        //the location. Although, it still works in the current state.
+                        codebase = file.getResources().getMainJAR().getLocation();
+                    }
+                    if (signing) {
+                        jarSecurity = new SecurityDesc(file,
+                                                        SecurityDesc.ALL_PERMISSIONS,
+                                                        codebase.getHost());
+                    } else {
+                        jarSecurity = new SecurityDesc(file,
+                                                        SecurityDesc.SANDBOX_PERMISSIONS,
+                                                        codebase.getHost());
+                    }
+                }
+                jarLocationSecurityMap.put(jarDesc.getLocation(), jarSecurity);
+            } catch (MalformedURLException mfe) {
+                System.err.println(mfe.getMessage());
+            }
+        }
+                cachedFile = tracker.getCacheFile(jarDesc.getLocation());
+            } catch (IllegalResourceDescriptorException irde) {
+                //Caused by ignored resource being removed due to not being valid
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "JAR " + jarDesc.getLocation() + " is not a valid jar file. Continuing.");
+                continue;
+            }
+            if (cachedFile == null) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "JAR " + jarDesc.getLocation() + " not found. Continuing.");
+                continue; // JAR not found. Keep going.
+            }
+            final URL codebase;
+            if (file.getCodeBase() != null) {
+                codebase = file.getCodeBase();
+            } else {
+                // FIXME: codebase should be the codebase of the Main Jar not
+                // the location. Although, it still works in the current state.
+                codebase = file.getResources().getMainJAR().getLocation();
+            }
+            final SecurityDesc jarSecurity = securityDelegate.getCodebaseSecurityDesc(jarDesc, codebase.getHost());
+            if (jarSecurity.getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
+                containsUnsignedJar = true;
+            } else {
+                containsSignedJar = true;
+            }
+            jarLocationSecurityMap.put(jarDesc.getLocation(), jarSecurity);
+        }
+        if (containsSignedJar && containsUnsignedJar) {
+            checkPartialSigningWithUser();
+        }
         activateJars(initialJars);
+    }
+     /***
+     * Checks for the jar that contains the attribute.
+     *
+     * @param jars Jars that are checked to see if they contain the main class
+     * @param  name attribute to be found
+     */
+    public String checkForAttributeInJars(List<JARDesc> jars, Attributes.Name name) {
+        if (jars.isEmpty()) {
+            return null;
+        }
+        String result = null;
+        // Check main jar
+        JARDesc mainJarDesc = ResourcesDesc.getMainJAR(jars);
+        result = getManifestAttribute(mainJarDesc.getLocation(), name);
+        if (result != null) {
+            return result;
+        }
+        // Check first jar
+        JARDesc firstJarDesc = jars.get(0);
+        result = getManifestAttribute(firstJarDesc.getLocation(),name);
+        if (result != null) {
+            return result;
+        }
+        // Still not found? Iterate and set if only 1 was found
+        for (JARDesc jarDesc: jars) {
+            String attributeInThisJar = getManifestAttribute(jarDesc.getLocation(), name);
+                if (attributeInThisJar != null) {
+                    if (result == null) { // first main class
+                        result = attributeInThisJar;
+                    } else { // There is more than one main class. Set to null and break.
+                        result = null;
+                        break;
+                }
+            }
+        }
+        return result;
+    }
     /***
      * Checks for the jar that contains the main class. If the main class was
 …
      * @throws LaunchException Thrown if the signed JNLP file, within the main jar, fails to be verified or does not match
      */
     private void checkForMain(List<JARDesc> jars) throws LaunchException {
+    void checkForMain(List<JARDesc> jars) throws LaunchException {
         // Check launch info
         if (mainClass == null) {
             LaunchDesc launchDesc = file.getLaunchInfo();
+            if (launchDesc == null) {
+                return;
+            }
+            mainClass = launchDesc.getMainClass();
+            if (launchDesc != null) {
+                mainClass = launchDesc.getMainClass();
+            }
+        }
         // The main class may be specified in the manifest
-        // Check main jar
         if (mainClass == null) {
+            JARDesc mainJarDesc = file.getResources().getMainJAR();
+            mainClass = getMainClassName(mainJarDesc.getLocation());
+        }
+        // Check first jar
+        if (mainClass == null) {
+            JARDesc firstJarDesc = jars.get(0);
+            mainClass = getMainClassName(firstJarDesc.getLocation());
+        }
+        // Still not found? Iterate and set if only 1 was found
+        if (mainClass == null) {
+            for (JARDesc jarDesc: jars) {
+                String mainClassInThisJar = getMainClassName(jarDesc.getLocation());
+                if (mainClassInThisJar != null) {
+                    if (mainClass == null) { // first main class
+                        mainClass = mainClassInThisJar;
+                    } else { // There is more than one main class. Set to null and break.
+                        mainClass = null;
+            mainClass = checkForAttributeInJars(jars, Attributes.Name.MAIN_CLASS);
+        }
+        String desiredJarEntryName = mainClass + ".class";
+        for (JARDesc jar : jars) {
+            try {
+                File localFile = tracker
+                        .getCacheFile(jar.getLocation());
+                if (localFile == null) {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "JAR " + jar.getLocation() + " not found. Continuing.");
+                    continue; // JAR not found. Keep going.
+                }
+                JarFile jarFile = new JarFile(localFile);
+                for (JarEntry entry : Collections.list(jarFile.entries())) {
+                    String jeName = entry.getName().replaceAll("/", ".");
+                    if (jeName.equals(desiredJarEntryName)) {
+                        foundMainJar = true;
+                        verifySignedJNLP(jar, jarFile);
                         break;
+                    }
+                }
+            }
+        }
+        String desiredJarEntryName = mainClass + ".class";
+        for (int i = 0; i < jars.size(); i++) {
+            try {
+                File localFile = tracker
+                        .getCacheFile(jars.get(i).getLocation());
+                if (localFile == null) {
+                    System.err.println("JAR " + jars.get(i).getLocation() + " not found. Continuing.");
+                    continue; // JAR not found. Keep going.
+                }
+                JarFile jarFile = new JarFile(localFile);
+                Enumeration<JarEntry> entries = jarFile.entries();
+                JarEntry je;
+                while (entries.hasMoreElements()) {
+                    je = entries.nextElement();
+                    String jeName = je.getName().replaceAll("/", ".");
+                    if (jeName.equals(desiredJarEntryName)) {
+                        foundMainJar = true;
+                        verifySignedJNLP(jars.get(i), jarFile);
+                        break;
+                    }
+                }
+                jarFile.close();
             } catch (IOException e) {
                 /*
 …
      * @return the main class name, null if there isn't one of if there was an error
      */
+    private String getMainClassName(URL location) {
+        String mainClass = null;
+    String getMainClassName(URL location) {
+        return getManifestAttribute(location, Attributes.Name.MAIN_CLASS);
+    }
+    /**
+     * Gets the name of the main method if specified in the manifest
+     *
+     * @param location The JAR location
+     * @return the attribute value, null if there isn't one of if there was an error
+     */
+    public String getManifestAttribute(URL location, Attributes.Name  attribute) {
+        String attributeValue = null;
         File f = tracker.getCacheFile(location);
         if( f != null) {
+            JarFile mainJar = null;
             try {
+                JarFile mainJar = new JarFile(f);
+                mainClass = mainJar.getManifest().
+                        getMainAttributes().getValue("Main-Class");
+                mainJar = new JarFile(f);
+                Manifest manifest = mainJar.getManifest();
+                if (manifest == null || manifest.getMainAttributes() == null){
+                    //yes, jars without manifest exists
+                    return null;
+                }
+                attributeValue = manifest.getMainAttributes().getValue(attribute);
             } catch (IOException ioe) {
+                mainClass = null;
+            }
+        }
+        return mainClass;
+                attributeValue = null;
+            } finally {
+                StreamUtils.closeSilently(mainJar);
+            }
+        }
+        return attributeValue;
+    }
 …
             throws LaunchException {
-        JarCertVerifier signer = new JarCertVerifier();
         List<JARDesc> desc = new ArrayList<JARDesc>();
         desc.add(jarDesc);
 …
         try {
+            signer.verifyJars(desc, tracker);
+            if (signer.allJarsSigned()) { // If the jar is signed
+                Enumeration<JarEntry> entries = jarFile.entries();
+                JarEntry je;
+                while (entries.hasMoreElements()) {
+                    je = entries.nextElement();
+            // NOTE: verification should have happened by now. In other words,
+            // calling jcv.verifyJars(desc, tracker) here should have no affect.
+            if (jcv.isFullySigned()) {
+                for (JarEntry je : Collections.list(jarFile.entries())) {
                     String jeName = je.getName().toUpperCase();
                     if (jeName.equals(TEMPLATE) || jeName.equals(APPLICATION)) {
+                        if (JNLPRuntime.isDebug())
+                            System.err.println("Creating Jar InputStream from JarEntry");
+                        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Creating Jar InputStream from JarEntry");
                         inStream = jarFile.getInputStream(je);
                         inputReader = new InputStreamReader(inStream);
+                        if (JNLPRuntime.isDebug())
+                            System.err.println("Creating File InputStream from lauching JNLP file");
+                        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Creating File InputStream from lauching JNLP file");
                         JNLPFile jnlp = this.getJNLPFile();
 …
                         if (jeName.equals(APPLICATION)) { // If signed application was found
+                            if (JNLPRuntime.isDebug())
+                                System.err.println("APPLICATION.JNLP has been located within signed JAR. Starting verfication...");
+                            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "APPLICATION.JNLP has been located within signed JAR. Starting verfication...");
                             matcher = new JNLPMatcher(inputReader, jnlpReader, false);
                         } else { // Otherwise template was found
+                            if (JNLPRuntime.isDebug())
+                                System.err.println("APPLICATION_TEMPLATE.JNLP has been located within signed JAR. Starting verfication...");
+                            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "APPLICATION_TEMPLATE.JNLP has been located within signed JAR. Starting verfication...");
                             matcher = new JNLPMatcher(inputReader, jnlpReader,
 …
                         this.isSignedJNLP = true;
+                        if (JNLPRuntime.isDebug())
+                            System.err.println("Signed Application Verification Successful");
+                        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Signed Application Verification Successful");
                         break;
 …
         } catch (Exception e) {
+            if (JNLPRuntime.isDebug())
+                e.printStackTrace(System.err);
+            OutputController.getLogger().log(e);
             /*
              * After this exception is caught, it is escaped. If an exception is
              * thrown while handling the jar file, (mainly for
              * JarCertVerifier.verifyJars) it assumes the jar file is unsigned and
+             * JarCertVerifier.add) it assumes the jar file is unsigned and
              * skip the check for a signed JNLP file
              */
 …
             //Close all streams
+            closeStream(inStream);
+            closeStream(inputReader);
+            closeStream(fr);
+            closeStream(jnlpReader);
+        }
+        if (JNLPRuntime.isDebug())
+            System.err.println("Ending check for signed JNLP file...");
+    }
+    /***
+     * Closes a stream
+     *
+     * @param stream the stream that will be closed
+     */
+    private void closeStream (Closeable stream) {
+        if (stream != null)
+            try {
+                stream.close();
+            } catch (Exception e) {
+                e.printStackTrace(System.err);
+            }
+    }
+    private void checkTrustWithUser(JarCertVerifier jcv) throws LaunchException {
+        if (JNLPRuntime.isTrustAll()){
+            StreamUtils.closeSilently(inStream);
+            StreamUtils.closeSilently(inputReader);
+            StreamUtils.closeSilently(fr);
+            StreamUtils.closeSilently(jnlpReader);
+        }
+        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Ending check for signed JNLP file...");
+    }
+    /**
+     * Prompt the user for trust on all the signers that require approval.
+     * @throws LaunchException if the user does not approve every dialog prompt.
+     */
+    private void checkTrustWithUser() throws LaunchException {
+        if (JNLPRuntime.isTrustNone()) {
+            if (!securityDelegate.getRunInSandbox()) {
+                setRunInSandbox();
+            }
             return;
+        }
+        if (!jcv.getRootInCacerts()) { //root cert is not in cacerts
+            boolean b = SecurityDialogs.showCertWarningDialog(
+                    AccessType.UNVERIFIED, file, jcv);
+            if (!b)
+                throw new LaunchException(null, null, R("LSFatal"),
+                        R("LCLaunching"), R("LNotVerified"), "");
+        } else if (jcv.getRootInCacerts()) { //root cert is in cacerts
+            boolean b = false;
+            if (jcv.noSigningIssues())
+                b = SecurityDialogs.showCertWarningDialog(
+                        AccessType.VERIFIED, file, jcv);
+            else if (!jcv.noSigningIssues())
+                b = SecurityDialogs.showCertWarningDialog(
+                        AccessType.SIGNING_ERROR, file, jcv);
+            if (!b)
+                throw new LaunchException(null, null, R("LSFatal"),
+                        R("LCLaunching"), R("LCancelOnUserRequest"), "");
+        }
+        if (JNLPRuntime.isTrustAll() || securityDelegate.getRunInSandbox()) {
+            return;
+        }
+        if (getSigningState() == SigningState.FULL && jcv.isFullySigned() && !jcv.getAlreadyTrustPublisher()) {
+            jcv.checkTrustWithUser(securityDelegate, file);
+        }
+    }
+    /*
+     * Sets whether applets are to be run sandboxed, regardless of JAR
+     * signing. This MUST be called before any call to initializeResources,
+     * setSecurity, activateJars, or any other method that sets the value
+     * of this.security or adds entries into this.jarLocationSecurityMap.
+     * @throws LaunchException if security settings have been initialized before
+     * this method is called
+     */
+    public void setRunInSandbox() throws LaunchException {
+        securityDelegate.setRunInSandbox();
+    }
+    public boolean userPromptedForSandbox() {
+        return securityDelegate.getRunInSandbox();
+    }
 …
     public void setApplication(ApplicationInstance app) {
         if (this.app != null) {
+            if (JNLPRuntime.isDebug()) {
+                Exception ex = new IllegalStateException("Application can only be set once");
+                ex.printStackTrace();
+            }
+                OutputController.getLogger().log(new IllegalStateException("Application can only be set once"));
             return;
+        }
 …
+                    }
                     if (getCodeSourceSecurity(cs.getLocation()).getSecurityType() == null) {
+                        if (JNLPRuntime.isDebug()){
+                        new NullPointerException("Warning! Code source security type was null").printStackTrace();
+                        }
+                        OutputController.getLogger().log(new NullPointerException("Warning! Code source security type was null"));
+                    }
                     Object securityType = getCodeSourceSecurity(cs.getLocation()).getSecurityType();
 …
+                }
+                Enumeration<Permission> e = permissions.elements();
+                while (e.hasMoreElements()) {
+                    result.add(e.nextElement());
+                for (Permission perm : Collections.list(permissions.elements())) {
+                    result.add(perm);
+                }
+            }
             // add in permission to read the cached JAR files
             for (int i = 0; i < resourcePermissions.size(); i++) {
                 result.add(resourcePermissions.get(i));
+            for (Permission perm : resourcePermissions) {
+                result.add(perm);
+            }
             // add in the permissions that the user granted.
             for (int i = 0; i < runtimePermissions.size(); i++) {
                 result.add(runtimePermissions.get(i));
+            for (Permission perm : runtimePermissions) {
+                result.add(perm);
+            }
             // Class from host X should be allowed to connect to host X
             if (cs.getLocation().getHost().length() > 0)
+            if (cs.getLocation() != null && cs.getLocation().getHost().length() > 0)
                 result.add(new SocketPermission(cs.getLocation().getHost(),
                         "connect, accept"));
 …
             return result;
         } catch (RuntimeException ex) {
+            if (JNLPRuntime.isDebug()) {
+                ex.printStackTrace();
+            }
+            OutputController.getLogger().log(ex);
             throw ex;
+        }
 …
      */
     protected void fillInPartJars(List<JARDesc> jars) {
+        for (int i = 0; i < jars.size(); i++) {
+            String part = jars.get(i).getPart();
+            for (int a = 0; a < available.size(); a++) {
+                JARDesc jar = available.get(a);
+                if (part != null && part.equals(jar.getPart()))
+                    if (!jars.contains(jar))
+                        jars.add(jar);
+        for (JARDesc desc : jars) {
+            String part = desc.getPart();
+            // "available" field can be affected by two different threads
+            // working in loadClass(String)
+            synchronized (available) {
+                for (JARDesc jar : available) {
+                    if (part != null && part.equals(jar.getPart()))
+                        if (!jars.contains(jar))
+                            jars.add(jar);
+                }
+            }
+        }
 …
                 waitForJars(jars);
+                for (int i = 0; i < jars.size(); i++) {
+                    JARDesc jar = jars.get(i);
+                for (JARDesc jar : jars) {
                     available.remove(jar);
 …
                             JarFile jarFile = new JarFile(localFile);
+                            Enumeration<JarEntry> e = jarFile.entries();
+                            while (e.hasMoreElements()) {
+                                JarEntry je = e.nextElement();
+                            for (JarEntry je : Collections.list(jarFile.entries())) {
                                 // another jar in my jar? it is more likely than you think
 …
+                                    }
-                                    JarCertVerifier signer = new JarCertVerifier();
-                                    List<JARDesc> jars = new ArrayList<JARDesc>();
-                                    JARDesc jarDesc = new JARDesc(new File(extractedJarLocation).toURL(), null, null, false, false, false, false);
-                                    jars.add(jarDesc);
                                     tracker.addResource(new File(extractedJarLocation).toURL(), null, null, null);
+                                    signer.verifyJars(jars, tracker);
+                                    if (signer.anyJarsSigned() && !signer.getAlreadyTrustPublisher()) {
+                                        checkTrustWithUser(signer);
+                                    URL codebase = file.getCodeBase();
+                                    if (codebase == null) {
+                                        //FIXME: codebase should be the codebase of the Main Jar not
+                                        //the location. Although, it still works in the current state.
+                                        codebase = file.getResources().getMainJAR().getLocation();
+                                    }
+                                    final SecurityDesc jarSecurity = securityDelegate.getJarPermissions(codebase.getHost());
                                     try {
 …
                                         addURL(fakeRemote);
-                                        SecurityDesc jarSecurity = file.getSecurity();
-                                        if (file instanceof PluginBridge) {
-                                            URL codebase = null;
-                                            if (file.getCodeBase() != null) {
-                                                codebase = file.getCodeBase();
-                                            } else {
-                                                //Fixme: codebase should be the codebase of the Main Jar not
-                                                //the location. Although, it still works in the current state.
-                                                codebase = file.getResources().getMainJAR().getLocation();
+                                            }
-                                            jarSecurity = new SecurityDesc(file,
-                                                    SecurityDesc.ALL_PERMISSIONS,
-                                                    codebase.getHost());
+                                        }
                                         jarLocationSecurityMap.put(fakeRemote, jarSecurity);
                                     } catch (MalformedURLException mfue) {
+                                        if (JNLPRuntime.isDebug())
+                                            System.err.println("Unable to add extracted nested jar to classpath");
+                                        mfue.printStackTrace();
+                                        OutputController.getLogger().log(OutputController.Level.WARNING_DEBUG, "Unable to add extracted nested jar to classpath");
+                                        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, mfue);
+                                    }
+                                }
 …
+                            }
+                            jarFile.close();
+                        }
 …
                             if (index != null)
                                 jarIndexes.add(index);
+                            jarFile.close();
                         } else {
                             CachedJarFileCallback.getInstance().addMapping(jar.getLocation(), jar.getLocation());
+                        }
+                        if (JNLPRuntime.isDebug())
+                            System.err.println("Activate jar: " + location);
+                        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Activate jar: " + location);
+                    }
                     catch (Exception ex) {
+                        if (JNLPRuntime.isDebug())
+                            ex.printStackTrace();
+                       OutputController.getLogger().log(ex);
+                    }
                     // some programs place a native library in any jar
                     activateNative(jar);
+                    nativeLibraryStorage.addSearchJar(jar.getLocation());
+                }
 …
         AccessController.doPrivileged(activate, acc);
+    }
-    /**
-     * Search for and enable any native code contained in a JAR by copying the
-     * native files into the filesystem. Called in the security context of the
-     * classloader.
-     */
-    protected void activateNative(JARDesc jar) {
-        if (JNLPRuntime.isDebug())
-            System.out.println("Activate native: " + jar.getLocation());
-        File localFile = tracker.getCacheFile(jar.getLocation());
-        if (localFile == null)
-            return;
-        String[] librarySuffixes = { ".so", ".dylib", ".jnilib", ".framework", ".dll" };
-        try {
-            JarFile jarFile = new JarFile(localFile, false);
-            Enumeration<JarEntry> entries = jarFile.entries();
-            while (entries.hasMoreElements()) {
-                JarEntry e = entries.nextElement();
-                if (e.isDirectory()) {
-                    continue;
+                }
-                String name = new File(e.getName()).getName();
-                boolean isLibrary = false;
-                for (String suffix : librarySuffixes) {
-                    if (name.endsWith(suffix)) {
-                        isLibrary = true;
-                        break;
+                    }
+                }
-                if (!isLibrary) {
-                    continue;
+                }
-                if (nativeDir == null)
-                    nativeDir = getNativeDir();
-                File outFile = new File(nativeDir, name);
-                if (!outFile.isFile()) {
-                    FileUtils.createRestrictedFile(outFile, true);
+                }
-                CacheUtil.streamCopy(jarFile.getInputStream(e),
-                                     new FileOutputStream(outFile));
+            }
-        } catch (IOException ex) {
-            if (JNLPRuntime.isDebug())
-                ex.printStackTrace();
+        }
+    }
-    /**
-     * Return the base directory to store native code files in.
-     * This method does not need to return the same directory across
-     * calls.
-     */
-    protected File getNativeDir() {
-        final int rand = (int)((Math.random()*2 - 1) * Integer.MAX_VALUE);
-        nativeDir = new File(System.getProperty("java.io.tmpdir")
-                             + File.separator + "netx-native-"
-                             + (rand & 0xFFFF));
-        File parent = nativeDir.getParentFile();
-        if (!parent.isDirectory() && !parent.mkdirs()) {
-            return null;
+        }
-        try {
-            FileUtils.createRestrictedDirectory(nativeDir);
-            // add this new native directory to the search path
-            addNativeDirectory(nativeDir);
-            return nativeDir;
-        } catch (IOException e) {
-            return null;
+        }
+    }
-    /**
-     * Adds the {@link File} to the search path of this {@link JNLPClassLoader}
-     * when trying to find a native library
-     */
-    protected void addNativeDirectory(File nativeDirectory) {
-        nativeDirectories.add(nativeDirectory);
+    }
-    /**
-     * Returns a list of all directories in the search path of the current classloader
-     * when it tires to find a native library.
-     * @return a list of directories in the search path for native libraries
-     */
-    protected List<File> getNativeDirectories() {
-        return nativeDirectories;
+    }
 …
     protected String findLibrary(String lib) {
         String syslib = System.mapLibraryName(lib);
+        for (File dir : getNativeDirectories()) {
+            File target = new File(dir, syslib);
+            if (target.exists())
+                return target.toString();
+        File libFile = nativeLibraryStorage.findLibrary(syslib);
+        if (libFile != null) {
+            return libFile.toString();
+        }
 …
      */
     protected String findLibraryExt(String lib) {
         for (int i = 0; i < loaders.length; i++) {
+        for (JNLPClassLoader loader : loaders) {
             String result = null;
             if (loaders[i] != this)
                 result = loaders[i].findLibrary(lib);
+            if (loader != this)
+                result = loader.findLibrary(lib);
             if (result != null)
 …
      * @param jars the jars
      */
     private void waitForJars(List jars) {
+    private void waitForJars(List<JARDesc> jars) {
         URL urls[] = new URL[jars.size()];
         for (int i = 0; i < jars.size(); i++) {
             JARDesc jar = (JARDesc) jars.get(i);
+            JARDesc jar = jars.get(i);
             urls[i] = jar.getLocation();
 …
     /**
-         * Verifies code signing of jars to be used.
+         *
-         * @param jars the jars to be verified.
-         */
-    private JarCertVerifier verifyJars(List<JARDesc> jars) throws Exception {
-        jcv = new JarCertVerifier();
-        jcv.verifyJars(jars, tracker);
-        return jcv;
+    }
-    /**
      * Find the loaded class in this loader or any of its extension loaders.
      */
+    protected Class findLoadedClassAll(String name) {
+        for (int i = 0; i < loaders.length; i++) {
+            Class result = null;
+            if (loaders[i] == this) {
+                final String fName = name;
+                try {
+                    result = AccessController.doPrivileged(
+                            new PrivilegedExceptionAction<Class<?>>() {
+                                public Class<?> run() {
+                                    return JNLPClassLoader.super.findLoadedClass(fName);
+                                }
+                            }, getAccessControlContextForClassLoading());
+                } catch (PrivilegedActionException pae) {
+                    result = null;
+                }
+    protected Class<?> findLoadedClassAll(String name) {
+        for (JNLPClassLoader loader : loaders) {
+            Class<?> result = null;
+            if (loader == this) {
+                result = JNLPClassLoader.super.findLoadedClass(name);
             } else {
                 result = loaders[i].findLoadedClassAll(name);
+                result = loader.findLoadedClassAll(name);
+            }
 …
      * classloader, or one of the classloaders for the JNLP file's
      * extensions.
+     */
+    public synchronized Class<?> loadClass(String name) throws ClassNotFoundException {
+     * This method used to be qualified "synchronized." This was done solely for the
+     * purpose of ensuring only one thread entered the method at a time. This was not
+     * strictly necessary - ensuring that all affected fields are thread-safe is
+     * sufficient. Locking on the JNLPClassLoader instance when this method is called
+     * can result in deadlock if another thread is dealing with the CodebaseClassLoader
+     * at the same time. This solution is very heavy-handed as the instance lock is not
+     * truly required, and taking the lock on the classloader instance when not needed is
+     * not in general a good idea because it can and will lead to deadlock when multithreaded
+     * classloading is in effect. The solution is to keep the fields thread safe on their own.
+     * This is accomplished by wrapping them in Collections.synchronized* to provide
+     * atomic add/remove operations, and synchronizing on them when iterating or performing
+     * multiple mutations.
+     * See bug report RH976833. On some systems this bug will manifest itself as deadlock on
+     * every webpage with more than one Java applet, potentially also causing the browser
+     * process to hang.
+     * More information in the mailing list archives:
+     * http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-September/024536.html
+     *
+     * Affected fields: available, classpaths, jarIndexes, jarEntries, jarLocationSecurityMap
+     */
+    public Class<?> loadClass(String name) throws ClassNotFoundException {
         Class<?> result = findLoadedClassAll(name);
 …
                 // Look in 'Class-Path' as specified in the manifest file
                 try {
+                    for (String classpath: classpaths) {
+                        JARDesc desc;
+                        try {
+                            URL jarUrl = new URL(file.getCodeBase(), classpath);
+                            desc = new JARDesc(jarUrl, null, null, false, true, false, true);
+                        } catch (MalformedURLException mfe) {
+                            throw new ClassNotFoundException(name, mfe);
+                    // This field synchronized before iterating over it since it may
+                    // be shared data between threads
+                    synchronized (classpaths) {
+                        for (String classpath : classpaths) {
+                            JARDesc desc;
+                            try {
+                                URL jarUrl = new URL(file.getCodeBase(), classpath);
+                                desc = new JARDesc(jarUrl, null, null, false, true, false, true);
+                            } catch (MalformedURLException mfe) {
+                                throw new ClassNotFoundException(name, mfe);
+                            }
+                            addNewJar(desc);
+                        }
-                        addNewJar(desc);
+                    }
 …
                     return result;
                 } catch (ClassNotFoundException cnfe1) {
+                    if (JNLPRuntime.isDebug()) {
+                        cnfe1.printStackTrace();
+                    }
+                    OutputController.getLogger().log(cnfe1);
+                }
 …
                 // Currently this loads jars directly from the site. We cannot cache it because this
                 // call is initiated from within the applet, which does not have disk read/write permissions
+                for (JarIndex index : jarIndexes) {
+                    // Non-generic code in sun.misc.JarIndex
+                    @SuppressWarnings("unchecked")
+                    LinkedList<String> jarList = index.get(name.replace('.', '/'));
+                    if (jarList != null) {
+                        for (String jarName : jarList) {
+                            JARDesc desc;
+                            try {
+                                desc = new JARDesc(new URL(file.getCodeBase(), jarName),
+                                        null, null, false, true, false, true);
+                            } catch (MalformedURLException mfe) {
+                                throw new ClassNotFoundException(name);
+                            }
+                            try {
+                                addNewJar(desc);
+                            } catch (Exception e) {
+                                if (JNLPRuntime.isDebug()) {
+                                    e.printStackTrace();
+                // This field synchronized before iterating over it since it may
+                // be shared data between threads
+                synchronized (jarIndexes) {
+                    for (JarIndex index : jarIndexes) {
+                        // Non-generic code in sun.misc.JarIndex
+                        @SuppressWarnings("unchecked")
+                        LinkedList<String> jarList = index.get(name.replace('.', '/'));
+                        if (jarList != null) {
+                            for (String jarName : jarList) {
+                                JARDesc desc;
+                                try {
+                                    desc = new JARDesc(new URL(file.getCodeBase(), jarName),
+                                            null, null, false, true, false, true);
+                                } catch (MalformedURLException mfe) {
+                                    throw new ClassNotFoundException(name);
+                                }
+                                try {
+                                    addNewJar(desc);
+                                } catch (Exception e) {
+                                    OutputController.getLogger().log(e);
+                                }
+                            }
+                            // If it still fails, let it error out
+                            result = loadClassExt(name);
+                        }
-                        // If it still fails, let it error out
-                        result = loadClassExt(name);
+                    }
+                }
 …
      * This will add the JARDesc into the resourceTracker and block until it
      * is downloaded.
+     * </p>
      * @param desc the JARDesc for the new jar
      */
     private void addNewJar(final JARDesc desc) {
+        this.addNewJar(desc, JNLPRuntime.getDefaultUpdatePolicy());
+    }
+    /**
+     * Adds a new JARDesc into this classloader.
+     * @param desc the JARDesc for the new jar
+     * @param updatePolicy the UpdatePolicy for the resource
+     */
+    private void addNewJar(final JARDesc desc, UpdatePolicy updatePolicy) {
         available.add(desc);
 …
                 desc.getVersion(),
                 null,
                 JNLPRuntime.getDefaultUpdatePolicy()
+                updatePolicy
                 );
 …
             // Verify if needed
-            final JarCertVerifier signer = new JarCertVerifier();
             final List<JARDesc> jars = new ArrayList<JARDesc>();
             jars.add(desc);
 …
             AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() {
                 public Void run() throws Exception {
+                    signer.verifyJars(jars, tracker);
+                    if (signer.anyJarsSigned() && !signer.getAlreadyTrustPublisher()) {
+                        checkTrustWithUser(signer);
+                    }
+                    final SecurityDesc security;
+                    if (signer.anyJarsSigned()) {
+                        security = new SecurityDesc(file,
+                                SecurityDesc.ALL_PERMISSIONS,
+                                file.getCodeBase().getHost());
+                    } else {
+                        security = new SecurityDesc(file,
+                                SecurityDesc.SANDBOX_PERMISSIONS,
+                                file.getCodeBase().getHost());
+                    }
+                    jcv.add(jars, tracker);
+                    checkTrustWithUser();
+                    final SecurityDesc security = securityDelegate.getJarPermissions(file.getCodeBase().getHost());
                     jarLocationSecurityMap.put(remoteURL, security);
 …
             // Exception => jar will not get added to classpath, which will
             // result in CNFE from loadClass.
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }
 …
      * Find the class in this loader or any of its extension loaders.
      */
+    protected Class findClass(String name) throws ClassNotFoundException {
+        for (int i = 0; i < loaders.length; i++) {
+    @Override
+    protected Class<?> findClass(String name) throws ClassNotFoundException {
+        for (JNLPClassLoader loader : loaders) {
             try {
                 if (loaders[i] == this) {
+                if (loader == this) {
                     final String fName = name;
                     return AccessController.doPrivileged(
 …
                             }, getAccessControlContextForClassLoading());
                 } else {
                     return loaders[i].findClass(name);
+                    return loader.findClass(name);
+                }
             } catch (ClassNotFoundException ex) {
             } catch (ClassFormatError cfe) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, cfe);
             } catch (PrivilegedActionException pae) {
+            } catch (NullJnlpFileException ex) {
+                throw new ClassNotFoundException(this.mainClass + " in main classloader ", ex);
+            }
+        }
 …
         // Try codebase loader
         if (codeBaseLoader != null)
             return codeBaseLoader.findClass(name, true);
+            return codeBaseLoader.findClassNonRecursive(name);
         // All else failed. Throw CNFE
 …
      * is found.
      */
     private Class loadClassExt(String name) throws ClassNotFoundException {
+    private Class<?> loadClassExt(String name) throws ClassNotFoundException {
         // make recursive
         addAvailable();
 …
      * class loaders.
+     *
      * @return a <code>URL</code> for the resource, or <code>null</code>
+     * @return a {@link URL} for the resource, or {@code null}
      * if the resource could not be found.
      */
 …
+            }
         } catch (IOException e) {
+            if (JNLPRuntime.isDebug()) {
+                e.printStackTrace();
+            }
+            OutputController.getLogger().log(e);
+        }
 …
+            }
         } catch (LaunchException le) {
             le.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, le);
+        }
 …
         Enumeration<URL> e = null;
         for (int i = 0; i < loaders.length; i++) {
+        for (JNLPClassLoader loader : loaders) {
             // TODO check if this will blow up or not
             // if loaders[1].getResource() is called, wont it call getResource() on
             // the original caller? infinite recursion?
             if (loaders[i] == this) {
+            if (loader == this) {
                 final String fName = name;
                 try {
 …
+                }
             } else {
                 e = loaders[i].findResources(name);
+                e = loader.findResources(name);
+            }
 …
     public boolean getSigning() {
+        return signing == SigningState.FULL;
+    }
+    /**
+     * Call this when it's suspected that an applet's permission level may have
+     * just changed from Full Signing to Partial Signing.
+     * This will display a one-time prompt asking the user to confirm running
+     * the partially signed applet.
+     * Partially Signed applets always start off as appearing to be Fully
+     * Signed, and then during the initialization or loading process, we find
+     * that we actually need to demote the applet to Partial, either due to
+     * finding that not all of its JARs are actually signed, or because it
+     * needs to load something unsigned out of the codebase.
+     */
+    private void checkPartialSigningWithUser() {
+        if (signing == SigningState.FULL && JNLPRuntime.isVerifying()) {
+            signing = SigningState.PARTIAL;
+            try {
+                securityDelegate.promptUserOnPartialSigning();
+            } catch (LaunchException e) {
+                throw new RuntimeException("The signed applet required loading of unsigned code from the codebase, "
+                        + "which the user refused", e);
+            }
+        }
+    }
+    public SigningState getSigningState() {
         return signing;
+    }
 …
     protected SecurityDesc getCodeSourceSecurity(URL source) {
         SecurityDesc sec=jarLocationSecurityMap.get(source);
+        if (sec == null && !alreadyTried.contains(source)) {
+            alreadyTried.add(source);
+            //try to load the jar which is requesting the permissions, but was NOT downloaded by standard way
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("Application is trying to get permissions for " + source.toString() + ", which was not added by standard way. Trying to download and verify!");
+            }
+            try {
+                JARDesc des = new JARDesc(source, null, null, false, false, false, false);
+                addNewJar(des);
+                sec = jarLocationSecurityMap.get(source);
+            } catch (Throwable t) {
+                if (JNLPRuntime.isDebug()) {
+                    t.printStackTrace();
+                }
+                sec = null;
+        synchronized (alreadyTried) {
+            if (sec == null && !alreadyTried.contains(source)) {
+                alreadyTried.add(source);
+                //try to load the jar which is requesting the permissions, but was NOT downloaded by standard way
+                OutputController.getLogger().log("Application is trying to get permissions for " + source.toString() + ", which was not added by standard way. Trying to download and verify!");
+                try {
+                    JARDesc des = new JARDesc(source, null, null, false, false, false, false);
+                    addNewJar(des);
+                    sec = jarLocationSecurityMap.get(source);
+                } catch (Throwable t) {
+                    OutputController.getLogger().log(t);
+                    sec = null;
+                }
+            }
+        }
         if (sec == null){
             System.out.println(Translator.R("LNoSecInstance",source.toString()));
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("LNoSecInstance",source.toString()));
+        }
         return sec;
 …
         // native search paths
+        for (File nativeDirectory : extLoader.getNativeDirectories())
+            addNativeDirectory(nativeDirectory);
+        for (File nativeDirectory : extLoader.nativeLibraryStorage.getSearchDirectories()) {
+            nativeLibraryStorage.addSearchDirectory(nativeDirectory);
+        }
         // security descriptors
+        for (URL key : extLoader.jarLocationSecurityMap.keySet()) {
+            jarLocationSecurityMap.put(key, extLoader.jarLocationSecurityMap.get(key));
+        synchronized (jarLocationSecurityMap) {
+            for (URL key : extLoader.jarLocationSecurityMap.keySet()) {
+                jarLocationSecurityMap.put(key, extLoader.jarLocationSecurityMap.get(key));
+            }
+        }
+    }
 …
      * Adds the given path to the path loader
+     *
      * @param URL the path to add
+     * @param u the path to add
      * @throws IllegalArgumentException If the given url is not a path
      */
 …
             codeBaseLoader.addURL(u);
+        }
+    }
-    private DownloadOptions getDownloadOptionsForJar(JARDesc jar) {
-        return file.getDownloadOptionsForJar(jar);
+    }
 …
      * @throws SecurityException if caller is not trusted
      */
     private synchronized void incrementLoaderUseCount() {
+    private void incrementLoaderUseCount() {
         // For use by trusted code only
         if (System.getSecurityManager() != null)
             System.getSecurityManager().checkPermission(new AllPermission());
+        useCount++;
+        // NB: There will only ever be one class-loader per unique-key
+        synchronized ( getUniqueKeyLock(file.getUniqueKey()) ){
+            useCount++;
+        }
+    }
+    /**
+     * Returns all loaders that this loader uses, including itself
+     */
+    JNLPClassLoader[] getLoaders() {
+        return loaders;
+    }
+    /**
+     * Remove jars from the file system.
+     *
+     * @param jars Jars marked for removal.
+     */
+    void removeJars(JARDesc[] jars) {
+        for (JARDesc eachJar : jars) {
+            try {
+                tracker.removeResource(eachJar.getLocation());
+            } catch (Exception e) {
+                    OutputController.getLogger().log(e);
+                    OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Failed to remove resource from tracker, continuing..");
+            }
+            File cachedFile = CacheUtil.getCacheFile(eachJar.getLocation(), null);
+            String directoryUrl = CacheUtil.getCacheParentDirectory(cachedFile.getAbsolutePath());
+            File directory = new File(directoryUrl);
+            OutputController.getLogger().log("Deleting cached file: " + cachedFile.getAbsolutePath());
+            cachedFile.delete();
+            OutputController.getLogger().log("Deleting cached directory: " + directory.getAbsolutePath());
+            directory.delete();
+        }
+    }
+    /**
+     * Downloads and initializes jars into this loader.
+     *
+     * @param ref Path of the launch or extension JNLP File containing the
+     * resource. If null, main JNLP's file location will be used instead.
+     * @param part The name of the path.
+     * @throws LaunchException
+     */
+    void initializeNewJarDownload(URL ref, String part, Version version) {
+        JARDesc[] jars = ManageJnlpResources.findJars(this, ref, part, version);
+        for (JARDesc eachJar : jars) {
+            OutputController.getLogger().log("Downloading and initializing jar: " + eachJar.getLocation().toString());
+            this.addNewJar(eachJar, UpdatePolicy.FORCE);
+        }
+    }
+    /**
+     * Manages DownloadService jars which are not mentioned in the JNLP file
+     * @param ref Path to the resource.
+     * @param version The version of resource. If null, no version is specified.
+     * @param action The action to perform with the resource. Either DOWNLOADTOCACHE, REMOVEFROMCACHE, or CHECKCACHE.
+     * @return true if CHECKCACHE and the resource is cached.
+     */
+    boolean manageExternalJars(URL ref, String version, DownloadAction action) {
+        boolean approved = false;
+        JNLPClassLoader foundLoader = LocateJnlpClassLoader.getLoaderByResourceUrl(this, ref, version);
+        Version resourceVersion = (version == null) ? null : new Version(version);
+        if (foundLoader != null)
+            approved = true;
+        else if (ref.toString().startsWith(file.getCodeBase().toString()))
+            approved = true;
+        else if (SecurityDesc.ALL_PERMISSIONS.equals(security.getSecurityType()))
+            approved = true;
+        if (approved) {
+            if (foundLoader == null)
+                foundLoader = this;
+            if (action == DownloadAction.DOWNLOAD_TO_CACHE) {
+                JARDesc jarToCache = new JARDesc(ref, resourceVersion, null, false, true, false, true);
+                OutputController.getLogger().log("Downloading and initializing jar: " + ref.toString());
+                foundLoader.addNewJar(jarToCache, UpdatePolicy.FORCE);
+            } else if (action == DownloadAction.REMOVE_FROM_CACHE) {
+                JARDesc[] jarToRemove = { new JARDesc(ref, resourceVersion, null, false, true, false, true) };
+                foundLoader.removeJars(jarToRemove);
+            } else if (action == DownloadAction.CHECK_CACHE) {
+                return CacheUtil.isCached(ref, resourceVersion);
+            }
+        }
+        return false;
+    }
 …
      * @throws SecurityException if caller is not trusted
      */
     public synchronized void decrementLoaderUseCount() {
+    public void decrementLoaderUseCount() {
         // For use by trusted code only
 …
             System.getSecurityManager().checkPermission(new AllPermission());
+        useCount--;
+        if (useCount <= 0) {
+            synchronized(urlToLoader) {
+                urlToLoader.remove(file.getUniqueKey());
+        String uniqueKey = file.getUniqueKey();
+        // NB: There will only ever be one class-loader per unique-key
+        synchronized ( getUniqueKeyLock(uniqueKey) ) {
+            useCount--;
+            if (useCount <= 0) {
+                uniqueKeyToLoader.remove(uniqueKey);
+            }
+        }
 …
         } catch (AccessControlException ace) {
             // continue below
-        } catch (ClassCircularityError cce) {
-            // continue below
+        }
 …
         // Permissions for all remote hosting urls
+        for (URL u: jarLocationSecurityMap.keySet()) {
+            permissions.add(new SocketPermission(u.getHost(),
+                                                 "connect, accept"));
+        synchronized (jarLocationSecurityMap) {
+            for (URL u : jarLocationSecurityMap.keySet()) {
+                permissions.add(new SocketPermission(u.getHost(),
+                        "connect, accept"));
+            }
+        }
 …
         return new AccessControlContext(new ProtectionDomain[] { pd });
+    }
+    public String getMainClass() {
+        return mainClass;
+    }
+   /**
+     * SecurityDelegate, in real usage, relies on having a "parent" JNLPClassLoader instance.
+     * However, JNLPClassLoaders are very large, heavyweight, difficult-to-mock objects, which
+     * means that unit testing on anything that uses a SecurityDelegate can become very difficult.
+     * For example, JarCertVerifier is designed separated from the ClassLoader so it can be tested
+     * in isolation. However, JCV needs some sort of access back to JNLPClassLoader instances to
+     * be able to invoke setRunInSandbox(). The SecurityDelegate handles this, allowing JCV to be
+     * tested without instantiating JNLPClassLoaders, by creating a fake SecurityDelegate that does
+     * not require one.
+     */
+    public static interface SecurityDelegate {
+        public boolean isPluginApplet();
+        public boolean userPromptedForPartialSigning();
+        public boolean userPromptedForSandbox();
+        public SecurityDesc getCodebaseSecurityDesc(final JARDesc jarDesc, final String codebaseHost);
+        public SecurityDesc getClassLoaderSecurity(final String codebaseHost) throws LaunchException;
+        public SecurityDesc getJarPermissions(final String codebaseHost);
+        public void promptUserOnPartialSigning() throws LaunchException;
+        public void setRunInSandbox() throws LaunchException;
+        public boolean getRunInSandbox();
+        public void addPermission(final Permission perm);
+        public void addPermissions(final PermissionCollection perms);
+        public void addPermissions(final Collection<Permission> perms);
+    }
+    /**
+     * Handles security decision logic for the JNLPClassLoader, eg which permission level to assign
+     * to JARs.
+     */
+    public static class SecurityDelegateImpl implements SecurityDelegate {
+        private final JNLPClassLoader classLoader;
+        private boolean runInSandbox;
+        private boolean promptedForPartialSigning;
+        private boolean promptedForSandbox;
+        public SecurityDelegateImpl(final JNLPClassLoader classLoader) {
+            this.classLoader = classLoader;
+            runInSandbox = false;
+            promptedForSandbox = false;
+        }
+        public boolean isPluginApplet() {
+            return classLoader.file instanceof PluginBridge;
+        }
+        public SecurityDesc getCodebaseSecurityDesc(final JARDesc jarDesc, final String codebaseHost) {
+            if (runInSandbox) {
+                return new SecurityDesc(classLoader.file,
+                        SecurityDesc.SANDBOX_PERMISSIONS,
+                        codebaseHost);
+            } else {
+                if (isPluginApplet()) {
+                    try {
+                        if (JarCertVerifier.isJarSigned(jarDesc, new PluginAppVerifier(), classLoader.tracker)) {
+                            return new SecurityDesc(classLoader.file,
+                                    SecurityDesc.ALL_PERMISSIONS,
+                                    codebaseHost);
+                        } else {
+                            return new SecurityDesc(classLoader.file,
+                                    SecurityDesc.SANDBOX_PERMISSIONS,
+                                    codebaseHost);
+                        }
+                    } catch (final Exception e) {
+                        OutputController.getLogger().log(e);
+                        return new SecurityDesc(classLoader.file,
+                                SecurityDesc.SANDBOX_PERMISSIONS,
+                                codebaseHost);
+                    }
+                } else {
+                    return classLoader.file.getSecurity();
+                }
+            }
+        }
+        public SecurityDesc getClassLoaderSecurity(final String codebaseHost) throws LaunchException {
+            if (isPluginApplet()) {
+                if (!runInSandbox && classLoader.getSigning()) {
+                    return new SecurityDesc(classLoader.file,
+                            SecurityDesc.ALL_PERMISSIONS,
+                            codebaseHost);
+                } else {
+                    return new SecurityDesc(classLoader.file,
+                            SecurityDesc.SANDBOX_PERMISSIONS,
+                            codebaseHost);
+                }
+            } else {
+                /*
+                 * Various combinations of the jars being signed and <security> tags being
+                 * present are possible. They are treated as follows
+                 *
+                 * Jars          JNLP File         Result
+                 *
+                 * Signed        <security>        Appropriate Permissions
+                 * Signed        no <security>     Sandbox
+                 * Unsigned      <security>        Error
+                 * Unsigned      no <security>     Sandbox
+                 *
+                 */
+                if (!runInSandbox && !classLoader.getSigning()
+                        && !classLoader.file.getSecurity().getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
+                    if (classLoader.jcv.allJarsSigned()) {
+                        throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCClient"), R("LSignedJNLPAppDifferentCerts"), R("LSignedJNLPAppDifferentCertsInfo"));
+                    } else {
+                        throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCClient"), R("LUnsignedJarWithSecurity"), R("LUnsignedJarWithSecurityInfo"));
+                    }
+                } else if (!runInSandbox && classLoader.getSigning()) {
+                    return classLoader.file.getSecurity();
+                } else {
+                    return new SecurityDesc(classLoader.file,
+                            SecurityDesc.SANDBOX_PERMISSIONS,
+                            codebaseHost);
+                }
+            }
+        }
+        public SecurityDesc getJarPermissions(final String codebaseHost) {
+            if (!runInSandbox && classLoader.jcv.isFullySigned()) {
+                // Already trust application, nested jar should be given
+                return new SecurityDesc(classLoader.file,
+                        SecurityDesc.ALL_PERMISSIONS,
+                        codebaseHost);
+            } else {
+                return new SecurityDesc(classLoader.file,
+                        SecurityDesc.SANDBOX_PERMISSIONS,
+                        codebaseHost);
+            }
+        }
+        public void setRunInSandbox() throws LaunchException {
+            if (promptedForSandbox || classLoader.security != null
+                    || classLoader.jarLocationSecurityMap.size() != 0) {
+                throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCInit"), R("LRunInSandboxError"), R("LRunInSandboxErrorInfo"));
+            }
+            JNLPRuntime.reloadPolicy(); // ensure that we have the most up-to-date custom policy loaded
+            this.promptedForSandbox = true;
+            this.runInSandbox = true;
+        }
+        public void promptUserOnPartialSigning() throws LaunchException {
+            if (promptedForPartialSigning || JNLPRuntime.isTrustAll()) {
+                return;
+            }
+            promptedForPartialSigning = true;
+            UnsignedAppletTrustConfirmation.checkPartiallySignedWithUserIfRequired(this, classLoader.file, classLoader.jcv);
+        }
+        public boolean getRunInSandbox() {
+            return this.runInSandbox;
+        }
+        public boolean userPromptedForPartialSigning() {
+            return this.promptedForPartialSigning;
+        }
+        public boolean userPromptedForSandbox() {
+            return this.promptedForSandbox;
+        }
+        public void addPermission(final Permission perm) {
+            classLoader.addPermission(perm);
+        }
+        public void addPermissions(final PermissionCollection perms) {
+            Enumeration<Permission> e = perms.elements();
+            while (e.hasMoreElements()) {
+                addPermission(e.nextElement());
+            }
+        }
+        public void addPermissions(final Collection<Permission> perms) {
+            for (final Permission perm : perms) {
+                addPermission(perm);
+            }
+        }
+    }
     /*
      * Helper class to expose protected URLClassLoader methods.
+     */
+     * Classes loaded from the codebase are absolutely NOT signed, by definition!
+     * If the CodeBaseClassLoader is used to load any classes in JNLPClassLoader,
+     * then you *MUST* check if the JNLPClassLoader is set to FULL signing. If so,
+     * then it must be set instead to PARTIAL, and the user prompted if it is okay
+     * to proceed. If the JNLPClassLoader is already PARTIAL or NONE signing, then
+     * nothing must be done. This is required so that we can support partial signing
+     * of applets but also ensure that using codebase loading in conjunction with
+     * signed JARs still results in the user having to confirm that this is
+     * acceptable.
+     */
     public static class CodeBaseClassLoader extends URLClassLoader {
 …
         public CodeBaseClassLoader(URL[] urls, JNLPClassLoader cl) {
             super(urls);
+            super(urls, cl);
             parentJNLPClassLoader = cl;
+        }
 …
+        }
+        @Override
+        public Class<?> findClass(String name) throws ClassNotFoundException {
+            return findClass(name, false);
+        }
+        public Class<?> findClass(String name, boolean recursivelyInvoked) throws ClassNotFoundException {
+            if (!recursivelyInvoked) {
+                try {
+                    return parentJNLPClassLoader.findClass(name);
+                } catch (ClassNotFoundException cnfe) {
+                    // continue
+                }
+            }
+        /*
+         * Use with care! Check the class-level Javadoc before calling this.
+         */
+        Class<?> findClassNonRecursive(final String name) throws ClassNotFoundException {
             // If we have searched this path before, don't try again
             if (Arrays.equals(super.getURLs(), notFoundResources.get(name)))
 …
             try {
-                final String fName = name;
                 return AccessController.doPrivileged(
                         new PrivilegedExceptionAction<Class<?>>() {
                             public Class<?> run() throws ClassNotFoundException {
+                                return CodeBaseClassLoader.super.findClass(fName);
+                                Class<?> c = CodeBaseClassLoader.super.findClass(name);
+                                parentJNLPClassLoader.checkPartialSigningWithUser();
+                                return c;
+                            }
                         }, parentJNLPClassLoader.getAccessControlContextForClassLoading());
             } catch (PrivilegedActionException pae) {
                 notFoundResources.put(name, super.getURLs());
+                throw new ClassNotFoundException("Could not find class " + name);
+            }
+                throw new ClassNotFoundException("Could not find class " + name, pae);
+            } catch (NullJnlpFileException njf) {
+                notFoundResources.put(name, super.getURLs());
+                throw new ClassNotFoundException("Could not find class " + name, njf);
+            }
+        }
+        /*
+         * Use with care! Check the class-level Javadoc before calling this.
+         */
+        @Override
+        public Class<?> findClass(String name) throws ClassNotFoundException {
+            // Calls JNLPClassLoader#findClass which may call into this.findClassNonRecursive
+            Class<?> c = getParentJNLPClassLoader().findClass(name);
+            parentJNLPClassLoader.checkPartialSigningWithUser();
+            return c;
+        }
 …
                             }, parentJNLPClassLoader.getAccessControlContextForClassLoading());
                 } catch (PrivilegedActionException pae) {
+                }
+                }
                 if (url == null) {
 …
+        }
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/JNLPPolicy.java

-              r348
+              r429
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
                 // systempolicy permissions need to be accounted for as well
                 e = systemPolicy.getPermissions(appletCS).elements();
                 while (e.hasMoreElements())
+                while (e.hasMoreElements()) {
                     clPermissions.add(e.nextElement());
+                }
                 // and so do permissions from the jnlp-specific system policy
                 if (systemJnlpPolicy != null) {
                     e = systemJnlpPolicy.getPermissions(appletCS).elements();
                     while (e.hasMoreElements())
+                    while (e.hasMoreElements()) {
                         clPermissions.add(e.nextElement());
+                    }
+                }
 …
                 if (userJnlpPolicy != null) {
                     e = userJnlpPolicy.getPermissions(appletCS).elements();
                     while (e.hasMoreElements())
+                    while (e.hasMoreElements()) {
                         clPermissions.add(e.nextElement());
+                    }
+                    CodeSource appletCodebaseSource = new CodeSource(JNLPRuntime.getApplication().getJNLPFile().getCodeBase(), (java.security.cert.Certificate[]) null);
+                    e = userJnlpPolicy.getPermissions(appletCodebaseSource).elements();
+                    while (e.hasMoreElements()) {
+                        clPermissions.add(e.nextElement());
+                    }
+                }
 …
      */
     public void refresh() {
+        // no op
+        if (userJnlpPolicy != null) {
+            userJnlpPolicy.refresh();
+        }
+    }
 …
                 policy = getInstance("JavaPolicy", new URIParameter(policyUri));
             } catch (IllegalArgumentException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             } catch (NoSuchAlgorithmException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             } catch (URISyntaxException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/JNLPProxySelector.java

-              r348
+              r429
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
     private String overrideHosts = null;
+    /**
+     * Creates a new JNLPProxySelector.
+     */
+    public JNLPProxySelector() {
+        parseConfiguration();
+    public JNLPProxySelector(DeploymentConfiguration config) {
+        parseConfiguration(config);
+    }
 …
      * Initialize this ProxySelector by reading the configuration
      */
+    private void parseConfiguration() {
+        DeploymentConfiguration config = JNLPRuntime.getConfiguration();
+    private void parseConfiguration(DeploymentConfiguration config) {
         proxyType = Integer.valueOf(config.getProperty(DeploymentConfiguration.KEY_PROXY_TYPE));
 …
                 autoConfigUrl = new URL(autoConfigString);
             } catch (MalformedURLException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
+        }
 …
                 proxyPort = Integer.valueOf(port);
             } catch (NumberFormatException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
+        }
 …
     @Override
     public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
         ioe.printStackTrace();
+        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ioe);
+    }
 …
     @Override
     public List<Proxy> select(URI uri) {
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Selecting proxy for: " + uri);
+        }
+        OutputController.getLogger().log("Selecting proxy for: " + uri);
         if (inBypassList(uri)) {
             List<Proxy> proxies = Arrays.asList(new Proxy[] { Proxy.NO_PROXY });
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("Selected proxies: " + Arrays.toString(proxies.toArray()));
+            }
+            OutputController.getLogger().log("Selected proxies: " + Arrays.toString(proxies.toArray()));
             return proxies;
+        }
 …
+        }
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Selected proxies: " + Arrays.toString(proxies.toArray()));
+        }
+        OutputController.getLogger().log("Selected proxies: " + Arrays.toString(proxies.toArray()));
         return proxies;
+    }
 …
+                }
             } else if (scheme.equals("socket")) {
                 String host = uri.getSchemeSpecificPart().split(":")[0];
+                String host = uri.getHost();
                 if (bypassLocal && isLocalHost(host)) {
 …
      */
     private List<Proxy> getFromConfiguration(URI uri) {
+        return getFromArguments(uri, sameProxy, false,
+                proxyHttpsHost, proxyHttpsPort,
+                proxyHttpHost, proxyHttpPort,
+                proxyFtpHost, proxyFtpPort,
+                proxySocks4Host, proxySocks4Port);
+    }
+    /**
+     * Returns a list of proxies by using the arguments
+     *
+     * @return a List of Proxy objects
+     */
+    protected static List<Proxy> getFromArguments(URI uri,
+            boolean sameProxy, boolean sameProxyIncludesSocket,
+            String proxyHttpsHost, int proxyHttpsPort,
+            String proxyHttpHost, int proxyHttpPort,
+            String proxyFtpHost, int proxyFtpPort,
+            String proxySocks4Host, int proxySocks4Port) {
         List<Proxy> proxies = new ArrayList<Proxy>();
         String scheme = uri.getScheme();
+        boolean socksProxyAdded = false;
         if (sameProxy) {
+            SocketAddress sa = new InetSocketAddress(proxyHttpHost, proxyHttpPort);
+            Proxy proxy;
+            if (scheme.equals("socket")) {
+                proxy = new Proxy(Type.SOCKS, sa);
+            } else {
+                proxy = new Proxy(Type.HTTP, sa);
+            }
+            proxies.add(proxy);
+        } else if (scheme.equals("http")) {
+            if (proxyHttpHost != null) {
+                SocketAddress sa = new InetSocketAddress(proxyHttpHost, proxyHttpPort);
+                if ((scheme.equals("https") || scheme.equals("http") || scheme.equals("ftp"))) {
+                    Proxy proxy = new Proxy(Type.HTTP, sa);
+                    proxies.add(proxy);
+                } else if (scheme.equals("socket") && sameProxyIncludesSocket) {
+                    Proxy proxy = new Proxy(Type.SOCKS, sa);
+                    proxies.add(proxy);
+                    socksProxyAdded = true;
+                }
+            }
+        } else if (scheme.equals("http") && proxyHttpHost != null) {
             SocketAddress sa = new InetSocketAddress(proxyHttpHost, proxyHttpPort);
             proxies.add(new Proxy(Type.HTTP, sa));
         } else if (scheme.equals("https")) {
+        } else if (scheme.equals("https") && proxyHttpsHost != null) {
             SocketAddress sa = new InetSocketAddress(proxyHttpsHost, proxyHttpsPort);
             proxies.add(new Proxy(Type.HTTP, sa));
         } else if (scheme.equals("ftp")) {
+        } else if (scheme.equals("ftp") && proxyFtpHost != null) {
             SocketAddress sa = new InetSocketAddress(proxyFtpHost, proxyFtpPort);
             proxies.add(new Proxy(Type.HTTP, sa));
+        } else if (scheme.equals("socket")) {
+        }
+        if (!socksProxyAdded && (proxySocks4Host != null)) {
             SocketAddress sa = new InetSocketAddress(proxySocks4Host, proxySocks4Port);
             proxies.add(new Proxy(Type.SOCKS, sa));
+        } else {
+            socksProxyAdded = true;
+        }
+        if (proxies.size() == 0) {
             proxies.add(Proxy.NO_PROXY);
+        }
 …
             proxies.addAll(getProxiesFromPacResult(proxiesString));
         } catch (MalformedURLException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             proxies.add(Proxy.NO_PROXY);
+        }
 …
      * @param pacString a string indicating proxies. For example
      * "PROXY foo.bar:3128; DIRECT"
+     * @return a list of Proxy objects represeting the parsed string.
+     * @return a list of Proxy objects representing the parsed string. In
+     * case of malformed input, an empty list may be returned
      */
     public static List<Proxy> getProxiesFromPacResult(String pacString) {
 …
                 proxies.add(Proxy.NO_PROXY);
             } else {
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("Unrecognized proxy token: " + token);
+                }
+                 OutputController.getLogger().log("Unrecognized proxy token: " + token);
+            }
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java

-              r418
+              r429
 package net.sourceforge.jnlp.runtime;
+import java.io.*;
+import java.awt.EventQueue;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
 import java.net.Authenticator;
+import java.net.InetAddress;
 import java.net.ProxySelector;
+import java.net.URL;
+import java.net.UnknownHostException;
 import java.nio.channels.FileChannel;
 import java.nio.channels.FileLock;
+import java.awt.*;
+import java.text.*;
+import java.util.*;
+import java.security.AllPermission;
+import java.security.KeyStore;
+import java.security.Policy;
+import java.security.Security;
+import java.text.MessageFormat;
 import java.util.List;
+import java.security.*;
+import javax.jnlp.*;
+import java.util.ResourceBundle;
+import javax.jnlp.ServiceManager;
 import javax.naming.ConfigurationException;
 import javax.net.ssl.HttpsURLConnection;
 …
 import javax.net.ssl.SSLSocketFactory;
 import javax.net.ssl.TrustManager;
+import javax.swing.JOptionPane;
 import javax.swing.UIManager;
 import javax.swing.text.html.parser.ParserDelegator;
+import sun.net.www.protocol.jar.URLJarFile;
+import net.sourceforge.jnlp.*;
+import net.sourceforge.jnlp.DefaultLaunchHandler;
+import net.sourceforge.jnlp.GuiLaunchHandler;
+import net.sourceforge.jnlp.LaunchHandler;
+import net.sourceforge.jnlp.Launcher;
 import net.sourceforge.jnlp.browser.BrowserAwareProxySelector;
+import net.sourceforge.jnlp.cache.*;
+import net.sourceforge.jnlp.cache.CacheUtil;
+import net.sourceforge.jnlp.cache.DefaultDownloadIndicator;
+import net.sourceforge.jnlp.cache.DownloadIndicator;
+import net.sourceforge.jnlp.cache.UpdatePolicy;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.security.JNLPAuthenticator;
 import net.sourceforge.jnlp.security.KeyStores;
 import net.sourceforge.jnlp.security.SecurityDialogMessageHandler;
+import net.sourceforge.jnlp.security.VariableX509TrustManager;
+import net.sourceforge.jnlp.services.*;
+import net.sourceforge.jnlp.util.*;
+import net.sourceforge.jnlp.services.XServiceManagerStub;
+import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.logging.JavaConsole;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import net.sourceforge.jnlp.util.logging.LogConfig;
+import sun.net.www.protocol.jar.URLJarFile;
 /**
+ * <p>
  * Configure and access the runtime environment.  This class
  * stores global jnlp properties such as default download
  * indicators, the install/base directory, the default resource
  * update policy, etc.  Some settings, such as the base directory,
+ * cannot be changed once the runtime has been initialized.<p>
+ *
+ * cannot be changed once the runtime has been initialized.
+ * </p>
+ * <p>
  * The JNLP runtime can be locked to prevent further changes to
  * the runtime environment except by a specified class.  If set,
  * only instances of the <i>exit class</i> can exit the JVM or
  * change the JNLP runtime settings once the runtime has been
+ * initialized.<p>
+ * initialized.
+ * </p>
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
+    }
+    /**
+     * java-abrt-connector can print out specific application String method, it is good to save visited urls for reproduce purposes.
+     * For javaws we can read the destination jnlp from commandline
+     * However for plugin (url arrive via pipes). Also for plugin we can not be sure which opened tab/window
+     * have caused the crash. Thats why the individual urls are added, not replaced.
+     */
+    private static String history = "";
     /** the localized resource strings */
     private static ResourceBundle resources;
-    private static final DeploymentConfiguration config = new DeploymentConfiguration();
     /** the security manager */
     private static JNLPSecurityManager security;
 …
     private static boolean debug = false;
+    /** whether streams should be redirected */
+    private static boolean redirectStreams = false;
+    /**
+     * whether plugin debug mode is on
+     */
+    private static Boolean pluginDebug = null;
     /** mutex to wait on, for initialization */
 …
     private static boolean forksAllowed = true;
     /** all security dialogs will be consumed and pretented as beeing verified by user and allowed.*/
+    /** all security dialogs will be consumed and pretented as being verified by user and allowed.*/
     private static boolean trustAll=false;
+    /** all security dialogs will be consumed and we will pretend the Sandbox option was chosen */
+    private static boolean trustNone = false;
+    /** allows 301.302.303.307.308 redirects to be followed when downloading resources*/
+    private static boolean allowRedirect = false;;
+    /** when this is true, ITW will not attempt any inet connections and will work only with what is in cache*/
+    private static boolean offlineForced = false;
+    private static Boolean onlineDetected = null;
+    /**
+     * Header is not checked and so eg
+     * <a href="https://en.wikipedia.org/wiki/Gifar">gifar</a> exploit is
+     * possible.<br/>
+     * However if jar file is a bit corrupted, then it sometimes can work so
+     * this switch can disable the header check.
+     * @see <a href="https://en.wikipedia.org/wiki/Gifar">Gifar attack</a>
+     */
+    private static boolean ignoreHeaders=false;
     /** contains the arguments passed to the jnlp runtime */
 …
     private static FileLock fileLock;
-    public static final String STDERR_FILE = "java.stderr";
-    public static final String STDOUT_FILE = "java.stdout";
     /**
      * Returns whether the JNLP runtime environment has been
      * initialized.  Once initialized, some properties such as the
      * base directory cannot be changed.  Before
+     * initialized. Once initialized, some properties such as the
+     * base directory cannot be changed. Before
      */
     public static boolean isInitialized() {
 …
      * Initialize the JNLP runtime environment by installing the
      * security manager and security policy, initializing the JNLP
+     * standard services, etc.<p>
+     *
+     * This method should be called from the main AppContext/Thread. <p>
+     *
+     * This method cannot be called more than once.  Once
+     * standard services, etc.
+     * <p>
+     * This method should be called from the main AppContext/Thread.
+     * </p>
+     * <p>
+     * This method cannot be called more than once. Once
      * initialized, methods that alter the runtime can only be
+     * called by the exit class.<p>
+     *
+     * @param isApplication is true if a webstart application is being initialized
+     *
+     * called by the exit class.
+     * </p>
+     *
+     * @param isApplication is {@code true} if a webstart application is being
+     * initialized
      * @throws IllegalStateException if the runtime was previously initialized
      */
 …
         try {
+            config.load();
+        } catch (ConfigurationException e) {
+            /* exit if there is a fatal exception loading the configuration */
+            if (isApplication) {
+                System.out.println(getMessage("RConfigurationError"));
+                System.exit(1);
+            }
+        }
+        KeyStores.setConfiguration(config);
+        initializeStreams();
+            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
+        } catch (Exception e) {
+            OutputController.getLogger().log("Unable to set system look and feel");
+        }
+        if (JavaConsole.canShowOnStartup(isApplication)) {
+            JavaConsole.getConsole().showConsoleLater();
+        }
+        /* exit if there is a fatal exception loading the configuration */
+        if (getConfiguration().getLoadingException() != null) {
+            if (getConfiguration().getLoadingException() instanceof ConfigurationException){
+                // ConfigurationException is thrown only if deployment.config's field
+                // deployment.system.config.mandatory is true, and the destination
+                //where deployment.system.config points is not readable
+                throw new RuntimeException(getConfiguration().getLoadingException());
+            }
+            OutputController.getLogger().log(OutputController.Level.WARNING_ALL, getMessage("RConfigurationError")+": "+getConfiguration().getLoadingException().getMessage());
+        }
+        KeyStores.setConfiguration(getConfiguration());
         isWebstartApplication = isApplication;
 …
         if (handler == null) {
             if (headless) {
                 handler = new DefaultLaunchHandler(System.err);
+                handler = new DefaultLaunchHandler(OutputController.getLogger());
             } else {
                 handler = new GuiLaunchHandler(System.err);
+                handler = new GuiLaunchHandler(OutputController.getLogger());
+            }
+        }
 …
         policy = new JNLPPolicy();
         security = new JNLPSecurityManager(); // side effect: create JWindow
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            // ignore it
+        }
         doMainAppContextHacks();
 …
             KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
             kmf.init(ks, KeyStores.getPassword());
             TrustManager[] trust = new TrustManager[] { VariableX509TrustManager.getInstance() };
+            TrustManager[] trust = new TrustManager[] { getSSLSocketTrustManager() };
             context.init(kmf.getKeyManagers(), trust, null);
             sslSocketFactory = context.getSocketFactory();
 …
             HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
         } catch (Exception e) {
             System.err.println("Unable to set SSLSocketfactory (may _prevent_ access to sites that should be trusted)! Continuing anyway...");
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Unable to set SSLSocketfactory (may _prevent_ access to sites that should be trusted)! Continuing anyway...");
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
         // plug in a custom authenticator and proxy selector
         Authenticator.setDefault(new JNLPAuthenticator());
+        ProxySelector.setDefault(new BrowserAwareProxySelector());
+        BrowserAwareProxySelector proxySelector = new BrowserAwareProxySelector(getConfiguration());
+        proxySelector.initialize();
+        ProxySelector.setDefault(proxySelector);
         // Restrict access to netx classes
 …
         initialized = true;
+    }
+    public static void reloadPolicy() {
+        policy.refresh();
+    }
+    /**
+     * Returns a TrustManager ideal for the running VM.
+     *
+     * @return TrustManager the trust manager to use for verifying https certificates
+     */
+    private static TrustManager getSSLSocketTrustManager() throws
+                                ClassNotFoundException, IllegalAccessException, InstantiationException, InvocationTargetException {
+        try {
+            Class<?> trustManagerClass;
+            Constructor<?> tmCtor = null;
+            if (System.getProperty("java.version").startsWith("1.6")) { // Java 6
+                try {
+                    trustManagerClass = Class.forName("net.sourceforge.jnlp.security.VariableX509TrustManagerJDK6");
+                 } catch (ClassNotFoundException cnfe) {
+                     OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Unable to find class net.sourceforge.jnlp.security.VariableX509TrustManagerJDK6");
+                     return null;
+                 }
+            } else { // Java 7 or more (technically could be <= 1.5 but <= 1.5 is unsupported)
+                try {
+                    trustManagerClass = Class.forName("net.sourceforge.jnlp.security.VariableX509TrustManagerJDK7");
+                 } catch (ClassNotFoundException cnfe) {
+                     OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Unable to find class net.sourceforge.jnlp.security.VariableX509TrustManagerJDK7");
+                     return null;
+                 }
+            }
+            Constructor<?>[] tmCtors = trustManagerClass.getDeclaredConstructors();
+            tmCtor = tmCtors[0];
+            for (Constructor<?> ctor : tmCtors) {
+                if (tmCtor.getGenericParameterTypes().length == 0) {
+                    tmCtor = ctor;
+                    break;
+                }
+            }
+            return (TrustManager) tmCtor.newInstance();
+        } catch (RuntimeException e) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Unable to load JDK-specific TrustManager. Was this version of IcedTea-Web compiled with JDK 6 or 7?");
+            OutputController.getLogger().log(e);
+            throw e;
+        }
+    }
 …
+    }
+    /**
+     * Initializes the standard output and error streams, redirecting them or
+     * duplicating them as required.
+     */
+    private static void initializeStreams() {
+        Boolean enableLogging = Boolean.valueOf(config
+                .getProperty(DeploymentConfiguration.KEY_ENABLE_LOGGING));
+        if (redirectStreams || enableLogging) {
+            String logDir = config.getProperty(DeploymentConfiguration.KEY_USER_LOG_DIR);
+    public static boolean isOfflineForced() {
+        return offlineForced;
+    }
+    public static void setOnlineDetected(boolean online) {
+        onlineDetected = online;
+        OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Detected online set to: " + onlineDetected);
+    }
+    public static boolean isOnlineDetected() {
+        if (onlineDetected == null) {
+            //"file" protocol do not do online check
+            //sugest online for this case
+            return true;
+        }
+        return onlineDetected;
+    }
+    public static boolean isOnline() {
+        if (isOfflineForced()) {
+            return false;
+        }
+        return isOnlineDetected();
+    }
+    public static void detectOnline(URL location) {
+        if (onlineDetected != null) {
+            return;
+        }
+        try {
+            if (location.getProtocol().equals("file")) {
+                return;
+            }
+            //Checks the offline/online status of the system.
+            InetAddress.getByName(location.getHost());
+        } catch (UnknownHostException ue) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "The host of " + location.toExternalForm() + " file should be located seems down, or you are simply offline.");
+            JNLPRuntime.setOnlineDetected(false);
+            return;
+        }
+        setOnlineDetected(true);
+    }
+    /**
+     * see <a href="https://en.wikipedia.org/wiki/Double-checked_locking#Usage_in_Java">Double-checked locking in Java</a>
+     * for cases how not to do lazy initialization
+     * and <a href="https://en.wikipedia.org/wiki/Initialization_on_demand_holder_idiom">Initialization on demand holder idiom</a>
+     * for ITW approach
+     */
+    private static class DeploymentConfigurationHolder {
+        private static final DeploymentConfiguration INSTANCE = initConfiguration();
+        private static DeploymentConfiguration initConfiguration() {
+            DeploymentConfiguration config = new DeploymentConfiguration();
             try {
                 File errFile = new File(logDir, JNLPRuntime.STDERR_FILE);
                 FileUtils.createParentDir(errFile);
                 FileUtils.createRestrictedFile(errFile, true);
                 File outFile = new File(logDir, JNLPRuntime.STDOUT_FILE);
                 FileUtils.createParentDir(outFile);
                 FileUtils.createRestrictedFile(outFile, true);
                 if (redirectStreams) {
                     System.setErr(new PrintStream(new FileOutputStream(errFile)));
                     System.setOut(new PrintStream(new FileOutputStream(outFile)));
                 } else {
                     System.setErr(new TeeOutputStream(new FileOutputStream(errFile), System.err));
                     System.setOut(new TeeOutputStream(new FileOutputStream(outFile), System.out));
+                config.load();
+                config.copyTo(System.getProperties());
+            } catch (ConfigurationException ex) {
+                OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, Translator.R("RConfigurationError"));
+                //mark this exceptionas we can die on it later
+                config.setLoadingException(ex);
+                //to be sure - we MUST die - http://docs.oracle.com/javase/6/docs/technotes/guides/deployment/deployment-guide/properties.html
+            }catch(Exception t){
+                //all exceptions are causing InstantiatizationError so this do it much more readble
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, t);
+                OutputController.getLogger().log(OutputController.Level.WARNING_ALL, Translator.R("RFailingToDefault"));
+                if (!JNLPRuntime.isHeadless()){
+                    JOptionPane.showMessageDialog(null, getMessage("RFailingToDefault")+"\n"+t.toString());
+                }
+            } catch (Exception e) {
+                e.printStackTrace();
+            }
+                //try to survive this unlikely exception
+                config.resetToDefaults();
+            } finally {
+                OutputController.getLogger().startConsumer();
+            }
+            return config;
+        }
+    }
 …
     /**
      * Gets the Configuration associated with this runtime
+     *
      * @return a {@link DeploymentConfiguration} object that can be queried to
      * find relevant configuration settings
      */
     public static DeploymentConfiguration getConfiguration() {
         return config;
+        return DeploymentConfigurationHolder.INSTANCE;
+    }
 …
      * components.  In headless mode, client features that use the
      * AWT are disabled such that the client can be used in
      * headless mode (<code>java.awt.headless=true</code>).
+     * headless mode ({@code java.awt.headless=true}).
+     *
      * @throws IllegalStateException if the runtime was previously initialized
 …
         headless = enabled;
+    }
+    public static void setAllowRedirect(boolean enabled) {
+        checkInitialized();
+        allowRedirect = enabled;
+    }
+    public static boolean isAllowRedirect() {
+        return allowRedirect;
+    }
     /**
 …
      * applications, and can be used to use netx with other code
      * that uses its own security manager or policy.
+     *
+     * <p>
      * Disabling security is not recommended and should only be
+     * used if the JNLP files opened are trusted.  This method can
+     * only be called before initalizing the runtime.<p>
+     * used if the JNLP files opened are trusted. This method can
+     * only be called before initalizing the runtime.
+     * </p>
+     *
      * @param enabled whether security should be enabled
 …
      * @throws IllegalStateException if caller is not the exit class
      */
     public static void setExitClass(Class exitClass) {
+    public static void setExitClass(Class<?> exitClass) {
         checkExitClass();
         security.setExitClass(exitClass);
 …
      */
     public static boolean isDebug() {
+        return isSetDebug() ||  isPluginDebug() || LogConfig.getLogConfig().isEnableLogging();
+    }
+     public static boolean isSetDebug() {
         return debug;
+    }
 …
+    }
+    /**
+     * Sets whether the standard output/error streams should be redirected to
+     * the loggging files.
+     *
+     * @throws IllegalStateException if the runtime has already been initialized
+     */
+    public static void setRedirectStreams(boolean redirect) {
+        checkInitialized();
+        redirectStreams = redirect;
+    }
     /**
      * Sets the default update policy.
 …
     /**
      * Returns the localized resource string identified by the
      * specified key.  If the message is empty, a null is
+     * specified key. If the message is empty, a null is
      * returned.
      */
 …
     /**
+     * Returns the localized resource string using the specified
+     * arguments.
+     * Returns the localized resource string using the specified arguments.
+     *
      * @param args the formatting arguments to the resource string
 …
     /**
      * Returns true if the current runtime will fork
+     * Returns {@code true} if the current runtime will fork
      */
     public static boolean getForksAllowed() {
 …
     /**
+     * Throws an exception if called when the runtime is
+     * already initialized.
+     * Throws an exception if called when the runtime is already initialized.
      */
     private static void checkInitialized() {
 …
     /**
+     * Throws an exception if called with security enabled but
+     * a caller is not the exit class and the runtime has been
+     * initialized.
+     * Throws an exception if called with security enabled but a caller is not
+     * the exit class and the runtime has been initialized.
      */
     private static void checkExitClass() {
 …
     /**
      * @return true if running on Windows
+     * @return {@code true} if running on Windows
      */
     public static boolean isWindows() {
 …
     /**
      * @return true if running on a Unix or Unix-like system (including Linux
      * and *BSD)
+     * @return {@code true} if running on a Unix or Unix-like system (including
+     * Linux and *BSD)
      */
     public static boolean isUnix() {
 …
     /**
+     * Indicate that netx is running by creating the {@link JNLPRuntime#INSTANCE_FILE} and
+     * Indicate that netx is running by creating the
+     * {@link DeploymentConfiguration#KEY_USER_NETX_RUNNING_FILE} and
      * acquiring a shared lock on it
      */
 …
             if (fileLock != null && fileLock.isShared()) {
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("Acquired shared lock on " +
+                OutputController.getLogger().log("Acquired shared lock on " +
                             netxRunningFile.toString() + " to indicate javaws is running");
+                }
+            }
         } catch (IOException e) {
             e.printStackTrace();
+        }
         Runtime.getRuntime().addShutdownHook(new Thread() {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+        Runtime.getRuntime().addShutdownHook(new Thread("JNLPRuntimeShutdownHookThread") {
             public void run() {
                 markNetxStopped();
 …
     /**
      * Indicate that netx is stopped by releasing the shared lock on
      * {@link JNLPRuntime#INSTANCE_FILE}.
+     * {@link DeploymentConfiguration#KEY_USER_NETX_RUNNING_FILE}.
      */
     private static void markNetxStopped() {
 …
             fileLock.channel().close();
             fileLock = null;
+            if (JNLPRuntime.isDebug()) {
+                String file = JNLPRuntime.getConfiguration()
+                        .getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE);
+                System.out.println("Release shared lock on " + file);
+            }
+            OutputController.getLogger().log("Release shared lock on " + JNLPRuntime.getConfiguration()
+                        .getProperty(DeploymentConfiguration.KEY_USER_NETX_RUNNING_FILE));
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(e);
+        }
+    }
 …
+    }
+    static void setTrustNone(final boolean b) {
+        trustNone = b;
+    }
+    public static boolean isTrustNone() {
+        return trustNone;
+    }
+    public static boolean isIgnoreHeaders() {
+        return ignoreHeaders;
+    }
+    public static void setIgnoreHeaders(boolean ignoreHeaders) {
+        JNLPRuntime.ignoreHeaders = ignoreHeaders;
+    }
+    private static boolean isPluginDebug() {
+        if (pluginDebug == null) {
+            try {
+                //there are cases when this itself is not allowed by security manager, and so
+                //throws exception. Under some conditions it can couse deadlock
+                pluginDebug = System.getenv().containsKey("ICEDTEAPLUGIN_DEBUG");
+            } catch (Exception ex) {
+                pluginDebug = false;
+                OutputController.getLogger().log(ex);
+            }
+        }
+        return pluginDebug;
+    }
+    public static void exit(int i) {
+        OutputController.getLogger().close();
+        System.exit(i);
+    }
+    public static void saveHistory(String documentBase) {
+        JNLPRuntime.history += " " + documentBase + " ";
+    }
+    /**
+     * Used by java-abrt-connector via reflection
+     * @return history
+     */
+    private static String getHistory() {
+        return history;
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java

-              r418
+              r429
 import static net.sourceforge.jnlp.runtime.Translator.R;
-import java.awt.Frame;
 import java.awt.Window;
-import java.lang.ref.WeakReference;
 import java.net.SocketPermission;
-import java.security.AllPermission;
 import java.security.AccessControlException;
 import java.security.Permission;
-import java.security.SecurityPermission;
 import javax.swing.JWindow;
-import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
 import net.sourceforge.jnlp.services.ServiceUtil;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import net.sourceforge.jnlp.util.WeakList;
 import sun.awt.AWTSecurityManager;
 import sun.awt.AppContext;
-import sun.security.util.SecurityConstants;
 /**
  * Security manager for JNLP environment.  This security manager
+ * Security manager for JNLP environment. This security manager
  * cannot be replaced as it always denies attempts to replace the
  * security manager or policy.<p>
+ *
+ * security manager or policy.
+ * <p>
  * The JNLP security manager tracks windows created by an
  * application, allowing those windows to be disposed when the
  * application exits but the JVM does not.  If security is not
+ * application exits but the JVM does not. If security is not
  * enabled then the first application to call System.exit will
+ * halt the JVM.<p>
+ * halt the JVM.
+ * </p>
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
         // called for it (and not disposed).
         if (!JNLPRuntime.isHeadless())
+        if (!JNLPRuntime.isHeadless()) {
             new JWindow().getOwner();
+        }
         mainAppContext = AppContext.getAppContext();
 …
      */
     private boolean isExitClass(Class stack[]) {
         if (exitClass == null)
+        if (exitClass == null) {
             return true;
+        for (int i = 0; i < stack.length; i++)
+            if (stack[i] == exitClass)
+        }
+        for (int i = 0; i < stack.length; i++) {
+            if (stack[i] == exitClass) {
                 return true;
+            }
+        }
         return false;
 …
      * @throws IllegalStateException if the exit class is already set
      */
     public void setExitClass(Class exitClass) throws IllegalStateException {
         if (this.exitClass != null)
+    public void setExitClass(Class<?> exitClass) throws IllegalStateException {
+        if (this.exitClass != null) {
             throw new IllegalStateException(R("RExitTaken"));
+        }
         this.exitClass = exitClass;
 …
+            }
             if (w == window)
+            if (w == window) {
                 return weakApplications.get(i);
+            }
+        }
 …
+        }
         if (maxDepth <= 0)
+        if (maxDepth <= 0) {
             maxDepth = stack.length;
+        }
         // this needs to be tightened up
 …
         // Since we want to deal with JNLPClassLoader, extract it if this
         // is a codebase loader
         if (cl instanceof JNLPClassLoader.CodeBaseClassLoader)
+        if (cl instanceof JNLPClassLoader.CodeBaseClassLoader) {
             cl = ((JNLPClassLoader.CodeBaseClassLoader) cl).getParentJNLPClassLoader();
+        }
         if (cl instanceof JNLPClassLoader) {
 …
      * be determined; otherwise returns super.getThreadGroup()
      */
+    @Override
     public ThreadGroup getThreadGroup() {
         ApplicationInstance app = getApplication();
         if (app == null)
+        if (app == null) {
             return super.getThreadGroup();
+        }
         return app.getThreadGroup();
 …
      * permission to change the security manager or policy.
      */
+    @Override
     public void checkPermission(Permission perm) {
         String name = perm.getName();
 …
         // otherwise.
         //      if (true)
         //        System.out.println("Checking permission: " + perm.toString());
+        //        OutputController.getLogger().log("Checking permission: " + perm.toString());
         if (!JNLPRuntime.isWebstartApplication() &&
                 ("setPolicy".equals(name) || "setSecurityManager".equals(name)))
+                ("setPolicy".equals(name) || "setSecurityManager".equals(name))) {
             throw new SecurityException(R("RCantReplaceSM"));
+        }
         try {
 …
             super.checkPermission(perm);
         } catch (SecurityException ex) {
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("Denying permission: " + perm);
+            }
+            OutputController.getLogger().log("Denying permission: " + perm);
             throw ex;
+        }
 …
             cl.addPermission(perm);
             if (JNLPRuntime.isDebug()) {
+                if (cl.getPermissions(null).implies(perm))
+                    System.err.println("Added permission: " + perm.toString());
+                else
+                    System.err.println("Unable to add permission: " + perm.toString());
+                if (cl.getSecurity() == null) {
+                    if (cl.getPermissions(null).implies(perm)){
+                        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Added permission: " + perm.toString());
+                    } else {
+                        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Unable to add permission: " + perm.toString());
+                    }
+                } else {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Cannot get permissions for null codesource when classloader security is not null");
+                }
+            }
         } else {
+            if (JNLPRuntime.isDebug())
+                System.err.println("Unable to add permission: " + perm + ", classloader not JNLP.");
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Unable to add permission: " + perm + ", classloader not JNLP.");
+        }
+    }
 …
      * be disposed when the calling application exits.
      */
+    @Override
     public boolean checkTopLevelWindow(Object window) {
         ApplicationInstance app = getApplication();
 …
             Window w = (Window) window;
+            if (JNLPRuntime.isDebug())
+                System.err.println("SM: app: " + app.getTitle() + " is adding a window: " + window + " with appContext " + AppContext.getAppContext());
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "SM: app: " + app.getTitle() + " is adding a window: " + window + " with appContext " + AppContext.getAppContext());
             weakWindows.add(w); // for mapping window -> app
 …
     /**
      * Checks whether the caller can exit the system.  This method
+     * Checks whether the caller can exit the system. This method
      * identifies whether the caller is a real call to Runtime.exec
      * and has special behavior when returning from this method
 …
      * stopped and its resources destroyed (when possible), and an
      * exception will be thrown to prevent the JVM from shutting
      * down.<p>
+     *
+     * down.
+     * <p>
      * Calls not from Runtime.exit or with no exit class set will
      * behave normally, and the exit class can always exit the JVM.
+     */
+     * </p>
+     */
+    @Override
     public void checkExit(int status) {
 …
         Class stack[] = getClassContext();
         if (!exitAllowed) {
             for (int i = 0; i < stack.length; i++)
                 if (stack[i].getClassLoader() != null)
+            for (int i = 0; i < stack.length; i++) {
+                if (stack[i].getClassLoader() != null) {
                     throw new AccessControlException("Applets may not call System.exit()");
+                }
+            }
+        }
 …
         boolean realCall = (stack[1] == Runtime.class);
+        if (isExitClass(stack)) // either exitClass called or no exitClass set
+            return; // to Runtime.exit or fake call to see if app has permission
+        if (isExitClass(stack)) {
+            return;
+        } // to Runtime.exit or fake call to see if app has permission
         // not called from Runtime.exit()
 …
      * AWTSecurityManager and if so, call this method to give it a chance to
      * return the appropriate appContext based on the application that is
      * running.<p>
+     *
+     * running.
+     * <p>
      * This can be called from any thread (possibly a swing thread) to find out
      * the AppContext for the thread (which may correspond to a particular
      * applet).
+     * </p>
      */
     @Override
 …
      *             permission to accesss the AWT event queue.
      */
+    @Override
     public void checkAwtEventQueueAccess() {
         /*

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/PacEvaluatorFactory.java

-              r348
+              r429
 import java.net.URL;
 import java.util.Properties;
+import net.sourceforge.jnlp.util.logging.OutputController;
 …
             properties.load(in);
         } catch (IOException e) {
+            if (JNLPRuntime.isDebug()) {
+                e.printStackTrace();
+            }
+            OutputController.getLogger().log(e);
         } finally {
             try {
                 in.close();
             } catch (IOException e) {
+                if (JNLPRuntime.isDebug()) {
+                    e.printStackTrace();
+                }
+                OutputController.getLogger().log(e);
+            }
+        }
 …
                 // ignore
             } catch (InstantiationException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             } catch (IllegalAccessException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             } catch (NoSuchMethodException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             } catch (IllegalArgumentException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             } catch (InvocationTargetException e) {
                 if (e.getCause() != null) {
                     e.getCause().printStackTrace();
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e.getCause());
+                }
+            }

trunk/icedtea-web/netx/net/sourceforge/jnlp/runtime/RhinoBasedPacEvaluator.java

-              r348
+              r429
 import java.security.PrivilegedAction;
 import java.security.ProtectionDomain;
+import java.util.PropertyPermission;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import net.sourceforge.jnlp.util.TimedHashMap;
 …
  * proxy file to find the proxy for a given url.
+ *
  * @see http://en.wikipedia.org/wiki/Proxy_auto-config#The_PAC_file
+ * @see <a href="http://en.wikipedia.org/wiki/Proxy_auto-config#The_PAC_file">The PAC File</a>
  */
 public class RhinoBasedPacEvaluator implements PacEvaluator {
 …
      */
     public RhinoBasedPacEvaluator(URL pacUrl) {
+        if (JNLPRuntime.isDebug()) {
+            System.err.println("Using the Rhino based PAC evaluator for url " + pacUrl);
+        }
+        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Using the Rhino based PAC evaluator for url " + pacUrl);
         pacHelperFunctionContents = getHelperFunctionContents();
         this.pacUrl = pacUrl;
 …
     private String getProxiesWithoutCaching(URL url) {
         if (pacHelperFunctionContents == null) {
             System.err.println("Error loading pac functions");
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Error loading pac functions");
             return "DIRECT";
+        }
 …
         EvaluatePacAction evaluatePacAction = new EvaluatePacAction(pacContents, pacUrl.toString(),
                 pacHelperFunctionContents, url);
+        // Purposefully giving only these permissions rather than using java.policy. The "evaluatePacAction"
+        // isn't supposed to do very much and so doesn't require all the default permissions given by
+        // java.policy
         Permissions p = new Permissions();
         p.add(new RuntimePermission("accessClassInPackage.org.mozilla.javascript"));
         p.add(new SocketPermission("*", "resolve"));
+        p.add(new PropertyPermission("java.vm.name", "read"));
         ProtectionDomain pd = new ProtectionDomain(null, p);
         AccessControlContext context = new AccessControlContext(new ProtectionDomain[] { pd });
 …
             try {
                 while ((line = pacReader.readLine()) != null) {
                     // System.out.println(line);
+                    // OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, line);
                     contents = contents.append(line).append("\n");
+                }
 …
                 contents = new StringBuilder();
                 while ((line = pacFuncsReader.readLine()) != null) {
                     // System.out.println(line);
+                    // OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL,line);
                     contents = contents.append(line).append("\n");
+                }
 …
+            }
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             contents = null;
+        }
 …
                 Object functionObj = scope.get("FindProxyForURL", scope);
                 if (!(functionObj instanceof Function)) {
                     System.err.println("FindProxyForURL not found");
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "FindProxyForURL not found");
                     return null;
                 } else {
 …
+                }
             } catch (Exception e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
                 return "DIRECT";
             } finally {

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/CertVerifier.java

-              r348
+              r429
 /* CertVerifier.java
    Copyright (C) 2009 Red Hat, Inc.
+   Copyright (C) 2012 Red Hat, Inc.
 This file is part of IcedTea.
 …
 import java.security.cert.CertPath;
 import java.security.cert.Certificate;
 import java.util.ArrayList;
+import java.util.List;
 /**
  * An interface that provides various details about a certificate
+ * An interface that provides various details about certificates of an app.
  */
 …
     /**
      * Return if there are signing issues with the certificate(s) being veried
+     * Return if there are signing issues with the certificate being verified
      */
     public boolean hasSigningIssues();
+    public boolean hasSigningIssues(CertPath certPath);
     /**
      * Return if there are no signing issues with this cert (!hasSigningIssues())
+     * Get the details regarding issue with this certificate
      */
     public boolean noSigningIssues();
+    public List<String> getDetails(CertPath certPath);
     /**
+     * Get the details regarding issue(s) with this certificate
+     */
+    public ArrayList<String> getDetails();
+    /**
+     * Return a valid certificate path to this certificate(s) being verified
+     * Return a valid certificate path to this certificate being verified
      * @return The CertPath
      */
     public CertPath getCertPath();
+    public CertPath getCertPath(CertPath certPath);
     /**
      * Returns the application's publisher's certificate.
      */
     public abstract Certificate getPublisher();
+    public abstract Certificate getPublisher(CertPath certPath);
     /**
      * Returns the application's root's certificate. This
      * may return the same certificate as getPublisher() in
+     * may return the same certificate as getPublisher(CertPath certPath) in
      * the event that the application is self signed.
      */
+    public abstract Certificate getRoot();
+    public abstract Certificate getRoot(CertPath certPath);
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/CertificateUtils.java

-              r418
+              r429
 import java.io.PrintStream;
 import java.math.BigInteger;
-import java.security.InvalidKeyException;
 import java.security.Key;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SignatureException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 …
 import java.util.Random;
-import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.runtime.Translator;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import net.sourceforge.jnlp.util.replacements.BASE64Encoder;
 import sun.security.provider.X509Factory;
 …
     public static final void addToKeyStore(File file, KeyStore ks) throws CertificateException,
             IOException, KeyStoreException {
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Importing certificate from " + file + " into " + ks);
+        }
+        OutputController.getLogger().log("Importing certificate from " + file + " into " + ks);
         BufferedInputStream bis = new BufferedInputStream(new FileInputStream(file));
 …
     public static final void addToKeyStore(X509Certificate cert, KeyStore ks)
             throws KeyStoreException {
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Importing " + cert.getSubjectX500Principal().getName());
+        }
+        OutputController.getLogger().log("Importing " + cert.getSubjectX500Principal().getName());
         String alias = null;
 …
                     if (c.equals(keyStores[i].getCertificate(alias))) {
+                        if (JNLPRuntime.isDebug()) {
+                            System.out.println(Translator.R("LCertFoundIn", c.getSubjectX500Principal().getName(), KeyStores.getPathToKeystore(keyStores[i].hashCode())));
+                        }
+                    OutputController.getLogger().log(Translator.R("LCertFoundIn", c.getSubjectX500Principal().getName(), KeyStores.getPathToKeystore(keyStores[i].hashCode())));
                         return true;
                     } // else continue
 …
             } catch (KeyStoreException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
                 // continue
+            }

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/HttpsCertVerifier.java

-              r348
+              r429
 import java.util.Collection;
 import java.util.List;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import sun.security.util.DerValue;
 …
 public class HttpsCertVerifier implements CertVerifier {
-    private VariableX509TrustManager tm;
     private X509Certificate[] chain;
     private String authType;
 …
     private ArrayList<String> details = new ArrayList<String>();
+    public HttpsCertVerifier(VariableX509TrustManager tm,
+                             X509Certificate[] chain, String authType,
+    public HttpsCertVerifier(X509Certificate[] chain, String authType,
                              boolean isTrusted, boolean hostMatched,
                              String hostName) {
-        this.tm = tm;
         this.chain = chain;
         this.authType = authType;
 …
+    }
+    @Override
     public boolean getAlreadyTrustPublisher() {
         return isTrusted;
+    }
+    public CertPath getCertPath() {
+    /* XXX: Most of these methods have a CertPath param that should be passed
+     * from the UI dialogs. However, this is not implemented yet so most of
+     * the params are ignored.
+     */
+    @Override
+    public CertPath getCertPath(CertPath certPath) { // Parameter ignored.
         ArrayList<X509Certificate> list = new ArrayList<X509Certificate>();
 …
             certPaths.add(CertificateFactory.getInstance("X.509").generateCertPath(list));
         } catch (CertificateException ce) {
             ce.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ce);
             // carry on
 …
+    }
+    public ArrayList<String> getDetails() {
+    @Override
+    public List<String> getDetails(CertPath certPath) { // Parameter ignored.
         boolean hasExpiredCert = false;
 …
         } catch (CertificateParsingException cpe) {
             cpe.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, cpe);
         } catch (IOException ioe) {
             ioe.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ioe);
+        }
 …
+    }
+    public Certificate getPublisher() {
+    @Override
+    public Certificate getPublisher(CertPath certPath) { // Paramater ignored.
         if (chain.length > 0)
             return (Certificate) chain[0];
 …
+    }
+    public Certificate getRoot() {
+    @Override
+    public Certificate getRoot(CertPath certPath) { // Parameter ignored.
         if (chain.length > 0)
             return (Certificate) chain[chain.length - 1];
 …
         try {
             KeyStore[] caCertsKeyStores = KeyStores.getCAKeyStores();
             return CertificateUtils.inKeyStores((X509Certificate) getRoot(), caCertsKeyStores);
+            return CertificateUtils.inKeyStores((X509Certificate) getRoot(null), caCertsKeyStores);
         } catch (Exception e) {
+        }
 …
+    }
+    public boolean hasSigningIssues() {
+    @Override
+    public boolean hasSigningIssues(CertPath certPath) {
         return false;
+    }
-    public boolean noSigningIssues() {
-        return false;
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/KeyStores.java

-              r418
+              r429
 import net.sourceforge.jnlp.runtime.Translator;
 import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
  * The <code>KeyStores</code> class allows easily accessing the various KeyStores
+ * The {@code KeyStores} class allows easily accessing the various KeyStores
  * used.
  */
 …
     private static final String DEFAULT_PASSWORD = "changeit";
     public static final char[] getPassword() {
+    public static char[] getPassword() {
         return DEFAULT_PASSWORD.toCharArray();
+    }
 …
             keystoresPaths.put(ks.hashCode(),location);
         } catch (Exception e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
         return ks;

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/SecurityDialog.java

-              r418
+              r429
 package net.sourceforge.jnlp.security;
+import java.awt.BorderLayout;
+import java.awt.event.ActionListener;
+import java.awt.event.WindowAdapter;
+import java.awt.event.WindowEvent;
+import java.security.cert.X509Certificate;
+import java.util.List;
+import java.util.concurrent.CopyOnWriteArrayList;
+import javax.swing.JDialog;
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
 import net.sourceforge.jnlp.security.SecurityDialogs.DialogType;
+import net.sourceforge.jnlp.security.dialogs.AccessWarningPane;
+import net.sourceforge.jnlp.security.dialogs.AppletWarningPane;
+import net.sourceforge.jnlp.security.dialogs.CertWarningPane;
+import net.sourceforge.jnlp.security.dialogs.CertsInfoPane;
+import net.sourceforge.jnlp.security.dialogs.MatchingALACAttributePanel;
+import net.sourceforge.jnlp.security.dialogs.MissingALACAttributePanel;
+import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel;
+import net.sourceforge.jnlp.security.dialogs.MoreInfoPane;
+import net.sourceforge.jnlp.security.dialogs.PasswordAuthenticationPane;
+import net.sourceforge.jnlp.security.dialogs.SecurityDialogPanel;
+import net.sourceforge.jnlp.security.dialogs.SingleCertInfoPane;
+import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningDialog;
 import net.sourceforge.jnlp.util.ImageResources;
+import java.awt.*;
+import javax.swing.*;
+import java.awt.event.*;
+import java.security.cert.X509Certificate;
+import java.util.concurrent.CopyOnWriteArrayList;
+import java.util.List;
+import net.sourceforge.jnlp.util.ScreenFinder;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
     private void initDialog() {
-        setSystemLookAndFeel();
         String dialogTitle = "";
         if (dialogType == DialogType.CERT_WARNING) {
 …
         else if (dialogType == DialogType.APPLET_WARNING)
             dialogTitle = "Applet Warning";
         else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
+        else if (dialogType == DialogType.PARTIALLYSIGNED_WARNING)
             dialogTitle = "Security Warning";
         else if (dialogType == DialogType.AUTHENTICATION)
 …
         pack();
+        centerDialog(this);
         WindowAdapter adapter = new WindowAdapter() {
 …
                     SecurityDialog dialog = (SecurityDialog) e.getSource();
                     dialog.setResizable(true);
-                    centerDialog(dialog);
                     dialog.setValue(null);
+                }
 …
         addWindowListener(adapter);
         addWindowFocusListener(adapter);
+    }
 …
         if (dialogType == DialogType.CERT_WARNING)
             panel = new CertWarningPane(this, this.certVerifier);
+            panel = new CertWarningPane(this, this.certVerifier, (SecurityDelegate) extras[0]);
         else if (dialogType == DialogType.MORE_INFO)
             panel = new MoreInfoPane(this, this.certVerifier);
 …
         else if (dialogType == DialogType.APPLET_WARNING)
             panel = new AppletWarningPane(this, this.certVerifier);
+        else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
+            panel = new NotAllSignedWarningPane(this);
+        else if (dialogType == DialogType.PARTIALLYSIGNED_WARNING)
+            panel = AppTrustWarningDialog.partiallySigned(this, file, (SecurityDelegate) extras[0]);
+        else if (dialogType == DialogType.UNSIGNED_WARNING) // Only necessary for applets on 'high security' or above
+            panel = AppTrustWarningDialog.unsigned(this, file);
         else if (dialogType == DialogType.AUTHENTICATION)
             panel = new PasswordAuthenticationPane(this, extras);
+        else if (dialogType == DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING)
+            panel = new MissingPermissionsAttributePanel(this, (String) extras[0], (String) extras[1]);
+        else if (dialogType == DialogType.MISSING_ALACA)
+            panel = new MissingALACAttributePanel(this, (String) extras[0], (String) extras[1], (String) extras[2]);
+        else if (dialogType == DialogType.MATCHING_ALACA)
+            panel = new MatchingALACAttributePanel(this, (String) extras[0], (String) extras[1], (String) extras[2]);
         add(panel, BorderLayout.CENTER);
 …
     private static void centerDialog(JDialog dialog) {
+        Dimension screen = Toolkit.getDefaultToolkit().getScreenSize();
+        Dimension dialogSize = dialog.getSize();
+        dialog.setLocation((screen.width - dialogSize.width) / 2,
+                        (screen.height - dialogSize.height) / 2);
+        ScreenFinder.centerWindowsToCurrentScreen(dialog);
+    }
     private void selectDefaultButton() {
         if (panel == null) {
             System.out.println("initial value panel is null");
+            OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "initial value panel is null");
+        }
         panel.requestFocusOnDefaultButton();
+    }
+    protected void setValue(Object value) {
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Setting value:" + value);
+        }
+    public void setValue(Object value) {
+        OutputController.getLogger().log("Setting value:" + value);
         this.value = value;
+    }
     public Object getValue() {
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Returning value:" + value);
+        }
+        OutputController.getLogger().log("Returning value:" + value);
         return value;
+    }
 …
+    }
-    /**
-     * Updates the look and feel of the window to be the system look and feel
-     */
-    protected void setSystemLookAndFeel() {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            //don't worry if we can't.
+        }
+    }
     private final List<ActionListener> listeners = new CopyOnWriteArrayList<ActionListener>();

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java

-              r348
+              r429
+/* SecurityDialogMessage.java
+   Copyright (C) 2011 Red Hat, Inc.
+This file is part of IcedTea.
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+-1301 USA.
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
 package net.sourceforge.jnlp.security;

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java

-              r348
+              r429
 import sun.awt.AppContext;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
  * their Look and Feel is not affected by the Look and Feel of the
  * applet/application.
+ * </p>
  * <p>
  * This class contains allows a client application to post a
 …
  * the queue, it shows a security warning to the user, and sets
  * {@link SecurityDialogMessage#userResponse} to the appropriate value.
+ * </p>
  */
 public final class SecurityDialogMessageHandler implements Runnable {
 …
     @Override
     public void run() {
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("Starting security dialog thread");
+        }
+        OutputController.getLogger().log("Starting security dialog thread");
         while (true) {
             try {
 …
      * {@link SecurityDialogMessage#toDispose} (if not null) is disposed and
      * {@link SecurityDialogMessage#lock} (in not null) is released.
+     * </p>
+     *
      * @param message the message indicating what type of security dialog to
 …
      * {@link SecurityDialogMessage#toDispose} (if not null) is disposed and
      * {@link SecurityDialogMessage#lock} (in not null) is released.
+     * </p>
+     *
      * @param message indicates the type of security dialog to show
 …
             queue.put(message);
         } catch (InterruptedException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/SecurityDialogs.java

-              r418
+              r429
 import java.awt.event.WindowEvent;
 import java.net.NetPermission;
+import java.net.URL;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
+import java.util.Set;
 import java.util.concurrent.Semaphore;
 …
 import net.sourceforge.jnlp.JNLPFile;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.security.appletextendedsecurity.ExecuteAppletAction;
+import net.sourceforge.jnlp.security.dialogs.apptrustwarningpanel.AppTrustWarningPanel.AppSigningWarningAction;
+import net.sourceforge.jnlp.util.UrlUtils;
 /**
+ * A factory for showing many possible types of security warning to the user.<p>
+ *
+ * <p>
+ * A factory for showing many possible types of security warning to the user.
+ * </p>
+ * <p>
  * This contains all the public methods that classes outside this package should
  * use instead of using {@link SecurityDialog} directly.
+ *
+ * </p>
+ * <p>
  * All of these methods post a message to the
  * {@link SecurityDialogMessageHandler} and block waiting for a response.
+ * </p>
  */
 public class SecurityDialogs {
 …
         SINGLE_CERT_INFO,
         ACCESS_WARNING,
+        NOTALLSIGNED_WARNING,
+        PARTIALLYSIGNED_WARNING,
+        UNSIGNED_WARNING,   /* requires confirmation with 'high-security' setting */
         APPLET_WARNING,
         AUTHENTICATION,
+        UNSIGNED_EAS_NO_PERMISSIONS_WARNING,   /* when Extended applet security is at High Security and no permission attribute is find, */
+        MISSING_ALACA, /*alaca - Application-Library-Allowable-Codebase Attribute*/
+        MATCHING_ALACA
+    }
 …
         VERIFIED,
         UNVERIFIED,
+        NOTALLSIGNED,
+        PARTIALLYSIGNED,
+        UNSIGNED,           /* requires confirmation with 'high-security' setting */
         SIGNING_ERROR
+    }
+    public static enum AppletAction {
+        RUN,
+        SANDBOX,
+        CANCEL;
+        public static AppletAction fromInteger(int i) {
+            switch (i) {
+                case 0:
+                    return RUN;
+                case 1:
+                    return SANDBOX;
+                case 2:
+                    return CANCEL;
+                default:
+                    return CANCEL;
+            }
+        }
+    }
 …
         Object selectedValue = getUserResponse(message);
+        if (selectedValue == null) {
+            return false;
+        } else if (selectedValue instanceof Integer) {
+            if (((Integer) selectedValue).intValue() == 0)
+                return true;
+            else
+                return false;
+        } else {
+            return false;
+        }
+    }
+    /**
+     * Shows a warning dialog for when the main application jars are signed,
+     * but extensions aren't
+        return getIntegerResponseAsBoolean(selectedValue);
+    }
+    /**
+     * Shows a warning dialog for when a plugin applet is unsigned.
+     * This is used with 'high-security' setting.
+     *
      * @return true if permission was granted by the user, false otherwise.
      */
     public static boolean showNotAllSignedWarningDialog(JNLPFile file) {
         if (!shouldPromptUser()) {
             return false;
+    public static AppSigningWarningAction showUnsignedWarningDialog(JNLPFile file) {
+        if (!shouldPromptUser()) {
+            return new AppSigningWarningAction(ExecuteAppletAction.NO, false);
+        }
         final SecurityDialogMessage message = new SecurityDialogMessage();
         message.dialogType = DialogType.NOTALLSIGNED_WARNING;
         message.accessType = AccessType.NOTALLSIGNED;
+        message.dialogType = DialogType.UNSIGNED_WARNING;
+        message.accessType = AccessType.UNSIGNED;
         message.file = file;
+        message.extras = new Object[0];
+        Object selectedValue = getUserResponse(message);
+        if (selectedValue == null) {
+            return false;
+        } else if (selectedValue instanceof Integer) {
+            if (((Integer) selectedValue).intValue() == 0) {
+                return true;
+            } else {
+                return false;
+            }
+        } else {
+            return false;
+        }
+        return (AppSigningWarningAction) getUserResponse(message);
+    }
     /**
      * Shows a security warning dialog according to the specified type of
      * access. If <code>type</code> is one of AccessType.VERIFIED or
      * AccessType.UNVERIFIED, extra details will be available with regards
      * to code signing and signing certificates.
+     * access. If {@code accessType} is one of {@link AccessType#VERIFIED} or
+     * {@link AccessType#UNVERIFIED}, extra details will be available with
+     * regards to code signing and signing certificates.
+     *
      * @param accessType the type of warning dialog to show
 …
      * @param certVerifier the JarCertVerifier used to verify this application
+     *
+     * @return true if the user accepted the certificate
+     */
+    public static boolean showCertWarningDialog(AccessType accessType,
+            JNLPFile file, CertVerifier certVerifier) {
+        if (!shouldPromptUser()) {
+            return false;
+     * @return RUN if the user accepted the certificate, SANDBOX if the user
+     * wants the applet to run with only sandbox permissions, or CANCEL if the
+     * user did not accept running the applet
+     */
+    public static AppletAction showCertWarningDialog(AccessType accessType,
+            JNLPFile file, CertVerifier certVerifier, SecurityDelegate securityDelegate) {
+        if (!shouldPromptUser()) {
+            return AppletAction.CANCEL;
+        }
 …
         message.file = file;
         message.certVerifier = certVerifier;
+        message.extras = new Object[] { securityDelegate };
         Object selectedValue = getUserResponse(message);
+        if (selectedValue == null) {
+            return false;
+        } else if (selectedValue instanceof Integer) {
+            if (((Integer) selectedValue).intValue() == 0)
+                return true;
+            else
+                return false;
+        } else {
+            return false;
+        }
+        return getIntegerResponseAsAppletAction(selectedValue);
+    }
+    /**
+     * Shows a warning dialog for when an applet or application is partially signed.
+     *
+     * @return true if permission was granted by the user, false otherwise.
+     */
+    public static AppSigningWarningAction showPartiallySignedWarningDialog(JNLPFile file, CertVerifier certVerifier,
+            SecurityDelegate securityDelegate) {
+        if (!shouldPromptUser()) {
+            return new AppSigningWarningAction(ExecuteAppletAction.NO, false);
+        }
+        final SecurityDialogMessage message = new SecurityDialogMessage();
+        message.dialogType = DialogType.PARTIALLYSIGNED_WARNING;
+        message.accessType = AccessType.PARTIALLYSIGNED;
+        message.file = file;
+        message.certVerifier = certVerifier;
+        message.extras = new Object[] { securityDelegate };
+        return (AppSigningWarningAction) getUserResponse(message);
+    }
 …
         Object response = getUserResponse(message);
+        if (response == null) {
+            return null;
+        } else {
+            return (Object[]) response;
+        }
+    }
+        return (Object[]) response;
+    }
+     public static boolean  showMissingALACAttributePanel(String title, URL codeBase, Set<URL> remoteUrls) {
+        if (!shouldPromptUser()) {
+            return false;
+        }
+        SecurityDialogMessage message = new SecurityDialogMessage();
+        message.dialogType = DialogType.MISSING_ALACA;
+        message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
+        Object selectedValue = getUserResponse(message);
+        return getIntegerResponseAsBoolean(selectedValue);
+    }
+     public static boolean showMatchingALACAttributePanel(String title, URL codeBase, Set<URL> remoteUrls) {
+        if (!shouldPromptUser()) {
+            return false;
+        }
+        SecurityDialogMessage message = new SecurityDialogMessage();
+        message.dialogType = DialogType.MATCHING_ALACA;
+        message.extras = new Object[]{title, codeBase.toString(), UrlUtils.setOfUrlsToHtmlList(remoteUrls)};
+        Object selectedValue = getUserResponse(message);
+        return getIntegerResponseAsBoolean(selectedValue);
+    }
     /**
      * FIXME This is unused. Remove it?
      * @return (0, 1, 2) => (Yes, No, Cancel)
+     * @return (0, 1, 2) =&gt; (Yes, No, Cancel)
      */
     public static int showAppletWarning() {
 …
         // result 0 = Yes, 1 = No, 2 = Cancel
+        if (selectedValue == null) {
+            return 2;
+        } else if (selectedValue instanceof Integer) {
+        if (selectedValue instanceof Integer) {
+            // If the selected value can be cast to Integer, use that value
             return ((Integer) selectedValue).intValue();
         } else {
+            // Otherwise default to "cancel"
             return 2;
+        }
+    }
+     public static boolean showMissingPermissionsAttributeDialogue(String title, URL codeBase) {
+         if (!shouldPromptUser()) {
+             return false;
+         }
+         SecurityDialogMessage message = new SecurityDialogMessage();
+         message.dialogType = DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING;
+         message.extras = new Object[]{title, codeBase.toExternalForm()};
+         Object selectedValue = getUserResponse(message);
+         return SecurityDialogs.getIntegerResponseAsBoolean(selectedValue);
+    }
     /**
      * Posts the message to the SecurityThread and gets the response. Blocks
 …
     /**
+     * Returns true iff the given Object reference can be cast to Integer and that Integer's
+     * intValue is 0.
+     * @param ref the Integer (hopefully) reference
+     * @return whether the given reference is both an Integer type and has intValue of 0
+     */
+    public static boolean getIntegerResponseAsBoolean(Object ref) {
+        boolean isInteger = ref instanceof Integer;
+        if (isInteger) {
+            Integer i = (Integer) ref;
+            return i.intValue() == 0;
+        }
+        return false;
+    }
+    public static AppletAction getIntegerResponseAsAppletAction(Object ref) {
+        if (ref instanceof Integer) {
+            return AppletAction.fromInteger((Integer) ref);
+        }
+        return AppletAction.CANCEL;
+    }
+    /**
      * Returns whether the current runtime configuration allows prompting user
      * for security warnings.
 …
         });
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/SecurityUtil.java

-              r348
+              r429
 import net.sourceforge.jnlp.security.KeyStores.Level;
 import net.sourceforge.jnlp.security.KeyStores.Type;
+import net.sourceforge.jnlp.util.logging.OutputController;
 public class SecurityUtil {
 …
+                }
             } catch (Exception e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
                 throw e;
             } finally {

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java

-              r418
+              r429
 package net.sourceforge.jnlp.security;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.net.Socket;
 import java.security.AccessController;
 import java.security.KeyStore;
 …
 import java.util.List;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLSocket;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.X509TrustManager;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
+import net.sourceforge.jnlp.security.SecurityDialogs.AppletAction;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import sun.security.util.HostnameChecker;
 import sun.security.validator.ValidatorException;
-import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager;
-import net.sourceforge.jnlp.runtime.JNLPRuntime;
-import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
 /**
 …
  */
 final public class VariableX509TrustManager extends X509ExtendedTrustManager {
+final public class VariableX509TrustManager {
     /** TrustManagers containing trusted CAs */
 …
+            }
         } catch (Exception e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
 …
+            }
         } catch (Exception e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
 …
+            }
         } catch (Exception e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }
 …
      * Check if client is trusted (no support for custom here, only system/user)
      */
     public void checkClientTrusted(X509Certificate[] chain, String authType,
                                    String hostName, String algorithm)
+    public void checkTrustClient(X509Certificate[] chain, String authType,
+                                   String hostName)
             throws CertificateException {
 …
+    }
+    public void checkClientTrusted(X509Certificate[] chain, String authType)
+            throws CertificateException {
+        checkClientTrusted(chain, authType, null, null);
+    }
+    public void checkServerTrusted(X509Certificate[] chain, String authType,
+                                   String hostName, String algorithm)
+            throws CertificateException {
+        checkServerTrusted(chain, authType, hostName, false);
+    }
+    public void checkServerTrusted(X509Certificate[] chain, String authType)
+            throws CertificateException {
+        checkServerTrusted(chain, authType, null, null);
+    }
+    /**
+     * Check if the server is trusted
+    /**
+     * Check if the server is trusted.
+     *
+     * First, existing stores are checked to see if the certificate is trusted.
+     * Next, if the certificate is not explicitly trusted by the user, a host
+     * name check is performed. The user is them prompted as needed.
+     *
      * @param chain The cert chain
      * @param authType The auth type algorithm
+     * @param checkOnly Whether to "check only" i.e. no user prompt, or to prompt for permission
+     */
+    public synchronized void checkServerTrusted(X509Certificate[] chain,
+     * @param hostName The expected hostName that the server should have
+     * @param socket The SSLSocket in use (may be null)
+     * @param engine The SSLEngine in use (may be null)
+     */
+    public synchronized void checkTrustServer(X509Certificate[] chain,
                              String authType, String hostName,
                              boolean checkOnly) throws CertificateException {
+                             SSLSocket socket, SSLEngine engine) throws CertificateException {
         CertificateException ce = null;
         boolean trusted = true;
+        boolean CNMatched = true;
+        boolean CNMatched = false;
+        // Check trust stores
         try {
             checkAllManagers(chain, authType);
+            checkAllManagers(chain, authType, socket, engine);
         } catch (CertificateException e) {
             trusted = false;
 …
         // If the certificate is not explicitly trusted, we
         // need to prompt the user
+        // check host match
         if (!isExplicitlyTrusted(chain, authType)) {
+            if (hostName == null) {
+                CNMatched = false;
+            } else {
+            if (hostName != null) {
                 try {
                     HostnameChecker checker = HostnameChecker
                             .getInstance(HostnameChecker.TYPE_TLS);
                     checker.match(hostName, chain[0]); // only need to match @ 0 for
+                                                       // CN
+                    checker.match(hostName, chain[0]); // only need to match @ 0 for CN
+                    CNMatched = true;
                 } catch (CertificateException e) {
-                    CNMatched = false;
                     ce = e;
+                }
+            }
+        }
+        } else {
+            // If it is explicitly trusted, just return right away.
+            return;
+        }
+        // If it is (not explicitly trusted) AND
+        // ((it is not in store) OR (there is a host mismatch))
         if (!trusted || !CNMatched) {
+            if (checkOnly) {
+                throw ce;
+            } else {
+                if (!isTemporarilyUntrusted(chain[0])) {
+                    boolean b = askUser(chain, authType, trusted, CNMatched, hostName);
+                    if (b) {
+                        temporarilyTrust(chain[0]);
+                    } else {
+                        temporarilyUntrust(chain[0]);
+                    }
+                }
+                checkAllManagers(chain, authType);
+            }
+        }
+    }
+    /**
+     * Check system, user and custom trust manager
+     */
+    private void checkAllManagers(X509Certificate[] chain, String authType) throws CertificateException {
+            if (!isTemporarilyUntrusted(chain[0])) {
+                boolean b = askUser(chain, authType, trusted, CNMatched, hostName);
+                if (b) {
+                    temporarilyTrust(chain[0]);
+                    return;
+                } else {
+                    temporarilyUntrust(chain[0]);
+                }
+            }
+            throw ce;
+        }
+    }
+    /**
+     * Check system, user and custom trust manager.
+     *
+     * This method is intended to work with both, JRE6 and JRE7. If socket
+     * and engine are null, it assumes that the call is for JRE6 (i.e. not
+     * javax.net.ssl.X509ExtendedTrustManager which is Java 7 specific). If
+     * either of those are not null, it will assume that the caTrustManagers
+     * are javax.net.ssl.X509ExtendedTrustManager instances and will
+     * invoke their check methods.
+     *
+     * @param chain The certificate chain
+     * @param authType The authentication type
+     * @param socket the SSLSocket being used for the connection
+     * @param engine the SSLEngine being used for the connection
+     */
+    private void checkAllManagers(X509Certificate[] chain, String authType, Socket socket, SSLEngine engine) throws CertificateException {
         // first try CA TrustManagers
         boolean trusted = false;
 …
         for (int i = 0; i < caTrustManagers.length; i++) {
             try {
+                caTrustManagers[i].checkServerTrusted(chain, authType);
+                if (socket == null && engine == null) {
+                    caTrustManagers[i].checkServerTrusted(chain, authType);
+                } else {
+                    try {
+                        Class<?> x509ETMClass = Class.forName("javax.net.ssl.X509ExtendedTrustManager");
+                        if (engine == null) {
+                            Method mcheckServerTrusted = x509ETMClass.getDeclaredMethod("checkServerTrusted", X509Certificate[].class, String.class, Socket.class);
+                            mcheckServerTrusted.invoke(caTrustManagers[i], chain, authType, socket);
+                        } else {
+                            Method mcheckServerTrusted = x509ETMClass.getDeclaredMethod("checkServerTrusted", X509Certificate[].class, String.class, SSLEngine.class);
+                            mcheckServerTrusted.invoke(caTrustManagers[i], chain, authType, engine);
+                        }
+                    } catch (NoSuchMethodException nsme) {
+                        throw new ValidatorException(nsme.getMessage());
+                    } catch (InvocationTargetException ite) {
+                        throw new ValidatorException(ite.getMessage());
+                    } catch (IllegalAccessException iae) {
+                        throw new ValidatorException(iae.getMessage());
+                    } catch (ClassNotFoundException cnfe) {
+                        throw new ValidatorException(cnfe.getMessage());
+                    }
+                }
                 trusted = true;
                 break;
 …
+            }
+        }
         if (trusted) {
             return;
 …
         if (!temporarilyTrusted.contains(chain[0])) {
             if (savedException == null) {
                 // System.out.println("IMPOSSIBLE!");
+                // OutputController.getLogger().log(OutputController.Level.MESSAGE_ALL, "IMPOSSIBLE!");
                 throw new ValidatorException(ValidatorException.T_SIGNATURE_ERROR, chain[0]);
+            }
 …
+    }
     public X509Certificate[] getAcceptedIssuers() {
+    protected X509Certificate[] getAcceptedIssuers() {
         List<X509Certificate> issuers = new ArrayList<X509Certificate>();
 …
             return true;
+        }
-        final VariableX509TrustManager trustManager = this;
         return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
             @Override
 …
                 return SecurityDialogs.showCertWarningDialog(
                         AccessType.UNVERIFIED, null,
                         new HttpsCertVerifier(trustManager, chain, authType,
+                        new HttpsCertVerifier(chain, authType,
                                               isTrusted, hostMatched,
                                               hostName));
+                                hostName), null) == AppletAction.RUN;
+            }
         });

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java

-              r418
+              r429
 import net.sourceforge.jnlp.security.KeyStores.Level;
 import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 public class CertificatePane extends JPanel {
 …
             keyStore = KeyStores.getKeyStore(currentKeyStoreLevel, currentKeyStoreType);
         } catch (Exception e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }
     //create the GUI here.
     protected void addComponents() {
+    private void addComponents() {
         JPanel main = new JPanel(new BorderLayout());
 …
             while (aliases.hasMoreElements()) {
                 Certificate c = keyStore.getCertificate(aliases.nextElement());
                 if (c instanceof X509Certificate)
+                if (c instanceof X509Certificate) {
                     certs.add((X509Certificate) c);
+                }
+            }
 …
         } catch (Exception e) {
             //TODO
             e.printStackTrace();
+           OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }
 …
                                 JOptionPane.OK_CANCEL_OPTION,
                                 JOptionPane.INFORMATION_MESSAGE);
         if (result == JOptionPane.OK_OPTION)
+        if (result == JOptionPane.OK_OPTION) {
             return jpf.getPassword();
+        else
+        }
+        else {
             return null;
+        }
+    }
 …
+        }
+        @Override
         public String toString() {
             return KeyStores.toDisplayableString(null, type);
 …
     private class CertificateTypeListener implements ActionListener {
         @Override
+        @SuppressWarnings("unchecked")//this is just certificateTypeCombo, nothing else
         public void actionPerformed(ActionEvent e) {
             JComboBox source = (JComboBox) e.getSource();
 …
     private class ImportButtonListener implements ActionListener {
+        @Override
         public void actionPerformed(ActionEvent e) {
 …
                 } catch (Exception ex) {
                     // TODO: handle exception
                     ex.printStackTrace();
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+                }
+            }
 …
     private class ExportButtonListener implements ActionListener {
+        @Override
         public void actionPerformed(ActionEvent e) {
             JTable table = null;
+            final JTable table ;
             if (currentKeyStoreLevel == Level.USER) {
                 table = userTable;
 …
                             if (currentKeyStoreType == KeyStores.Type.CLIENT_CERTS) {
                                 char[] password = getPassword(R("CVExportPasswordMessage"));
                                 if (password != null)
+                                if (password != null) {
                                     CertificateUtils.dumpPKCS12(alias, chooser.getSelectedFile(), keyStore, password);
+                                }
                             } else {
                                 Certificate c = keyStore.getCertificate(alias);
 …
+                }
             } catch (Exception ex) {
+                // TODO
+                ex.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+            }
+        }
 …
          * Removes a certificate from the keyStore and writes changes to disk.
          */
+        @Override
         public void actionPerformed(ActionEvent e) {
             JTable table = null;
+            final JTable table;
             if (currentKeyStoreLevel == Level.USER) {
                 table = userTable;
 …
+                }
             } catch (Exception ex) {
+                // TODO
+                ex.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+            }
 …
          * Shows the details of a trusted certificate.
          */
+        @Override
         public void actionPerformed(ActionEvent e) {
             JTable table = null;
+            final JTable table;
             if (currentKeyStoreLevel == Level.USER) {
                 table = userTable;

trunk/icedtea-web/netx/net/sourceforge/jnlp/security/viewer/CertificateViewer.java

-              r418
+              r429
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
 import net.sourceforge.jnlp.util.ImageResources;
+import net.sourceforge.jnlp.util.ScreenFinder;
 public class CertificateViewer extends JDialog {
 …
     private void centerDialog() {
+        Dimension screen = Toolkit.getDefaultToolkit().getScreenSize();
+        Dimension dialogSize = getSize();
+        setLocation((screen.width - dialogSize.width) / 2,
+                        (screen.height - dialogSize.height) / 2);
+        ScreenFinder.centerWindowsToCurrentScreen(this);
+    }
     public static void showCertificateViewer() throws Exception {
         JNLPRuntime.initialize(true);
-        setSystemLookAndFeel();
         CertificateViewer cv = new CertificateViewer();
 …
+    }
-    private static void setSystemLookAndFeel() {
-        try {
-            UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
-        } catch (Exception e) {
-            // don't worry if we can't.
+        }
+    }
     public static void main(String[] args) throws Exception {
         CertificateViewer.showCertificateViewer();

trunk/icedtea-web/netx/net/sourceforge/jnlp/services/ServiceUtil.java

-              r418
+              r429
 import net.sourceforge.jnlp.security.SecurityDialogs;
 import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
  * Provides static methods to interact useful for using the JNLP
  * services.<p>
+ * services.
+ *
  * @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
 …
      * perform.
      */
     static Object createPrivilegedProxy(Class iface, final Object receiver) {
+    static Object createPrivilegedProxy(Class<?> iface, final Object receiver) {
         return java.lang.reflect.Proxy.newProxyInstance(XServiceManagerStub.class.getClassLoader(),
                 new Class[] { iface },
+                new Class<?>[] { iface },
                 new PrivilegedHandler(receiver));
+    }
 …
+        }
+        @Override
         public Object invoke(Object proxy, final Method method, final Object[] args) throws Throwable {
             if (JNLPRuntime.isDebug()) {
+                System.err.println("call privileged method: " + method.getName());
+                if (args != null)
+                    for (int i = 0; i < args.length; i++)
+                        System.err.println("           arg: " + args[i]);
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "call privileged method: " + method.getName());
+                if (args != null) {
+                    for (int i = 0; i < args.length; i++) {
+                        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "           arg: " + args[i]);
+                    }
+                }
+            }
             PrivilegedExceptionAction<Object> invoker = new PrivilegedExceptionAction<Object>() {
+                @Override
                 public Object run() throws Exception {
                     return method.invoke(receiver, args);
 …
                 Object result = AccessController.doPrivileged(invoker);
+                if (JNLPRuntime.isDebug())
+                    System.err.println("        result: " + result);
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "        result: " + result);
                 return result;
 …
                 return false;
+            }
             if (app == null)
+            if (app == null) {
                 app = JNLPRuntime.getApplication();
+            }
             final AccessType tmpType = type;
 …
             //from resources.jar.
             Boolean b = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+                @Override
                 public Boolean run() {
                     boolean b = SecurityDialogs.showAccessWarningDialog(tmpType,
 …
     public static boolean isSigned(ApplicationInstance app) {
         if (app == null)
+        if (app == null) {
             app = JNLPRuntime.getApplication();
+        }
         StackTraceElement[] stack = Thread.currentThread().getStackTrace();
 …
         for (int i = 0; i < stack.length; i++) {
             Class c = null;
+            Class<?> c = null;
             try {
                 c = Class.forName(stack[i].getClassName());
             } catch (Exception e1) {
+                OutputController.getLogger().log(e1);
                 try {
                     c = Class.forName(stack[i].getClassName(), false,
                             app.getClassLoader());
                 } catch (Exception e2) {
                     System.err.println(e2.getMessage());
+                    OutputController.getLogger().log(e2);
+                }
+            }

trunk/icedtea-web/netx/net/sourceforge/jnlp/services/XBasicService.java

-              r348
+              r429
 import net.sourceforge.jnlp.runtime.ApplicationInstance;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
                 return true;
             } catch (IOException ex) {
+                if (JNLPRuntime.isDebug())
+                    ex.printStackTrace();
+                OutputController.getLogger().log(ex);
+            }
+        }
 …
         initialized = true;
         initializeBrowserCommand();
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("browser is " + command);
+        }
+        OutputController.getLogger().log("browser is " + command);
+    }
 …
                         config.save();
                     } catch (IOException e) {
                         e.printStackTrace();
+                        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+                    }
                     break;
 …
                         config.save();
                     } catch (IOException e) {
                         e.printStackTrace();
+                        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+                    }
+                }
 …
             return (p.exitValue() == 0);
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             return false;
         } catch (InterruptedException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             return false;
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/services/XDownloadService.java

-              r348
+              r429
 import javax.jnlp.*;
+import net.sourceforge.jnlp.JARDesc;
+import net.sourceforge.jnlp.Version;
+import net.sourceforge.jnlp.cache.CacheUtil;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader;
+import net.sourceforge.jnlp.runtime.ManageJnlpResources;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
 /**
  * The DownloadService JNLP service.
 …
 class XDownloadService implements DownloadService {
+    protected XDownloadService() {
+    }
+    // comments copied from DownloadService interface
+    /**
+     * Returns the {@link JNLPClassLoader} of the application
+     * @return the {@link JNLPClassLoader} of the application
+     */
+    JNLPClassLoader getClassLoader() {
+        return (JNLPClassLoader) JNLPRuntime.getApplication().getClassLoader();
+    }
     /**
      * Returns a listener that will automatically display download
      * progress to the user.
+     * @return always {@code null}
      */
     public DownloadServiceListener getDefaultProgressWindow() {
 …
      */
     public boolean isExtensionPartCached(URL ref, String version, String part) {
+        return true;
+        boolean allCached = true;
+        Version resourceVersion = (version == null) ? null : new Version(version);
+        JARDesc[] jars = ManageJnlpResources.findJars(this.getClassLoader(), ref, part, resourceVersion);
+        if (jars.length <= 0)
+            return false;
+        for (int i = 0; i < jars.length && allCached; i++) {
+            allCached = CacheUtil.isCached(jars[i].getLocation(), resourceVersion);
+        }
+        return allCached;
+    }
 …
      */
     public boolean isExtensionPartCached(URL ref, String version, String[] parts) {
+        return true;
+        boolean allCached = true;
+        if (parts.length <= 0)
+            return false;
+        for (String eachPart : parts)
+            allCached = this.isExtensionPartCached(ref, version, eachPart);
+        return allCached;
+    }
 …
      */
     public boolean isPartCached(String part) {
+        return true;
+        boolean allCached = true;
+        JARDesc[] jars = ManageJnlpResources.findJars(this.getClassLoader(), null, part, null);
+        if (jars.length <= 0)
+            return false;
+        for (int i = 0; i < jars.length && allCached; i++) {
+            allCached = CacheUtil.isCached(jars[i].getLocation(), null);
+        }
+        return allCached;
+    }
 …
      */
     public boolean isPartCached(String[] parts) {
+        return true;
+        boolean allCached = true;
+        if (parts.length <= 0)
+            return false;
+        for (String eachPart : parts)
+            allCached = this.isPartCached(eachPart);
+        return allCached;
+    }
 …
      */
     public boolean isResourceCached(URL ref, String version) {
         return true;
+        return ManageJnlpResources.isExternalResourceCached(this.getClassLoader(), ref, version);
+    }
 …
      */
     public void loadExtensionPart(URL ref, String version, String[] parts, DownloadServiceListener progress) throws IOException {
+        for (String eachPart : parts)
+            this.loadExtensionPart(ref, version, eachPart, progress);
+    }
 …
      */
     public void loadExtensionPart(URL ref, String version, String part, DownloadServiceListener progress) throws IOException {
+        Version resourceVersion = (version == null) ? null : new Version(version);
+        ManageJnlpResources.downloadJars(this.getClassLoader(), ref, part, resourceVersion);
+    }
 …
      */
     public void loadPart(String[] parts, DownloadServiceListener progress) throws IOException {
+        for (String eachPart : parts)
+            this.loadPart(eachPart, progress);
+    }
 …
      */
     public void loadPart(String part, DownloadServiceListener progress) throws IOException {
+        ManageJnlpResources.downloadJars(this.getClassLoader(), null, part, null);
+    }
 …
      */
     public void loadResource(URL ref, String version, DownloadServiceListener progress) throws IOException {
+        ManageJnlpResources.loadExternalResouceToCache(this.getClassLoader(), ref, version);
+    }
 …
      */
     public void removeExtensionPart(URL ref, String version, String part) throws IOException {
+        Version resourceVersion = (version == null) ? null : new Version(version);
+        JARDesc[] jars = ManageJnlpResources.findJars(this.getClassLoader(), ref, part, resourceVersion);
+        ManageJnlpResources.removeCachedJars(this.getClassLoader(), ref, jars);
+    }
 …
      */
     public void removeExtensionPart(URL ref, String version, String[] parts) throws IOException {
+        for (String eachPart : parts)
+            this.removeExtensionPart(ref, version, eachPart);
+    }
 …
      */
     public void removePart(String part) throws IOException {
+        JARDesc[] jars = ManageJnlpResources.findJars(this.getClassLoader(), null, part, null);
+        ManageJnlpResources.removeCachedJars(this.getClassLoader(), null, jars);
+    }
 …
      */
     public void removePart(String[] parts) throws IOException {
+        for (String eachPart : parts)
+            this.removePart(eachPart);
+    }
 …
      */
     public void removeResource(URL ref, String version) throws IOException {
+        ManageJnlpResources.removeExternalCachedResource(this.getClassLoader(), ref, version);
+    }

trunk/icedtea-web/netx/net/sourceforge/jnlp/services/XFileOpenService.java

-              r348
+              r429
                 File[] files = chooser.getSelectedFiles();
                 int length = files.length;
+                XFileContents[] xfiles = new XFileContents[length];
+                for (int i = 0; i < length; i++)
+                    xfiles[i] = new XFileContents(files[i]);
+                return (FileContents[]) ServiceUtil.createPrivilegedProxy(
+                           FileContents.class, xfiles);
+                FileContents[] result = new FileContents[length];
+                for (int i = 0; i < length; i++) {
+                    XFileContents xfile = new XFileContents(files[i]);
+                    result[i] = (FileContents) ServiceUtil.createPrivilegedProxy(FileContents.class, xfile);
+                }
+                return result;
             } else {
                 return null;

trunk/icedtea-web/netx/net/sourceforge/jnlp/services/XPersistenceService.java

-              r418
+              r429
 import net.sourceforge.jnlp.runtime.*;
 import net.sourceforge.jnlp.util.FileUtils;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
             requestPath = "";
+        if (JNLPRuntime.isDebug()) {
+            System.out.println("codebase path: " + source.getFile());
+            System.out.println("request path: " + requestPath);
+        }
+          OutputController.getLogger().log("codebase path: " + source.getFile());
+          OutputController.getLogger().log("request path: " + requestPath);
         if (!source.getFile().startsWith(requestPath)

trunk/icedtea-web/netx/net/sourceforge/jnlp/services/XPrintService.java

-              r348
+              r429
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 public class XPrintService implements PrintService {
 …
                     return true;
                 } catch (PrinterException pe) {
+                    System.err.println("Could not print: " + pe);
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Could not print: " + pe);
+                    OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, pe);
                     return false;
+                }
 …
                     return true;
                 } catch (PrinterException pe) {
+                    System.err.println("Could not print: " + pe);
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Could not print: " + pe);
+                    OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, pe);
                     return false;
+                }
 …
                                 "Warning",
                                 JOptionPane.WARNING_MESSAGE);
         System.err.println("Unable to print: Unable to find default printer.");
+        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, "Unable to print: Unable to find default printer.");
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/services/XSingleInstanceService.java

-              r348
+              r429
 import java.util.LinkedList;
 import java.util.List;
+import java.util.Map.Entry;
+import java.util.Set;
 import javax.jnlp.SingleInstanceListener;
 …
 import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.PluginBridge;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
                 lockFile.createWithPort(listeningSocket.getLocalPort());
+                if (JNLPRuntime.isDebug()) {
+                    System.out.println("Starting SingleInstanceServer on port" + listeningSocket);
+                }
+                OutputController.getLogger().log("Starting SingleInstanceServer on port" + listeningSocket);
                 while (true) {
 …
                     } catch (Exception exception) {
                         // not much to do here...
                         exception.printStackTrace();
+                        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, exception);
+                    }
+                }
             } catch (IOException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             } finally {
                 if (listeningSocket != null) {
 …
                     } catch (IOException e) {
                         // Give up.
                         e.printStackTrace();
+                        OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+                    }
+                }
 …
      * Initialize the new SingleInstanceService
+     *
      * @throws InstanceAlreadyExistsException if the instance already exists
+     * @throws InstanceExistsException if the instance already exists
      */
     public void initializeSingleInstance() {
+        if (!initialized) {
+            // this is called after the application has started. so safe to use
+            // JNLPRuntime.getApplication()
+            checkSingleInstanceRunning(JNLPRuntime.getApplication().getJNLPFile());
+        // this is called after the application has started. so safe to use
+        // JNLPRuntime.getApplication()
+        JNLPFile jnlpFile = JNLPRuntime.getApplication().getJNLPFile();
+        if (!initialized || jnlpFile instanceof PluginBridge) {
+            // Either a new process or a new applet being handled by the plugin.
+            checkSingleInstanceRunning(jnlpFile);
             initialized = true;
             SingleInstanceLock lockFile;
-            JNLPFile jnlpFile = JNLPRuntime.getApplication().getJNLPFile();
             lockFile = new SingleInstanceLock(jnlpFile);
             if (!lockFile.isValid()) {
 …
      *         already exists
      */
+    @Override
     public void checkSingleInstanceRunning(JNLPFile jnlpFile) {
         SingleInstanceLock lockFile = new SingleInstanceLock(jnlpFile);
         if (lockFile.isValid()) {
             int port = lockFile.getPort();
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("Lock file is valid (port=" + port + "). Exiting.");
+            }
+            OutputController.getLogger().log("Lock file is valid (port=" + port + "). Exiting.");
+            String[] args = null;
+            if (jnlpFile.isApplet()) {
+                // FIXME Proprietary plug-in is unclear about how to handle
+                // applets and their parameters.
+                //Right now better to forward at least something
+                Set<Entry<String, String>> currentParams = jnlpFile.getApplet().getParameters().entrySet();
+                args = new String[currentParams.size() * 2];
+                int i = 0;
+                for (Entry<String, String> entry : currentParams) {
+                    args[i] = entry.getKey();
+                    args[i+1] = entry.getValue();
+                    i += 2;
+                }
+            } else if (jnlpFile.isInstaller()) {
+                // TODO Implement this once installer service is available.
+            } else {
+                args = jnlpFile.getApplication().getArguments();
+            }
             try {
+                sendProgramArgumentsToExistingApplication(port, jnlpFile.getApplication()
+                        .getArguments());
+                sendProgramArgumentsToExistingApplication(port, args);
                 throw new InstanceExistsException(String.valueOf(port));
             } catch (IOException e) {
 …
         } catch (UnknownHostException unknownHost) {
+            if (JNLPRuntime.isDebug()) {
+                System.out.println("Unable to find localhost");
+            }
+            OutputController.getLogger().log("Unable to find localhost");
             throw new RuntimeException(unknownHost);
+        }
 …
      * Add the specified SingleInstanceListener
+     *
      * @throws InstanceExistsException, which is likely to terminate the
+     * @throws InstanceExistsException which is likely to terminate the
      *         application but not guaranteed to
      */

trunk/icedtea-web/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java

-              r418
+              r429
 package net.sourceforge.jnlp.tools;
+import static net.sourceforge.jnlp.runtime.Translator.R;
+import java.io.*;
+import java.util.*;
+import java.util.jar.*;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.CodeSigner;
+import java.security.KeyStore;
+import java.security.cert.CertPath;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
+import java.security.cert.CertPath;
+import java.security.*;
+import sun.security.x509.*;
+import sun.security.util.*;
+import net.sourceforge.jnlp.*;
+import net.sourceforge.jnlp.cache.*;
+import net.sourceforge.jnlp.security.*;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Vector;
+import java.util.jar.JarEntry;
+import net.sourceforge.jnlp.JARDesc;
+import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.LaunchException;
+import net.sourceforge.jnlp.cache.ResourceTracker;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
+import net.sourceforge.jnlp.security.AppVerifier;
+import net.sourceforge.jnlp.security.CertVerifier;
+import net.sourceforge.jnlp.security.CertificateUtils;
+import net.sourceforge.jnlp.security.KeyStores;
+import net.sourceforge.jnlp.util.JarFile;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import sun.security.util.DerInputStream;
+import sun.security.util.DerValue;
+import sun.security.x509.NetscapeCertTypeExtension;
 /**
  * <p>The jar certificate verifier utility.
+ *
+ * The jar certificate verifier utility.
+ *
  * @author Roland Schemers
  * @author Jan Luehe
 …
     private static final String SIG_PREFIX = META_INF + "SIG-";
     private static final long SIX_MONTHS = 180 * 24 * 60 * 60 * 1000L; //milliseconds
     static enum verifyResult {
+    private static final long SIX_MONTHS = 180 * 24 * 60 * 60 * 1000L; // milliseconds
+    static enum VerifyResult {
         UNSIGNED, SIGNED_OK, SIGNED_NOT_OK
+    }
+    // signer's certificate chain (when composing)
+    X509Certificate[] certChain;
+    boolean verbose = false; // verbose output when signing/verifying
+    boolean showcerts = false; // show certs when verifying
+    private boolean hasExpiredCert = false;
+    private boolean hasExpiringCert = false;
+    private boolean notYetValidCert = false;
+    private boolean badKeyUsage = false;
+    private boolean badExtendedKeyUsage = false;
+    private boolean badNetscapeCertType = false;
+    private boolean alreadyTrustPublisher = false;
+    private boolean rootInCacerts = false;
+    /**
+     * The single certPath used in this JarSiging. We're only keeping
+     * track of one here, since in practice there's only one signer
+     * for a JNLP Application.
+     */
+    private CertPath certPath = null;
+    private boolean noSigningIssues = true;
+    private boolean anyJarsSigned = false;
+    /** all of the jar files that were verified */
+    private ArrayList<String> verifiedJars = null;
+    /** all of the jar files that were not verified */
+    private ArrayList<String> unverifiedJars = null;
+    /** the certificates used for jar verification */
+    private HashMap<CertPath, Integer> certs = new HashMap<CertPath, Integer>();
+    /** details of this signing */
+    private ArrayList<String> details = new ArrayList<String>();
+    private int totalSignableEntries = 0;
+    /* (non-Javadoc)
+     * @see net.sourceforge.jnlp.tools.CertVerifier2#getAlreadyTrustPublisher()
+     */
+    /** All of the jar files that were verified for signing */
+    private List<String> verifiedJars = new ArrayList<String>();
+    /** All of the jar files that were not verified */
+    private List<String> unverifiedJars = new ArrayList<String>();
+    /** The certificates used for jar verification linked to their respective information */
+    private Map<CertPath, CertInformation> certs = new HashMap<CertPath, CertInformation>();
+    /** Temporary cert path hack to be used to keep track of which one a UI dialog is using */
+    private CertPath currentlyUsed;
+    /** Absolute location to jars and the number of entries which are possibly signable */
+    private Map<String, Integer> jarSignableEntries = new HashMap<String, Integer>();
+    /** The application verifier to use by this instance */
+    private AppVerifier appVerifier;
+    /**
+     * Create a new jar certificate verifier utility that uses the provided verifier for its strategy pattern.
+     *
+     * @param verifier
+     *            The application verifier to be used by the new instance.
+     */
+    public JarCertVerifier(AppVerifier verifier) {
+        appVerifier = verifier;
+    }
+    /**
+     * Return true if there are no signable entries in the jar.
+     * This will return false if any of verified jars have content more than just META-INF/.
+     */
+    public boolean isTriviallySigned() {
+        return getTotalJarEntries(jarSignableEntries) <= 0
+                && certs.size() <= 0;
+    }
     public boolean getAlreadyTrustPublisher() {
+        return alreadyTrustPublisher;
+    }
+    /* (non-Javadoc)
+     * @see net.sourceforge.jnlp.tools.CertVerifier2#getRootInCacerts()
+     */
+        boolean allPublishersTrusted = appVerifier.hasAlreadyTrustedPublisher(
+                certs, jarSignableEntries);
+        OutputController.getLogger().log("App already has trusted publisher: "
+                    + allPublishersTrusted);
+        return allPublishersTrusted;
+    }
     public boolean getRootInCacerts() {
+        return rootInCacerts;
+    }
+    public CertPath getCertPath() {
+        return certPath;
+    }
+    /* (non-Javadoc)
+     * @see net.sourceforge.jnlp.tools.CertVerifier2#hasSigningIssues()
+     */
+    public boolean hasSigningIssues() {
+        return hasExpiredCert || notYetValidCert || badKeyUsage
+                || badExtendedKeyUsage || badNetscapeCertType;
+    }
+    /* (non-Javadoc)
+     * @see net.sourceforge.jnlp.tools.CertVerifier2#noSigningIssues()
+     */
+    public boolean noSigningIssues() {
+        return noSigningIssues;
+    }
+    public boolean anyJarsSigned() {
+        return anyJarsSigned;
+    }
+    /* (non-Javadoc)
+     * @see net.sourceforge.jnlp.tools.CertVerifier2#getDetails()
+     */
+    public ArrayList<String> getDetails() {
+        return details;
+    }
+    /* (non-Javadoc)
+     * @see net.sourceforge.jnlp.tools.CertVerifier2#getCerts()
+     */
+    public ArrayList<CertPath> getCerts() {
+        boolean allRootCAsTrusted = appVerifier.hasRootInCacerts(certs,
+                jarSignableEntries);
+        OutputController.getLogger().log("App has trusted root CA: " + allRootCAsTrusted);
+        return allRootCAsTrusted;
+    }
+    public CertPath getCertPath(CertPath cPath) { // Parameter ignored.
+        return currentlyUsed;
+    }
+    public boolean hasSigningIssues(CertPath certPath) {
+        return certs.get(certPath).hasSigningIssues();
+    }
+    public List<String> getDetails(CertPath certPath) {
+        if (certPath != null) {
+            currentlyUsed = certPath;
+        }
+        return certs.get(currentlyUsed).getDetailsAsStrings();
+    }
+    /**
+     * Get a list of the cert paths of all signers across the app.
+     *
+     * @return List of CertPath vars representing each of the signers present on any jar.
+     */
+    public List<CertPath> getCertsList() {
         return new ArrayList<CertPath>(certs.keySet());
+    }
     /**
+     * Returns whether or not all entries have a common signer.
+     *
+     * It is possible to create jars where only some entries are signed. In
+     * such cases, we should not prompt the user to accept anything, as the whole
+     * application must be treated as unsigned. This method should be called by a
+     * caller before it is about to ask the user to accept a cert and determine
+     * whether the application is trusted or not.
+     *
+     * @return Whether or not all entries have a common signer
+     */
+    public boolean isFullySignedByASingleCert() {
+        for (CertPath cPath : certs.keySet()) {
+            // If this cert has signed everything, return true
+            if (certs.get(cPath) == totalSignableEntries)
+                return true;
+        }
+        // No cert found that signed all entries. Return false.
+        return false;
+    }
+    public void verifyJars(List<JARDesc> jars, ResourceTracker tracker)
+     * Find the information the specified cert path has with respect to this application.
+     *
+     * @return All the information the path has with this app.
+     */
+    public CertInformation getCertInformation(CertPath cPath) {
+        return certs.get(cPath);
+    }
+    /**
+     * Returns whether or not the app is considered completely signed.
+     *
+     * An app using a JNLP is considered signed if all of the entries of its jars are signed by at least one common signer.
+     *
+     * An applet on the other hand only needs to have each individual jar be fully signed by a signer. The signers can differ between jars.
+     *
+     * @return Whether or not the app is considered signed.
+     */
+    // FIXME: Change javadoc once applets do not need entire jars signed.
+    public boolean isFullySigned() {
+        if (isTriviallySigned())
+            return true;
+        boolean fullySigned = appVerifier.isFullySigned(certs,
+                jarSignableEntries);
+        OutputController.getLogger().log("App already has trusted publisher: "
+                    + fullySigned);
+        return fullySigned;
+    }
+    public static boolean isJarSigned(JARDesc jar, AppVerifier verifier, ResourceTracker tracker) throws Exception {
+        JarCertVerifier certVerifier = new JarCertVerifier(verifier);
+        List<JARDesc> singleJarList = new ArrayList<JARDesc>();
+        singleJarList.add(jar);
+        certVerifier.add(singleJarList, tracker);
+        return certVerifier.allJarsSigned();
+    }
+    /**
+     * Update the verifier to consider new jars when verifying.
+     *
+     * @param jars
+     *            List of new jars to be verified.
+     * @param tracker
+     *            Resource tracker used to obtain the the jars from cache
+     * @throws Exception
+     *             Caused by issues with obtaining the jars' entries or interacting with the tracker.
+     */
+    public void add(List<JARDesc> jars, ResourceTracker tracker)
             throws Exception {
+        verifiedJars = new ArrayList<String>();
+        unverifiedJars = new ArrayList<String>();
+        verifyJars(jars, tracker);
+    }
+    /**
+     * Verify the jars provided and update the state of this instance to match the new information.
+     *
+     * @param jars
+     *            List of new jars to be verified.
+     * @param tracker
+     *            Resource tracker used to obtain the the jars from cache
+     * @throws Exception
+     *             Caused by issues with obtaining the jars' entries or interacting with the tracker.
+     */
+    private void verifyJars(List<JARDesc> jars, ResourceTracker tracker)
+            throws Exception {
         for (JARDesc jar : jars) {
 …
                 String localFile = jarFile.getAbsolutePath();
+                verifyResult result = verifyJar(localFile);
+                if (result == verifyResult.UNSIGNED) {
+                if (verifiedJars.contains(localFile)
+                        || unverifiedJars.contains(localFile)) {
+                    continue;
+                }
+                VerifyResult result = verifyJar(localFile);
+                if (result == VerifyResult.UNSIGNED) {
                     unverifiedJars.add(localFile);
+                } else if (result == verifyResult.SIGNED_NOT_OK) {
+                    noSigningIssues = false;
+                } else if (result == VerifyResult.SIGNED_NOT_OK) {
                     verifiedJars.add(localFile);
                 } else if (result == verifyResult.SIGNED_OK) {
+                } else if (result == VerifyResult.SIGNED_OK) {
                     verifiedJars.add(localFile);
+                }
 …
+        }
+        //we really only want the first certPath
+        for (CertPath cPath : certs.keySet()) {
+            if (certs.get(cPath) != totalSignableEntries)
+                continue;
+            else
+                certPath = cPath;
+            // check if the certs added above are in the trusted path
+            checkTrustedCerts();
+            if (alreadyTrustPublisher || rootInCacerts)
+                break;
+        }
+    }
+    private verifyResult verifyJar(String jarName) throws Exception {
+        boolean anySigned = false;
+        boolean hasUnsignedEntry = false;
+        for (CertPath certPath : certs.keySet())
+            checkTrustedCerts(certPath);
+    }
+    /**
+     * Checks through all the jar entries of jarName for signers, storing all the common ones in the certs hash map.
+     *
+     * @param jarName
+     *            The absolute path to the jar file.
+     * @return The return of {@link JarCertVerifier#verifyJarEntryCerts} using the entries found in the jar located at jarName.
+     * @throws Exception
+     *             Will be thrown if there are any problems with the jar.
+     */
+    private VerifyResult verifyJar(String jarName) throws Exception {
         JarFile jarFile = null;
 …
                 InputStream is = jarFile.getInputStream(je);
                 try {
+                    int n;
+                    while ((n = is.read(buffer, 0, buffer.length)) != -1) {
+                    while (is.read(buffer, 0, buffer.length) != -1) {
                         // we just read. this will throw a SecurityException
                         // if  a signature/digest check fails.
+                        // if a signature/digest check fails.
+                    }
                 } finally {
 …
+                }
+            }
+            if (jarFile.getManifest() != null) {
+                if (verbose)
+                    System.out.println();
+                long now = System.currentTimeMillis();
+                for (JarEntry je : entriesVec) {
+                    String name = je.getName();
+                    CodeSigner[] signers = je.getCodeSigners();
+                    boolean isSigned = (signers != null);
+                    anySigned |= isSigned;
+                    boolean shouldHaveSignature = !je.isDirectory()
+                                                && !isMetaInfFile(name);
+                    hasUnsignedEntry |= shouldHaveSignature &&  !isSigned;
+                    if (shouldHaveSignature)
+                        totalSignableEntries++;
+                    if (shouldHaveSignature && isSigned) {
+                        for (int i = 0; i < signers.length; i++) {
+                            CertPath certPath = signers[i].getSignerCertPath();
+                            if (!certs.containsKey(certPath))
+                                certs.put(certPath, 1);
+                            else
+                                certs.put(certPath, certs.get(certPath) + 1);
+                            Certificate cert = signers[i].getSignerCertPath()
+                                    .getCertificates().get(0);
+                            if (cert instanceof X509Certificate) {
+                                checkCertUsage((X509Certificate) cert, null);
+                                if (!showcerts) {
+                                    long notBefore = ((X509Certificate) cert)
+                                                     .getNotBefore().getTime();
+                                    long notAfter = ((X509Certificate) cert)
+                                                    .getNotAfter().getTime();
+                                    if (now < notBefore) {
+                                        notYetValidCert = true;
+                                    }
+                                    if (notAfter < now) {
+                                        hasExpiredCert = true;
+                                    } else if (notAfter < now + SIX_MONTHS) {
+                                        hasExpiringCert = true;
+                                    }
+                                }
+                            }
+                        }
+                    }
+                } //while e has more elements
+            } else { //if man not null
+                // Else increment totalEntries by 1 so that unsigned jars with
+                // no manifests can't sneak in
+                totalSignableEntries++;
+            }
+            //Alert the user if any of the following are true.
+            if (!anySigned) {
+                return verifyResult.UNSIGNED;
+            } else {
+                anyJarsSigned = true;
+                //warnings
+                if (hasUnsignedEntry || hasExpiredCert || hasExpiringCert ||
+                        badKeyUsage || badExtendedKeyUsage || badNetscapeCertType ||
+                        notYetValidCert) {
+                    addToDetails(R("SRunWithoutRestrictions"));
+                    if (badKeyUsage)
+                        addToDetails(R("SBadKeyUsage"));
+                    if (badExtendedKeyUsage)
+                        addToDetails(R("SBadExtendedKeyUsage"));
+                    if (badNetscapeCertType)
+                        addToDetails(R("SBadNetscapeCertType"));
+                    if (hasUnsignedEntry)
+                        addToDetails(R("SHasUnsignedEntry"));
+                    if (hasExpiredCert)
+                        addToDetails(R("SHasExpiredCert"));
+                    if (hasExpiringCert)
+                        addToDetails(R("SHasExpiringCert"));
+                    if (notYetValidCert)
+                        addToDetails(R("SNotYetValidCert"));
+                }
+            }
+            return verifyJarEntryCerts(jarName, jarFile.getManifest() != null,
+                    entriesVec);
         } catch (Exception e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
             throw e;
         } finally { // close the resource
 …
+            }
+        }
+        //anySigned does not guarantee that all files were signed.
+        return (anySigned && !(hasUnsignedEntry || hasExpiredCert
+                              || badKeyUsage || badExtendedKeyUsage || badNetscapeCertType || notYetValidCert)) ? verifyResult.SIGNED_OK : verifyResult.SIGNED_NOT_OK;
+    }
+    /**
+     * Checks the user's trusted.certs file and the cacerts file to see
+     * if a publisher's and/or CA's certificate exists there.
+     */
+    private void checkTrustedCerts() throws Exception {
+        if (certPath != null) {
+            try {
+                X509Certificate publisher = (X509Certificate) getPublisher();
+                KeyStore[] certKeyStores = KeyStores.getCertKeyStores();
+                alreadyTrustPublisher = CertificateUtils.inKeyStores(publisher, certKeyStores);
+                X509Certificate root = (X509Certificate) getRoot();
+                KeyStore[] caKeyStores = KeyStores.getCAKeyStores();
+                // Check entire cert path for a trusted CA
+                for (Certificate c : certPath.getCertificates()) {
+                        if ((rootInCacerts = CertificateUtils.inKeyStores(
+                            (X509Certificate) c, caKeyStores))) {
+                        break;
+    }
+    /**
+     * Checks through all the jar entries for signers, storing all the common ones in the certs hash map.
+     *
+     * @param jarName
+     *            The absolute path to the jar file.
+     * @param jarHasManifest
+     *            Whether or not the associated jar has a manifest.
+     * @param entries
+     *            The list of entries in the associated jar.
+     * @return If there is at least one signable entry that is not signed by a common signer, return UNSIGNED. Otherwise every signable entry is signed by at least one common signer. If the signer has no issues, return SIGNED_OK. If there are any signing issues, return SIGNED_NOT_OK.
+     * @throws Exception
+     *             Will be thrown if there are issues with entries.
+     */
+    VerifyResult verifyJarEntryCerts(String jarName, boolean jarHasManifest,
+            Vector<JarEntry> entries) throws Exception {
+        // Contains number of entries the cert with this CertPath has signed.
+        Map<CertPath, Integer> jarSignCount = new HashMap<CertPath, Integer>();
+        int numSignableEntriesInJar = 0;
+        // Record current time just before checking the jar begins.
+        long now = System.currentTimeMillis();
+        if (jarHasManifest) {
+            for (JarEntry je : entries) {
+                String name = je.getName();
+                CodeSigner[] signers = je.getCodeSigners();
+                boolean isSigned = (signers != null);
+                boolean shouldHaveSignature = !je.isDirectory()
+                        && !isMetaInfFile(name);
+                if (shouldHaveSignature) {
+                    numSignableEntriesInJar++;
+                }
+                if (shouldHaveSignature && isSigned) {
+                    for (int i = 0; i < signers.length; i++) {
+                        CertPath certPath = signers[i].getSignerCertPath();
+                        if (!jarSignCount.containsKey(certPath))
+                            jarSignCount.put(certPath, 1);
+                        else
+                            jarSignCount.put(certPath,
+                                    jarSignCount.get(certPath) + 1);
+                    }
+                }
+            } catch (Exception e) {
+                // TODO: Warn user about not being able to
+                // look through their cacerts/trusted.certs
+                // file depending on exception.
+                throw e;
+            }
+            if (!rootInCacerts)
+                addToDetails(R("SUntrustedCertificate"));
+            else
+                addToDetails(R("STrustedCertificate"));
+        }
+    }
+    /* (non-Javadoc)
+     * @see net.sourceforge.jnlp.tools.CertVerifier2#getPublisher()
+     */
+    public Certificate getPublisher() {
+        if (certPath != null) {
+            List<? extends Certificate> certList = certPath.getCertificates();
+            } // while e has more elements
+        } else { // if manifest is null
+            // Else increment total entries by 1 so that unsigned jars with
+            // no manifests can't sneak in
+            numSignableEntriesInJar++;
+        }
+        jarSignableEntries.put(jarName, numSignableEntriesInJar);
+        // Find all signers that have signed every signable entry in this jar.
+        boolean allEntriesSignedBySingleCert = false;
+        for (CertPath certPath : jarSignCount.keySet()) {
+            if (jarSignCount.get(certPath) == numSignableEntriesInJar) {
+                allEntriesSignedBySingleCert = true;
+                boolean wasPreviouslyVerified = certs.containsKey(certPath);
+                if (!wasPreviouslyVerified)
+                    certs.put(certPath, new CertInformation());
+                CertInformation certInfo = certs.get(certPath);
+                if (wasPreviouslyVerified)
+                    certInfo.resetForReverification();
+                certInfo.setNumJarEntriesSigned(jarName,
+                        numSignableEntriesInJar);
+                Certificate cert = certPath.getCertificates().get(0);
+                if (cert instanceof X509Certificate) {
+                    checkCertUsage(certPath, (X509Certificate) cert, null);
+                    long notBefore = ((X509Certificate) cert).getNotBefore().getTime();
+                    long notAfter = ((X509Certificate) cert).getNotAfter().getTime();
+                    if (now < notBefore) {
+                        certInfo.setNotYetValidCert();
+                    }
+                    if (notAfter < now) {
+                        certInfo.setHasExpiredCert();
+                    } else if (notAfter < now + SIX_MONTHS) {
+                        certInfo.setHasExpiringCert();
+                    }
+                }
+            }
+        }
+        // Every signable entry of this jar needs to be signed by at least
+        // one signer for the jar to be considered successfully signed.
+        VerifyResult result = null;
+        if (numSignableEntriesInJar == 0) {
+            // Allow jars with no signable entries to simply be considered signed.
+            // There should be no security risk in doing so.
+            result = VerifyResult.SIGNED_OK;
+        } else if (allEntriesSignedBySingleCert) {
+            // We need to find at least one signer without any issues.
+            for (CertPath entryCertPath : jarSignCount.keySet()) {
+                if (certs.containsKey(entryCertPath)
+                        && !hasSigningIssues(entryCertPath)) {
+                    result = VerifyResult.SIGNED_OK;
+                    break;
+                }
+            }
+            if (result == null) {
+                // All signers had issues
+                result = VerifyResult.SIGNED_NOT_OK;
+            }
+        } else {
+            result = VerifyResult.UNSIGNED;
+        }
+        OutputController.getLogger().log("Jar found at " + jarName
+                    + "has been verified as " + result);
+        return result;
+    }
+    /**
+     * Checks the user's trusted.certs file and the cacerts file to see if a
+     * publisher's and/or CA's certificate exists there.
+     *
+     * @param certPath
+     *            The cert path of the signer being checked for trust.
+     */
+    private void checkTrustedCerts(CertPath certPath) throws Exception {
+        CertInformation info = certs.get(certPath);
+        try {
+            X509Certificate publisher = (X509Certificate) getPublisher(certPath);
+            KeyStore[] certKeyStores = KeyStores.getCertKeyStores();
+            if (CertificateUtils.inKeyStores(publisher, certKeyStores))
+                info.setAlreadyTrustPublisher();
+            KeyStore[] caKeyStores = KeyStores.getCAKeyStores();
+            // Check entire cert path for a trusted CA
+            for (Certificate c : certPath.getCertificates()) {
+                if (CertificateUtils.inKeyStores((X509Certificate) c,
+                        caKeyStores)) {
+                    info.setRootInCacerts();
+                    return;
+                }
+            }
+        } catch (Exception e) {
+            // TODO: Warn user about not being able to
+            // look through their cacerts/trusted.certs
+            // file depending on exception.
+            OutputController.getLogger().log("WARNING: Unable to read through cert store files.");
+            throw e;
+        }
+        // Otherwise a parent cert was not found to be trusted.
+        info.setUntrusted();
+    }
+    public void setCurrentlyUsedCertPath(CertPath cPath) {
+        currentlyUsed = cPath;
+    }
+    public Certificate getPublisher(CertPath cPath) {
+        if (cPath != null) {
+            currentlyUsed = cPath;
+        }
+        if (currentlyUsed != null) {
+            List<? extends Certificate> certList = currentlyUsed
+                    .getCertificates();
             if (certList.size() > 0) {
                 return certList.get(0);
 …
+    }
+    /* (non-Javadoc)
+     * @see net.sourceforge.jnlp.tools.CertVerifier2#getRoot()
+     */
+    public Certificate getRoot() {
+        if (certPath != null) {
+            List<? extends Certificate> certList = certPath.getCertificates();
+    public Certificate getRoot(CertPath cPath) {
+        if (cPath != null) {
+            currentlyUsed = cPath;
+        }
+        if (currentlyUsed != null) {
+            List<? extends Certificate> certList = currentlyUsed
+                    .getCertificates();
             if (certList.size() > 0) {
                 return certList.get(certList.size() - 1);
 …
+    }
-    private void addToDetails(String detail) {
-        if (!details.contains(detail))
-            details.add(detail);
+    }
     /**
      * Returns whether a file is in META-INF, and thus does not require signing.
+     *
+     * Signature-related files under META-INF include:
+     * . META-INF/MANIFEST.MF
+     * . META-INF/SIG-*
+     * . META-INF/*.SF
+     * . META-INF/*.DSA
+     * . META-INF/*.RSA
+     *
+     * Signature-related files under META-INF include: . META-INF/MANIFEST.MF . META-INF/SIG-* . META-INF/*.SF . META-INF/*.DSA . META-INF/*.RSA
      */
     static boolean isMetaInfFile(String name) {
 …
     /**
      * Check if userCert is designed to be a code signer
+     * @param userCert the certificate to be examined
+     * @param bad 3 booleans to show if the KeyUsage, ExtendedKeyUsage,
+     *            NetscapeCertType has codeSigning flag turned on.
+     *            If null, the class field badKeyUsage, badExtendedKeyUsage,
+     *
+     * @param userCert
+     *            the certificate to be examined
+     * @param bad
+     *            3 booleans to show if the KeyUsage, ExtendedKeyUsage,
+     *            NetscapeCertType has codeSigning flag turned on. If null,
+     *            the class field badKeyUsage, badExtendedKeyUsage,
      *            badNetscapeCertType will be set.
+     *
+     * Required for verifyJar()
+     */
+    void checkCertUsage(X509Certificate userCert, boolean[] bad) {
+     *
+     *            Required for verifyJar()
+     */
+    void checkCertUsage(CertPath certPath, X509Certificate userCert,
+            boolean[] bad) {
         // Can act as a signer?
 …
                     bad[0] = true;
                 } else {
                     badKeyUsage = true;
+                    certs.get(certPath).setBadKeyUsage();
+                }
+            }
 …
                         bad[1] = true;
                     } else {
                         badExtendedKeyUsage = true;
+                        certs.get(certPath).setBadExtendedKeyUsage();
+                    }
+                }
 …
         try {
             // OID_NETSCAPE_CERT_TYPE
             byte[] netscapeEx = userCert.getExtensionValue
                                 ("2.16.840.1.113730.1.1");
+            byte[] netscapeEx = userCert
+                    .getExtensionValue("2.16.840.1.113730.1.1");
             if (netscapeEx != null) {
                 DerInputStream in = new DerInputStream(netscapeEx);
 …
                         .toByteArray();
                 NetscapeCertTypeExtension extn =
                         new NetscapeCertTypeExtension(encoded);
                 Boolean val = (Boolean) extn.get(
                                   NetscapeCertTypeExtension.OBJECT_SIGNING);
+                NetscapeCertTypeExtension extn = new NetscapeCertTypeExtension(
+                        encoded);
+                Boolean val = (Boolean) extn
+                        .get(NetscapeCertTypeExtension.OBJECT_SIGNING);
                 if (!val) {
                     if (bad != null) {
                         bad[2] = true;
                     } else {
                         badNetscapeCertType = true;
+                        certs.get(certPath).setBadNetscapeCertType();
+                    }
+                }
 …
     /**
      * Returns if all jars are signed.
+     *
+     *
      * @return True if all jars are signed, false if there are one or more unsigned jars
      */
 …
+    }
+    public void checkTrustWithUser(SecurityDelegate securityDelegate, JNLPFile file) throws LaunchException {
+        appVerifier.checkTrustWithUser(securityDelegate, this, file);
+    }
+    public Map<String, Integer> getJarSignableEntries() {
+        return Collections.unmodifiableMap(jarSignableEntries);
+    }
+    /**
+     * Get the total number of entries in the provided map.
+     *
+     * @return The number of entries.
+     */
+    public static int getTotalJarEntries(Map<String, Integer> map) {
+        int sum = 0;
+        for (int value : map.values()) {
+            sum += value;
+        }
+        return sum;
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/tools/KeyStoreUtil.java

r418	r429
27	27
28	28	/**
29		* ~~<p> This class provides several utilities to <code>KeyStore</code>~~.
	29	* This class provides several utilities to {@link java.security.KeyStore}.
30	30	*
31	31	* @since 1.6.0

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/BasicExceptionDialog.java

-              r418
+              r429
 package net.sourceforge.jnlp.util;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import static net.sourceforge.jnlp.runtime.Translator.R;
 import java.awt.BorderLayout;
+import java.awt.Component;
 import java.awt.Dimension;
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
-import java.io.PrintWriter;
-import java.io.StringWriter;
 import javax.swing.BorderFactory;
 …
 import javax.swing.JScrollPane;
 import javax.swing.JTextArea;
+import javax.swing.SwingUtilities;
+import net.sourceforge.jnlp.controlpanel.CachePane;
+import net.sourceforge.jnlp.util.logging.JavaConsole;
 /**
 …
 public class BasicExceptionDialog {
-    private static String exceptionToString(Exception exception) {
-        StringWriter stringWriter = new StringWriter();
-        PrintWriter printWriter = new PrintWriter(stringWriter);
-        exception.printStackTrace(printWriter);
-        return stringWriter.toString();
+    }
     /**
 …
      */
     public static void show(Exception exception) {
         String detailsText = exceptionToString(exception);
+        String detailsText = OutputController.exceptionToString(exception);
         final JPanel mainPanel = new JPanel(new BorderLayout());
 …
         errorDialog.setIconImages(ImageResources.INSTANCE.getApplicationImages());
+        final JPanel quickInfoPanel = new JPanel();
+        BoxLayout layout = new BoxLayout(quickInfoPanel, BoxLayout.Y_AXIS);
+        quickInfoPanel.setLayout(layout);
+        mainPanel.add(quickInfoPanel, BorderLayout.PAGE_START);
+        final JPanel quickInfoPanelAll = new JPanel();
+        final JPanel quickInfoPanelMessage = new JPanel();
+        final JPanel quickInfoPanelButtons = new JPanel();
+        BoxLayout layoutAll = new BoxLayout(quickInfoPanelAll, BoxLayout.Y_AXIS);
+        BoxLayout layoutMessage = new BoxLayout(quickInfoPanelMessage, BoxLayout.X_AXIS);
+        BoxLayout layoutButtons = new BoxLayout(quickInfoPanelButtons, BoxLayout.X_AXIS);
+        quickInfoPanelAll.setLayout(layoutAll);
+        quickInfoPanelMessage.setLayout(layoutMessage);
+        quickInfoPanelButtons.setLayout(layoutButtons);
+        mainPanel.add(quickInfoPanelAll, BorderLayout.PAGE_START);
+        quickInfoPanelAll.add(quickInfoPanelMessage);
+        quickInfoPanelAll.add(quickInfoPanelButtons);
         JLabel errorLabel = new JLabel(exception.getMessage());
         errorLabel.setAlignmentY(JComponent.LEFT_ALIGNMENT);
         quickInfoPanel.add(errorLabel);
+        quickInfoPanelMessage.add(errorLabel);
         final JButton viewDetails = new JButton(R("ButShowDetails"));
         viewDetails.setAlignmentY(JComponent.LEFT_ALIGNMENT);
         viewDetails.setActionCommand("show");
+        quickInfoPanel.add(viewDetails);
+        quickInfoPanelButtons.add(viewDetails);
+        final JButton cacheButton = getClearCacheButton(errorDialog);
+        cacheButton.setAlignmentY(JComponent.LEFT_ALIGNMENT);
+        quickInfoPanelButtons.add(cacheButton);
+        final JButton consoleButton = getShowButton(errorDialog);
+        consoleButton.setAlignmentY(JComponent.LEFT_ALIGNMENT);
+        quickInfoPanelButtons.add(consoleButton);
+        final JPanel fillRest = new JPanel();
+        fillRest.setAlignmentY(JComponent.LEFT_ALIGNMENT);
+        quickInfoPanelButtons.add(fillRest);
         JTextArea textArea = new JTextArea();
 …
         errorDialog.pack();
         errorDialog.setResizable(true);
+        ScreenFinder.centerWindowsToCurrentScreen(errorDialog);
         errorDialog.setVisible(true);
         errorDialog.dispose();
+    }
+     public static JButton getShowButton(final Component parent) {
+        JButton consoleButton = new JButton();
+        consoleButton.setText(R("DPJavaConsole"));
+        consoleButton.addActionListener(new java.awt.event.ActionListener() {
+            @Override
+            public void actionPerformed(java.awt.event.ActionEvent evt) {
+                try {
+                    JavaConsole.getConsole().showConsoleLater(true);
+                } catch (Exception ex) {
+                    OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+                    JOptionPane.showConfirmDialog(parent, ex);
+                }
+            }
+        });
+        if (!JavaConsole.isEnabled()) {
+            consoleButton.setEnabled(false);
+            consoleButton.setToolTipText(R("DPJavaConsoleDisabledHint"));
+        }
+        return consoleButton;
+    }
+    public static JButton getClearCacheButton(final Component parent) {
+        JButton clearAllButton = new JButton();
+        clearAllButton.setText(R("CVCPCleanCache"));
+        clearAllButton.setToolTipText(R("CVCPCleanCacheTip"));
+        clearAllButton.addActionListener(new java.awt.event.ActionListener() {
+            @Override
+            public void actionPerformed(java.awt.event.ActionEvent evt) {
+                SwingUtilities.invokeLater(new Runnable() {
+                    @Override
+                    public void run() {
+                        try {
+                            CachePane.visualCleanCache(parent);
+                        } catch (Exception ex) {
+                            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, ex);
+                        }
+                    }
+                });
+            }
+        });
+        return clearAllButton;
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/FileUtils.java

-              r396
+              r429
 package net.sourceforge.jnlp.util;
+import java.awt.Component;
 import static net.sourceforge.jnlp.runtime.Translator.R;
+import java.awt.Window;
+import java.io.BufferedReader;
+import java.io.BufferedWriter;
 import java.io.File;
+import java.io.FileInputStream;
 import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
 import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStreamWriter;
 import java.io.RandomAccessFile;
+import java.io.Writer;
 import java.nio.channels.FileChannel;
 import java.nio.channels.FileLock;
+import java.security.DigestInputStream;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.List;
 import net.sourceforge.jnlp.config.Defaults;
+import javax.swing.JFrame;
+import javax.swing.JOptionPane;
+import javax.swing.SwingUtilities;
+import net.sourceforge.jnlp.config.DirectoryValidator;
+import net.sourceforge.jnlp.config.DirectoryValidator.DirectoryCheckResults;
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
 …
 public final class FileUtils {
+    /**
+     * Indicates whether a file was successfully opened. If not, provides specific reasons
+     * along with a general failure case
+     */
+    public enum OpenFileResult {
+        /** The file was successfully opened */
+        SUCCESS,
+        /** The file could not be opened, for non-specified reasons */
+        FAILURE,
+        /** The file could not be opened because it did not exist and could not be created */
+        CANT_CREATE,
+        /** The file can be opened but in read-only */
+        CANT_WRITE,
+        /** The specified path pointed to a non-file filesystem object, ie a directory */
+        NOT_FILE;
+    }
     /**
 …
         if (f.exists()) {
             if (!f.delete()) {
                 System.err.println(R("RCantDeleteFile", eMsg == null ? f : eMsg));
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RCantDeleteFile", eMsg == null ? f : eMsg));
+            }
+        }
 …
+        }
+        if (JNLPRuntime.isWindows()) {
+            // remove all permissions
+            if (!tempFile.setExecutable(false, false)) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RRemoveXPermFailed", tempFile));
+            }
+            if (!tempFile.setReadable(false, false)) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RRemoveRPermFailed", tempFile));
+            }
+            if (!tempFile.setWritable(false, false)) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RRemoveWPermFailed", tempFile));
+            }
+            // allow owner to read
+            if (!tempFile.setReadable(true, true)) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RGetRPermFailed", tempFile));
+            }
+            // allow owner to write
+            if (writableByOwner && !tempFile.setWritable(true, true)) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RGetWPermFailed", tempFile));
+            }
+            // allow owner to enter directories
+            if (isDir && !tempFile.setExecutable(true, true)) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RGetXPermFailed", tempFile));
+            }
+            // rename this file. Unless the file is moved/renamed, any program that
+            // opened the file right after it was created might still be able to
+            // read the data.
+            if (!tempFile.renameTo(file)) {
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, R("RCantRename", tempFile, file));
+            }
+        } else {
         // remove all permissions
         if (!Defaults.OS_DOS_LIKE) {
 …
             throw new IOException(R("RGetXPermFailed", tempFile));
+        }
         // rename this file. Unless the file is moved/renamed, any program that
         // opened the file right after it was created might still be able to
 …
             throw new IOException(R("RCantRename", tempFile, file));
+        }
+        }
+    }
+    /**
+     * Ensure that the parent directory of the file exists and that we are
+     * able to create and access files within this directory
+     * @param file the {@link File} representing a Java Policy file to test
+     * @return a {@link DirectoryCheckResults} object representing the results of the test
+     */
+    public static DirectoryCheckResults testDirectoryPermissions(File file) {
+        try {
+            file = file.getCanonicalFile();
+        } catch (final IOException e) {
+            OutputController.getLogger().log(e);
+            return null;
+        }
+        if (file == null || file.getParentFile() == null || !file.getParentFile().exists()) {
+            return null;
+        }
+        final List<File> policyDirectory = new ArrayList<File>();
+        policyDirectory.add(file.getParentFile());
+        final DirectoryValidator validator = new DirectoryValidator(policyDirectory);
+        final DirectoryCheckResults result = validator.ensureDirs();
+        return result;
+    }
+    /**
+     * Verify that a given file object points to a real, accessible plain file.
+     * @param file the {@link File} to verify
+     * @return an {@link OpenFileResult} representing the accessibility level of the file
+     */
+    public static OpenFileResult testFilePermissions(File file) {
+        if (file == null || !file.exists()) {
+            return OpenFileResult.FAILURE;
+        }
+        try {
+            file = file.getCanonicalFile();
+        } catch (final IOException e) {
+            return OpenFileResult.FAILURE;
+        }
+        final DirectoryCheckResults dcr = FileUtils.testDirectoryPermissions(file);
+        if (dcr != null && dcr.getFailures() == 0) {
+            if (file.isDirectory())
+                return OpenFileResult.NOT_FILE;
+            try {
+                if (!file.exists() && !file.createNewFile()) {
+                    return OpenFileResult.CANT_CREATE;
+                }
+            } catch (IOException e) {
+                return OpenFileResult.CANT_CREATE;
+            }
+            final boolean read = file.canRead(), write = file.canWrite();
+            if (read && write)
+                return OpenFileResult.SUCCESS;
+            else if (read)
+                return OpenFileResult.CANT_WRITE;
+            else
+                return OpenFileResult.FAILURE;
+        }
+        return OpenFileResult.FAILURE;
+    }
+    /**
+     * Show a dialog informing the user that the file is currently read-only
+     * @param frame a {@link JFrame} to act as parent to this dialog
+     */
+    public static void showReadOnlyDialog(final Component frame) {
+        SwingUtilities.invokeLater(new Runnable() {
+            @Override
+            public void run() {
+                JOptionPane.showMessageDialog(frame, R("RFileReadOnly"), R("Warning"), JOptionPane.WARNING_MESSAGE);
+            }
+        });
+    }
+    /**
+     * Show a generic error dialog indicating the  file could not be opened
+     * @param frame a {@link JFrame} to act as parent to this dialog
+     * @param filePath a {@link String} representing the path to the file we failed to open
+     */
+    public static void showCouldNotOpenFilepathDialog(final Component frame, final String filePath) {
+        showCouldNotOpenDialog(frame, R("RCantOpenFile", filePath));
+    }
+    /**
+     * Show an error dialog indicating the file could not be opened, with a particular reason
+     * @param frame a {@link JFrame} to act as parent to this dialog
+     * @param filePath a {@link String} representing the path to the file we failed to open
+     * @param reason a {@link OpenFileResult} specifying more precisely why we failed to open the file
+     */
+    public static void showCouldNotOpenFileDialog(final Component frame, final String filePath, final OpenFileResult reason) {
+        final String message;
+        switch (reason) {
+            case CANT_CREATE:
+                message = R("RCantCreateFile", filePath);
+                break;
+            case CANT_WRITE:
+                message = R("RCantWriteFile", filePath);
+                break;
+            case NOT_FILE:
+                message = R("RExpectedFile", filePath);
+                break;
+            default:
+                message = R("RCantOpenFile", filePath);
+                break;
+        }
+        showCouldNotOpenDialog(frame, message);
+    }
+    /**
+     * Show a dialog informing the user that the file could not be opened
+     * @param frame a {@link JFrame} to act as parent to this dialog
+     * @param filePath a {@link String} representing the path to the file we failed to open
+     * @param message a {@link String} giving the specific reason the file could not be opened
+     */
+    public static void showCouldNotOpenDialog(final Component frame, final String message) {
+        SwingUtilities.invokeLater(new Runnable() {
+            @Override
+            public void run() {
+                JOptionPane.showMessageDialog(frame, message, R("Error"), JOptionPane.ERROR_MESSAGE);
+            }
+        });
+    }
 …
      */
     public static void recursiveDelete(File file, File base) throws IOException {
+        if (JNLPRuntime.isDebug()) {
+            System.err.println("Deleting: " + file);
+        }
+        OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Deleting: " + file);
         if (!(file.getCanonicalPath().startsWith(base.getCanonicalPath()))) {
 …
+            }
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
         return lock;
+    }
+    /**
+     * helping dummy  method to save String as file
+     *
+     * @param content
+     * @param f
+     * @throws IOException
+     */
+    public static void saveFile(String content, File f) throws IOException {
+        saveFile(content, f, "utf-8");
+    }
+    public static void saveFile(String content, File f, String encoding) throws IOException {
+        Writer output = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(f), encoding));
+        output.write(content);
+        output.flush();
+        output.close();
+    }
+    /**
+     * utility method which can read from any stream as one long String
+     *
+     * @param is stream
+     * @param encoding the encoding to use to convert the bytes from the stream
+     * @return stream as string
+     * @throws IOException if connection can't be established or resource does not exist
+     */
+    public static String getContentOfStream(InputStream is, String encoding) throws IOException {
+        try {
+            BufferedReader br = new BufferedReader(new InputStreamReader(is, encoding));
+            StringBuilder sb = new StringBuilder();
+            while (true) {
+                String s = br.readLine();
+                if (s == null) {
+                    break;
+                }
+                sb.append(s).append("\n");
+            }
+            return sb.toString();
+        } finally {
+            is.close();
+        }
+    }
+    /**
+     * utility method which can read from any stream as one long String
+     *
+     * @param is stream
+     * @return stream as string
+     * @throws IOException if connection can't be established or resource does not exist
+     */
+    public static String getContentOfStream(InputStream is) throws IOException {
+        return getContentOfStream(is, "UTF-8");
+    }
+    public static String loadFileAsString(File f) throws IOException {
+        return getContentOfStream(new FileInputStream(f));
+    }
+    public static String loadFileAsString(File f, String encoding) throws IOException {
+        return getContentOfStream(new FileInputStream(f), encoding);
+    }
+    public static byte[] getFileMD5Sum(final File file, final String algorithm) throws NoSuchAlgorithmException,
+            FileNotFoundException, IOException {
+        final MessageDigest md5;
+        InputStream is = null;
+        DigestInputStream dis = null;
+        try {
+            md5 = MessageDigest.getInstance(algorithm);
+            is = new FileInputStream(file);
+            dis = new DigestInputStream(is, md5);
+            md5.update(getContentOfStream(dis).getBytes());
+        } finally {
+            if (is != null) {
+                is.close();
+            }
+            if (dis != null) {
+                dis.close();
+            }
+        }
+        return md5.digest();
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/ImageResources.java

-              r418
+              r429
 package net.sourceforge.jnlp.util;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import java.awt.Image;
 import java.io.IOException;
 …
             return image;
         } catch (IOException ioe) {
             ioe.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ioe);
             return null;
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/PropertiesFile.java

r418	r429
17	17	package net.sourceforge.jnlp.util;
18	18
	19	import net.sourceforge.jnlp.util.logging.OutputController;
19	20	import java.io.*;
20	21	import java.util.*;
…	…
24	25	* exceptions. The properties are automatically loaded from the
25	26	* file when the first property is requested, but the save method
26		* must be called before changes are saved to the file.~~<p>~~
	27	* must be called before changes are saved to the file.
27	28	*
28	29	* @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author
…	…
139	140	}
140	141	} catch (IOException ex) {
141		~~ex.printStackTrace(~~);
	142	OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
142	143	}
143	144	}
…	…
165	166	}
166	167	} catch (IOException ex) {
167		~~ex.printStackTrace(~~);
	168	OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
168	169	}
169	170	}

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/Reflect.java

-              r348
+              r429
 package net.sourceforge.jnlp.util;
+import java.lang.reflect.*;
+import java.lang.reflect.Method;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
  * Provides simply, convenient methods to invoke methods by
  * name.  This class is used to consolidate reflection needed to
+ * name. This class is used to consolidate reflection needed to
  * access methods specific to Sun's JVM or to remain backward
  * compatible while supporting method in newer JVMs.<p>
+ *
+ * compatible while supporting method in newer JVMs.
+ * <p>
  * Most methods of this class invoke the first method on the
  * specified object that matches the name and number of
  * parameters.  The type of the parameters are not considered, so
+ * parameters. The type of the parameters are not considered, so
  * do not attempt to use this class to invoke overloaded
+ * methods.<p>
+ *
+ * Instances of this class are not synchronized.<p>
+ * methods.
+ * </p>
+ * <p>
+ * Instances of this class are not synchronized.
+ * </p>
+ *
  * @author <a href="mailto:jon.maxwell@acm.org">Jon A. Maxwell (JAM)</a> - initial author
 …
     public Object invokeStatic(String className, String method, Object args[]) {
         try {
             Class c = Class.forName(className, true, Reflect.class.getClassLoader());
+            Class<?> c = Class.forName(className, true, Reflect.class.getClassLoader());
             Method m = getMethod(c, method, args);
             if (m.isAccessible() != accessible)
+            if (m.isAccessible() != accessible) {
                 m.setAccessible(accessible);
+            }
             return m.invoke(null, args);
 …
         try {
             Method m = getMethod(object.getClass(), method, args);
             if (m.isAccessible() != accessible)
+            if (m.isAccessible() != accessible) {
                 m.setAccessible(accessible);
+            }
             return m.invoke(object, args);
         } catch (Exception ex) { // eat
             ex.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
             return null;
+        }
 …
      * arguments.
      */
     public Method getMethod(Class type, String method, Object args[]) {
+    public Method getMethod(Class<?> type, String method, Object args[]) {
         try {
             for (Class c = type; c != null; c = c.getSuperclass()) {
+            for (Class<?> c = type; c != null; c = c.getSuperclass()) {
                 Method methods[] = c.getMethods();
 …
                         Class parameters[] = methods[i].getParameterTypes();
                         if (parameters.length == args.length)
+                        if (parameters.length == args.length) {
                             return methods[i];
+                        }
+                    }
+                }
+            }
         } catch (Exception ex) { // eat
             ex.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/TimedHashMap.java

-              r348
+              r429
 package net.sourceforge.jnlp.util;
+import net.sourceforge.jnlp.util.logging.OutputController;
 import java.util.HashMap;
 …
             // Item exists. If it has not expired, renew its access time and return it
             if (age <= expiry) {
+                if (JNLPRuntime.isDebug()) {
+                    System.err.println("Returning proxy " + actualMap.get(key) + " from cache for " + key);
+                }
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Returning proxy " + actualMap.get(key) + " from cache for " + key);
                 timeStamps.put(key, System.nanoTime());
                 return actualMap.get(key);
             } else {
+                if (JNLPRuntime.isDebug()) {
+                    System.err.println("Proxy cache for " + key + " has expired (age=" + (age * 1e-9) + " seconds)");
+                }
+                OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Proxy cache for " + key + " has expired (age=" + (age * 1e-9) + " seconds)");
+            }
+        }

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/UrlUtils.java

-              r348
+              r429
 package net.sourceforge.jnlp.util;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import java.io.File;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URISyntaxException;
 import java.net.URL;
+import java.net.URLDecoder;
+import net.sourceforge.jnlp.JNLPFile;
 public class UrlUtils {
+    private static final String UTF8 = "utf-8";
+    public static URL normalizeUrlAndStripParams(URL url, boolean encodeFileUrls) {
+        try {
+            String[] urlParts = url.toString().split("\\?");
+            URL strippedUrl = new URL(urlParts[0]);
+            return normalizeUrl(strippedUrl, encodeFileUrls);
+        } catch (IOException e) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        } catch (URISyntaxException e) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+        return url;
+    }
+    public static URL normalizeUrlAndStripParams(URL url) {
+        return normalizeUrlAndStripParams(url, false);
+    }
     public static boolean isLocalFile(URL url) {
 …
         return false;
+    }
+    /* Decode a percent-encoded URL. Catch checked exceptions and log. */
+    public static URL decodeUrlQuietly(URL url) {
+        try {
+            return new URL(URLDecoder.decode(url.toString(), UTF8));
+        } catch (IOException e) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            return url;
+        }
+    }
+    /* Use the URI syntax check of 'toURI' to see if it matches RFC2396.
+     * See http://www.ietf.org/rfc/rfc2396.txt */
+    public static boolean isValidRFC2396Url(URL url) {
+        try {
+            url.toURI();
+            return true;
+        } catch (URISyntaxException e) {
+            return false;
+        }
+    }
+    /* Ensure a URL is properly percent-encoded.
+     * Certain usages require local-file URLs to be encoded, eg for code-base & document-base. */
+    public static URL normalizeUrl(URL url, boolean encodeFileUrls) throws MalformedURLException, UnsupportedEncodingException, URISyntaxException {
+        if (url == null) {
+            return null;
+        }
+        String protocol = url.getProtocol();
+        boolean shouldEncode = (encodeFileUrls || !"file".equals(protocol));
+        // PR1465: We should not call 'URLDecoder.decode' on RFC2396-compliant URLs
+        if (protocol == null || !shouldEncode || url.getPath() == null || isValidRFC2396Url(url)) {
+            return url;
+        }
+        //Decode the URL before encoding
+        URL decodedURL = new URL(URLDecoder.decode(url.toString(), UTF8));
+        //Create URI with the decoded URL
+        URI uri = new URI(decodedURL.getProtocol(), null, decodedURL.getHost(), decodedURL.getPort(), decodedURL.getPath(), decodedURL.getQuery(), null);
+        //Returns the encoded URL
+        URL encodedURL = new URL(uri.toASCIIString());
+        return encodedURL;
+    }
+    /* Ensure a URL is properly percent-encoded. Does not encode local-file URLs. */
+    public static URL normalizeUrl(URL url) throws MalformedURLException, UnsupportedEncodingException, URISyntaxException {
+        return normalizeUrl(url, false);
+    }
+    /* Ensure a URL is properly percent-encoded. Catch checked exceptions and log. */
+    public static URL normalizeUrlQuietly(URL url, boolean encodeFileUrls) {
+        try {
+            return normalizeUrl(url, encodeFileUrls);
+        } catch (MalformedURLException e) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        } catch (UnsupportedEncodingException e) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        } catch (URISyntaxException e) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+        return url;
+    }
+    /* Ensure a URL is properly percent-encoded. Catch checked exceptions and log. */
+    public static URL normalizeUrlQuietly(URL url) {
+        return normalizeUrlQuietly(url, false);
+    }
+    /* Decode a URL as a file, being tolerant of URLs with mixed encoded & decoded portions. */
+    public static File decodeUrlAsFile(URL url) {
+        return new File(decodeUrlQuietly(url).getFile());
+    }
+    /**
+     * This function i striping part behind last path delimiter.
+     *
+     * Expected is input like protcol://som.url/some/path/file.suff
+     * Then output will bee protcol://som.url/some/path
+     *
+     * Be aware of input like  protcol://som.url/some/path/
+     * then input will be just  protcol://som.url/some/path
+     *
+     * You can use sanitizeLastSlash and see also unittests
+     * Both unix and windows salshes are supported
+     *
+     * @param src
+     * @return
+     */
+    public static URL removeFileName(final URL src) {
+        URL nsrc = normalizeUrlAndStripParams(src);
+        String s = nsrc.getPath();
+        int i1 = s.lastIndexOf("/");
+        int i2 = s.lastIndexOf("\\");
+        int i = Math.max(i1, i2);
+        if (i < 0) {
+            return src;
+        }
+        s = s.substring(0, i);
+        try {
+            return sanitizeLastSlash(new URL(src.getProtocol(), src.getHost(), src.getPort(), s));
+        } catch (MalformedURLException ex) {
+            OutputController.getLogger().log(ex);
+            return nsrc;
+        }
+    }
+    /**
+     * Small utility function creating li list from collection of urls
+     * @param remoteUrls
+     * @return
+     */
+    public static String setOfUrlsToHtmlList(Iterable<URL> remoteUrls) {
+        StringBuilder sb = new StringBuilder();
+        sb.append("<ul>");
+        for (URL url : remoteUrls) {
+            sb.append("<li>").append(url.toExternalForm()).append("</li>");
+        }
+        sb.append("</ul>");
+        return sb.toString();
+    }
+    /**
+     * This function is removing all tailing slashes of url and
+     * both unix and windows salshes are supported.
+     * See tests for valid and invalid inputs/outputs
+     * Shortly   protcol://som.url/some/path/ or  protcol://som.url/some/path////
+     * (and same for windows  protcol://som.url/some\path\\) will become  protcol://som.url/some/path
+     * Even  protcol://som.url/ is reduced to  protcol://som.url
+     *
+     *
+     * When input is like
+     * @param in
+     * @return
+     * @throws MalformedURLException
+     */
+    public static URL sanitizeLastSlash(URL in) throws MalformedURLException {
+        if (in == null) {
+            return null;
+        }
+        String s = sanitizeLastSlash(in.toExternalForm());
+        return new URL(s);
+    }
+    public static String sanitizeLastSlash(final String in) {
+        if (in == null) {
+            return null;
+        }
+        String s = in;
+        while (s.endsWith("/") || s.endsWith("\\")) {
+            s = s.substring(0, s.length() - 1);
+        }
+        return s;
+    }
+    /**
+     * both urls are processed by sanitizeLastSlash before actual equals.
+     * So protcol://som.url/some/path/ is same as protcol://som.url/some/path.
+     * Even protcol://som.url/some/path\ is same as protcol://som.url/some/path/
+     *
+     * @param u1
+     * @param u2
+     * @return
+     */
+    public static boolean equalsIgnoreLastSlash(URL u1, URL u2) {
+        try {
+            if (u1 == null && u2 == null) {
+                return true;
+            }
+            if (u1 == null && u2 != null) {
+                return false;
+            }
+            if (u1 != null && u2 == null) {
+                return false;
+            }
+            return sanitizeLastSlash(u1).equals(sanitizeLastSlash(u2));
+        } catch (MalformedURLException ex) {
+            throw new RuntimeException(ex);
+        }
+    }
+     public static URL guessCodeBase(JNLPFile file) {
+        if (file.getCodeBase() != null) {
+            return file.getCodeBase();
+        } else {
+            //Fixme: codebase should be the codebase of the Main Jar not
+            //the location. Although, it still works in the current state.
+            return file.getResources().getMainJAR().getLocation();
+        }
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/WeakList.java

r348	r429
26	26	* may return null). The weak references are only removed when
27	27	* the trimToSize method is called so that the indices remain
28		* constant otherwise.~~<p>~~
	28	* constant otherwise.
29	29	*
30	30	* @author <a href="mailto:jmaxwell@users.sourceforge.net">Jon A. Maxwell (JAM)</a> - initial author

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/XDesktopEntry.java

-              r348
+              r429
 package net.sourceforge.jnlp.util;
+import net.sourceforge.jnlp.util.logging.OutputController;
+import java.io.BufferedReader;
 import java.io.File;
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
+import java.io.FileReader;
 import java.io.IOException;
 import java.io.OutputStreamWriter;
 …
 import java.net.URL;
 import java.nio.charset.Charset;
+import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
 import net.sourceforge.jnlp.IconDesc;
 …
         String fileContents = "[Desktop Entry]\n";
         fileContents += "Version=1.0\n";
         fileContents += "Name=" + sanitize(file.getTitle()) + "\n";
+        fileContents += "Name=" + getDesktopIconName() + "\n";
         fileContents += "GenericName=Java Web Start Application\n";
         fileContents += "Comment=" + sanitize(file.getInformation().getDescription()) + "\n";
 …
+        }
         //Shortcut executes the jnlp from cache and system preferred java..
         fileContents += "Exec=" + "javaws" + " \"" + cacheFile.getAbsolutePath() + "\"\n";
+        //Shortcut executes the jnlp as it was with system preferred java. It should work fine offline
+        fileContents += "Exec=" + "javaws" + " \"" + file.getSourceLocation() + "\"\n";
         return new StringReader(fileContents);
 …
+    }
+    public File getShortcutTmpFile() {
+        String userTmp = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_USER_TMP_DIR);
+        File shortcutFile = new File(userTmp + File.separator + FileUtils.sanitizeFileName(file.getTitle()) + ".desktop");
+        return shortcutFile;
+    }
     /**
      * Set the icon size to use for the desktop shortcut
 …
             installDesktopLauncher();
         } catch (Exception e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }
 …
      */
     private void installDesktopLauncher() {
+        File shortcutFile = new File(JNLPRuntime.getConfiguration()
+                .getProperty(DeploymentConfiguration.KEY_USER_TMP_DIR)
+                + File.separator + FileUtils.sanitizeFileName(file.getTitle()) + ".desktop");
+        File shortcutFile = getShortcutTmpFile();
         try {
 …
             String[] execString = new String[] { "xdg-desktop-icon", "install", "--novendor",
                     shortcutFile.getCanonicalPath() };
+            if (JNLPRuntime.isDebug()) {
+                System.err.println("Execing: " + Arrays.toString(execString));
+            }
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Execing: " + Arrays.toString(execString));
             Process installer = Runtime.getRuntime().exec(execString);
             new StreamEater(installer.getInputStream()).start();
 …
                 installer.waitFor();
             } catch (InterruptedException e) {
                 e.printStackTrace();
+                OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+            }
 …
         } catch (FileNotFoundException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
         } catch (IOException e) {
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }
 …
             this.iconLocation = location.substring("file:".length());
+            if (JNLPRuntime.isDebug()) {
+                System.err.println("Cached desktop shortcut icon: " + this.iconLocation);
+            }
+        }
+    }
+            OutputController.getLogger().log(OutputController.Level.ERROR_DEBUG, "Cached desktop shortcut icon: " + this.iconLocation);
+        }
+    }
+    public String getDesktopIconName() {
+        return sanitize(file.getTitle());
+    }
+    public File getLinuxDesktopIconFile() {
+        return new File(findFreedesktopOrgDesktopPathCatch() + "/" + getDesktopIconName() + ".desktop");
+    }
+    private static String findFreedesktopOrgDesktopPathCatch() {
+        try {
+            return findFreedesktopOrgDesktopPath();
+        } catch (Exception ex) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+            return System.getProperty("user.home") + "/Desktop/";
+        }
+    }
+    /**
+     * Instead of having all this parsing of user-dirs.dirs and replacing
+     * variables we can execute `echo $(xdg-user-dir DESKTOP)` and it will do
+     * all the job in case approaches below become failing
+     *
+     * @return variables (if declared) and quotation marks (unless escaped) free
+     * path
+     * @throws IOException if no file do not exists or key with desktop do not
+     * exists
+     */
+    private static String findFreedesktopOrgDesktopPath() throws IOException {
+        File userDirs = new File(System.getProperty("user.home") + "/.config/user-dirs.dirs");
+        if (!userDirs.exists()) {
+            return System.getProperty("user.home") + "/Desktop/";
+        }
+        return getFreedesktopOrgDesktopPathFrom(userDirs);
+    }
+    private static String getFreedesktopOrgDesktopPathFrom(File userDirs) throws IOException {
+        BufferedReader r = new BufferedReader(new FileReader(userDirs));
+        try {
+            return getFreedesktopOrgDesktopPathFrom(r);
+        } finally {
+            r.close();
+        }
+    }
+    static final String XDG_DESKTOP_DIR = "XDG_DESKTOP_DIR";
+    static String getFreedesktopOrgDesktopPathFrom(BufferedReader r) throws IOException {
+        while (true) {
+            String s = r.readLine();
+            if (s == null) {
+                throw new IOException("End of user-dirs found, but no " + XDG_DESKTOP_DIR + " key found");
+            }
+            s = s.trim();
+            if (s.startsWith(XDG_DESKTOP_DIR)) {
+                if (!s.contains("=")) {
+                    throw new IOException(XDG_DESKTOP_DIR + " has no value");
+                }
+                String[] keyAndValue = s.split("=");
+                keyAndValue[1] = keyAndValue[1].trim();
+                String filteredQuotes = filterQuotes(keyAndValue[1]);
+                return evaluateLinuxVariables(filteredQuotes);
+            }
+        }
+    }
+    private static final String MIC = "MAGIC_QUOTIN_ITW_CONSTANT_FOR_DUMMIES";
+    private static String filterQuotes(String string) {
+        //get rid of " but not of
+        String s = string.replaceAll("\\\\\"", MIC);
+        s = s.replaceAll("\"", "");
+        s = s.replaceAll(MIC, "\\\"");
+        return s;
+    }
+    private static String evaluateLinuxVariables(String orig) {
+        return evaluateLinuxVariables(orig, System.getenv());
+    }
+    private static String evaluateLinuxVariables(String orig, Map<String, String> variables) {
+        Set<Entry<String, String>> env = variables.entrySet();
+        List<Entry<String, String>> envVariables = new ArrayList<Entry<String, String>>(env);
+        Collections.sort(envVariables, new Comparator<Entry<String, String>>() {
+            @Override
+            public int compare(Entry<String, String> o1, Entry<String, String> o2) {
+                return o2.getKey().length() - o1.getKey().length();
+            }
+        });
+        while (true) {
+            String before = orig;
+            for (Entry<String, String> entry : envVariables) {
+                orig = orig.replaceAll("\\$" + entry.getKey(), entry.getValue());
+            }
+            if (before.equals(orig)) {
+                return orig;
+            }
+        }
+    }
+}

trunk/icedtea-web/netx/net/sourceforge/jnlp/util/replacements/CharacterEncoder.java

-              r418
+              r429
  * data into text (generally 7 bit ASCII or 8 bit ISO-Latin-1 text)
  * for transmition over text channels such as e-mail and network news.
+ *
+ * <p>
  * The character encoders have been structured around a central theme
  * that, in general, the encoded text has the form:
+ *
+ * <pre>
+ * <pre><code>
  *      [Buffer Prefix]
  *      [Line Prefix][encoded data atoms][Line Suffix]
  *      [Buffer Suffix]
+ * </pre>
+ *
+ * In the CharacterEncoder and CharacterDecoder classes, one complete
+ * chunk of data is referred to as a <i>buffer</i>. Encoded buffers
+ * are all text, and decoded buffers (sometimes just referred to as
+ * buffers) are binary octets.
+ *
+ * To create a custom encoder, you must, at a minimum,  overide three
+ * </code></pre>
+ * </p>
+ * <p>
+ * In the {@code CharacterEncoder} and {@link CharacterDecoder}
+ * classes, one complete chunk of data is referred to as a
+ * <i>buffer</i>. Encoded buffers are all text, and decoded buffers
+ * (sometimes just referred to as buffers) are binary octets.
+ * </p>
+ * <p>
+ * To create a custom encoder, you must, at a minimum, overide three
  * abstract methods in this class.
  * <DL>
  * <DD>bytesPerAtom which tells the encoder how many bytes to
+ * <dl>
+ * <dd/>bytesPerAtom which tells the encoder how many bytes to
  * send to encodeAtom
  * <DD>encodeAtom which encodes the bytes sent to it as text.
  * <DD>bytesPerLine which tells the encoder the maximum number of
+ * <dd/>encodeAtom which encodes the bytes sent to it as text.
+ * <dd/>bytesPerLine which tells the encoder the maximum number of
  * bytes per line.
+ * </DL>
+ *
+ * </dl>
+ * </p>
+ * <p>
  * Several useful encoders have already been written and are
  * referenced in the See Also list below.
+ *
+ * </p>
  * @author      Chuck McManis
+ * @see         CharacterDecoder;
+ * @see         UCEncoder
+ * @see         UUEncoder
+ * @see         CharacterDecoder
  * @see         BASE64Encoder
  */
 …
     /**
      * Return a byte array from the remaining bytes in this ByteBuffer.
+     * <P>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * <P>
+     * <p>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * </p>
+     * <p>
      * To avoid an extra copy, the implementation will attempt to return the
      * byte array backing the ByteBuffer.  If this is not possible, a
      * new byte array will be created.
+     * </p>
      */
     private byte [] getBytes(ByteBuffer bb) {
 …
      * Encode the <i>aBuffer</i> ByteBuffer and write the encoded
      * result to the OutputStream <i>aStream</i>.
+     * <P>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * <p>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * </p>
      */
     public void encode(ByteBuffer aBuffer, OutputStream aStream)
 …
      * A 'streamless' version of encode that simply takes a ByteBuffer
      * and returns a string containing the encoded buffer.
+     * <P>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * <p>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * </p>
      */
     public String encode(ByteBuffer aBuffer) {
 …
      * Encode the <i>aBuffer</i> ByteBuffer and write the encoded
      * result to the OutputStream <i>aStream</i>.
+     * <P>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * <p>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * </p>
      */
     public void encodeBuffer(ByteBuffer aBuffer, OutputStream aStream)
 …
      * A 'streamless' version of encode that simply takes a ByteBuffer
      * and returns a string containing the encoded buffer.
+     * <P>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * <p>
+     * The ByteBuffer's position will be advanced to ByteBuffer's limit.
+     * </p>
      */
     public String encodeBuffer(ByteBuffer aBuffer) {

trunk/icedtea-web/netx/net/sourceforge/nanoxml/XMLElement.java

-              r418
+              r429
 import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 /**
  * XMLElement is a representation of an XML object. The object is able to parse
  * XML code.
  * <P><DL>
  * <DT><B>Parsing XML Data</B></DT>
  * <DD>
+ * <p><dl>
+ * <dt><b>Parsing XML Data</b></dt>
+ * <dd>
  * You can parse XML data using the following code:
  * <UL><CODE>
  * XMLElement xml = new XMLElement();<BR>
  * FileReader reader = new FileReader("filename.xml");<BR>
  * xml.parseFromReader(reader);
  * </CODE></UL></DD></DL>
  * <DL><DT><B>Retrieving Attributes</B></DT>
  * <DD>
+ * <pre>{@code
+ *XMLElement xml = new XMLElement();
+ *FileReader reader = new FileReader("filename.xml");
+ *xml.parseFromReader(reader);
+ *}</pre></dd></dl>
+ * <dl><dt><b>Retrieving Attributes</b></dt>
+ * <dd>
  * You can enumerate the attributes of an element using the method
  * {@link #enumerateAttributeNames() enumerateAttributeNames}.
 …
  * {@link #getAttribute(java.lang.String) getAttribute}.
  * The following example shows how to list the attributes of an element:
+ * <UL><CODE>
+ * XMLElement element = ...;<BR>
+ * Enumeration enum = element.enumerateAttributeNames();<BR>
+ * while (enum.hasMoreElements()) {<BR>
+ * &nbsp;&nbsp;&nbsp;&nbsp;String key = (String) enum.nextElement();<BR>
+ * &nbsp;&nbsp;&nbsp;&nbsp;String value = (String) element.getAttribute(key);<BR>
+ * &nbsp;&nbsp;&nbsp;&nbsp;System.out.println(key + " = " + value);<BR>
+ * }
+ * </CODE></UL></DD></DL>
+ * <DL><DT><B>Retrieving Child Elements</B></DT>
+ * <DD>
+ * <pre>{@code
+ *XMLElement element = ...;
+ *Enumeration enum = element.enumerateAttributeNames();
+ *while (enum.hasMoreElements()) {
+ *    String key = (String) enum.nextElement();
+ *    String value = (String) element.getAttribute(key);
+ *    System.out.println(key + " = " + value);
+ *}}</pre></dd></dl>
+ * <dl><dt><b>Retrieving Child Elements</b></dt>
+ * <dd>
  * You can enumerate the children of an element using
  * {@link #enumerateChildren() enumerateChildren}.
  * The number of child elements can be retrieved using
  * {@link #countChildren() countChildren}.
  * </DD></DL>
  * <DL><DT><B>Elements Containing Character Data</B></DT>
  * <DD>
+ * </dd></dl>
+ * <dl><dt><b>Elements Containing Character Data</b></dt>
+ * <dd>
  * If an elements contains character data, like in the following example:
+ * <UL><CODE>
+ * &lt;title&gt;The Title&lt;/title&gt;
+ * </CODE></UL>
+ * <pre>{@code <title>The Title</title>}</pre>
  * you can retrieve that data using the method
  * {@link #getContent() getContent}.
  * </DD></DL>
  * <DL><DT><B>Subclassing XMLElement</B></DT>
  * <DD>
+ * </dd></dl>
+ * <dl><dt><b>Subclassing XMLElement</b></dt>
+ * <dd>
  * When subclassing XMLElement, you need to override the method
  * {@link #createAnotherElement() createAnotherElement}
  * which has to return a new copy of the receiver.
  * </DD></DL>
  * <P>
+ * </dd></dl>
+ * </p>
+ *
  * @see net.sourceforge.nanoxml.XMLParseException
 …
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li>The field can be empty.
      *     <li>The field is never <code>null</code>.
      *     <li>The keys and the values are strings.
+     * <ul><li>The field can be empty.</li>
+     *     <li>The field is never {@code null}.</li>
+     *     <li>The keys and the values are strings.</li>
      * </ul></dd></dl>
      */
 …
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li>The field can be empty.
      *     <li>The field is never <code>null</code>.
      *     <li>The elements are instances of <code>XMLElement</code>
      *         or a subclass of <code>XMLElement</code>.
+     * <ul><li>The field can be empty.</li>
+     *     <li>The field is never {@code null}.</li>
+     *     <li>The elements are instances of {@code XMLElement}
+     *         or a subclass of {@code XMLElement}.</li>
      * </ul></dd></dl>
      */
 …
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li>The field is <code>null</code> iff the element is not
      *         initialized by either parse or setName.
      *     <li>If the field is not <code>null</code>, it's not empty.
      *     <li>If the field is not <code>null</code>, it contains a valid
      *         XML identifier.
+     * <ul><li>The field is {@code null} iff the element is not
+     *         initialized by either parse or {@link #setName setName()}.</li>
+     *     <li>If the field is not {@code null}, it's not empty.</li>
+     *     <li>If the field is not {@code null}, it contains a valid
+     *         XML identifier.</li>
      * </ul></dd></dl>
      */
 …
     /**
      * The #PCDATA content of the object.
+     * The {@code #PCDATA} content of the object.
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li>The field is <code>null</code> iff the element is not a
      *         #PCDATA element.
      *     <li>The field can be any string, including the empty string.
+     * <ul><li>The field is {@code null} iff the element is not a
+     *         {@code #PCDATA} element.</li>
+     *     <li>The field can be any string, including the empty string.</li>
      * </ul></dd></dl>
      */
 …
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li>The field is never <code>null</code>.
+     * <ul><li>The field is never {@code null}.</li>
      *     <li>The field always contains the following associations:
      *         "lt"&nbsp;=&gt;&nbsp;"&lt;", "gt"&nbsp;=&gt;&nbsp;"&gt;",
      *         "quot"&nbsp;=&gt;&nbsp;"\"", "apos"&nbsp;=&gt;&nbsp;"'",
      *         "amp"&nbsp;=&gt;&nbsp;"&amp;"
      *     <li>The keys are strings
      *     <li>The values are char arrays
+     *         "amp"&nbsp;=&gt;&nbsp;"&amp;"</li>
+     *     <li>The keys are strings</li>
+     *     <li>The values are char arrays</li>
      * </ul></dd></dl>
      */
 …
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li><code>lineNr &gt= 0</code>
+     * <ul><li>{@code lineNr >= 0}</li>
      * </ul></dd></dl>
      */
 …
     /**
      * <code>true</code> if the case of the element and attribute names
      * are case insensitive.
+     * {@code true} if the case of the element and attribute names are case
+     * insensitive.
      */
     private boolean ignoreCase;
     /**
      * <code>true</code> if the leading and trailing whitespace of #PCDATA
+     * {@code true} if the leading and trailing whitespace of {@code #PCDATA}
      * sections have to be ignored.
      */
 …
     /**
      * Character read too much.
+     * Character read too much.<br/>
      * This character provides push-back functionality to the input reader
      * without having to use a PushbackReader.
      * If there is no such character, this field is '\0'.
+     * If there is no such character, this field is {@code '\0'}.
      */
     private char charReadTooMuch;
 …
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li>The field is not <code>null</code> while the parse method
      *         is running.
+     * <ul><li>The field is not {@code null} while the parse method is
+     *         running.</li>
      * </ul></dd></dl>
      */
 …
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li>parserLineNr &gt; 0 while the parse method is running.
+     * <ul><li>parserLineNr &gt; 0 while the parse method is running.</li>
      * </ul></dd></dl>
      */
 …
     /**
      * Creates and initializes a new XML element.
+     * Creates and initializes a new XML element.<br/>
      * Calling the construction is equivalent to:
+     * <ul><code>new XMLElement(new Hashtable(), false, true)
+     * </code></ul>
+     * <ul><li>{@code new XMLElement(new Hashtable(), false, true)}</li></ul>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
+     * <ul><li>countChildren() => 0
+     *     <li>enumerateChildren() => empty enumeration
+     *     <li>enumeratePropertyNames() => empty enumeration
+     *     <li>getChildren() => empty vector
+     *     <li>getContent() => ""
+     *     <li>getLineNr() => 0
+     *     <li>getName() => null
+     * </ul></dd></dl>
+     *
+     * <ul><li>{@linkplain #countChildren} =&gt; 0</li>
+     *     <li>{@linkplain #enumerateChildren} =&gt; empty enumeration</li>
+     *     <li>enumeratePropertyNames() =&gt; empty enumeration</li>
+     *     <li>getChildren() =&gt; empty vector</li>
+     *     <li>{@linkplain #getContent} =&gt; ""</li>
+     *     <li>{@linkplain #getLineNr} =&gt; 0</li>
+     *     <li>{@linkplain #getName} =&gt; null</li>
+     * </ul></dd></dl>
      */
     public XMLElement() {
 …
     /**
      * Creates and initializes a new XML element.
+     * <P>
+     * This constructor should <I>only</I> be called from
+     * {@link #createAnotherElement() createAnotherElement}
+     * to create child elements.
+     * <p>
+     * This constructor should <i>only</i> be called from
+     * {@link #createAnotherElement} to create child elements.
+     *
      * @param entities
      *     The entity conversion table.
      * @param skipLeadingWhitespace
      *     <code>true</code> if leading and trailing whitespace in PCDATA
+     *     {@code true} if leading and trailing whitespace in PCDATA
      *     content has to be removed.
      * @param fillBasicConversionTable
      *     <code>true</code> if the basic entities need to be added to
+     *     {@code true} if the basic entities need to be added to
      *     the entity list (client code calling this constructor).
      * @param ignoreCase
      *     <code>true</code> if the case of element and attribute names have
+     *     {@code true} if the case of element and attribute names have
      *     to be ignored.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>entities != null</code>
      *     <li>if <code>fillBasicConversionTable == false</code>
      *         then <code>entities</code> contains at least the following
      *         entries: <code>amp</code>, <code>lt</code>, <code>gt</code>,
      *         <code>apos</code> and <code>quot</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code entities != null}</li>
+     *     <li>if {@code fillBasicConversionTable == false}
+     *         then {@code entities} contains at least the following
+     *         entries: {@code amp}, {@code lt}, {@code gt}, {@code apos} and
+     *         {@code quot}</li>
      * </ul></dd></dl>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
+     * <ul><li>countChildren() => 0
+     *     <li>enumerateChildren() => empty enumeration
+     *     <li>enumeratePropertyNames() => empty enumeration
+     *     <li>getChildren() => empty vector
+     *     <li>getContent() => ""
+     *     <li>getLineNr() => 0
+     *     <li>getName() => null
+     * </ul></dd></dl><dl>
+     *
+     * <ul><li>{@linkplain #countChildren} =&gt; 0</li>
+     *     <li>{@linkplain #enumerateChildren} =&gt; empty enumeration</li>
+     *     <li>enumeratePropertyNames() =&gt; empty enumeration</li>
+     *     <li>getChildren() =&gt; empty vector</li>
+     *     <li>{@linkplain #getContent} =&gt; ""</li>
+     *     <li>{@linkplain #getLineNr} =&gt; 0</li>
+     *     <li>{@linkplain #getName} =&gt; null</li>
+     * </ul></dd></dl>
      */
     protected XMLElement(Hashtable<String, char[]> entities,
 …
      *     The child element to add.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>child != null</code>
      *     <li><code>child.getName() != null</code>
      *     <li><code>child</code> does not have a parent element
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code child != null}</li>
+     *     <li>{@code child.getName() != null}</li>
+     *     <li>{@code child} does not have a parent element</li>
      * </ul></dd></dl>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
+     * <ul><li>countChildren() => old.countChildren() + 1
+     *     <li>enumerateChildren() => old.enumerateChildren() + child
+     *     <li>getChildren() => old.enumerateChildren() + child
+     * </ul></dd></dl><dl>
+     * <ul><li>{@linkplain #countChildren} =&gt; old.countChildren() + 1</li>
+     *     <li>{@linkplain #enumerateChildren} =&gt; old.enumerateChildren()
+               + child</li>
+     *     <li>getChildren() =&gt; old.enumerateChildren() + child</li>
+     * </ul></dd></dl>
+     *
      */
 …
      *     The value of the attribute.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>name != null</code>
      *     <li><code>name</code> is a valid XML identifier
      *     <li><code>value != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code name != null}</li>
+     *     <li>{@code name} is a valid XML identifier</li>
+     *     <li>{@code value != null}</li>
      * </ul></dd></dl>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
      * <ul><li>enumerateAttributeNames()
      *         => old.enumerateAttributeNames() + name
      *     <li>getAttribute(name) => value
      * </ul></dd></dl><dl>
+     *
+     * <ul><li>{@linkplain #enumerateAttributeNames}
+     *         =&gt; old.enumerateAttributeNames() + name</li>
+     *     <li>{@linkplain #getAttribute(java.lang.String) getAttribute(name)}
+     *         =&gt; value</li>
+     * </ul></dd></dl>
      */
     public void setAttribute(String name,
 …
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
+     * <ul><li><code>result >= 0</code>
+     * </ul></dd></dl>
+     *
+     * <ul><li>{@code result >= 0}</li>
+     * </ul></dd></dl>
      */
     public int countChildren() {
 …
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
+     * <ul><li><code>result != null</code>
+     * </ul></dd></dl>
+     *
+     */
+    public Enumeration enumerateAttributeNames() {
+     * <ul><li>{@code result != null}</li>
+     * </ul></dd></dl>
+     */
+    public Enumeration<String> enumerateAttributeNames() {
         return this.attributes.keys();
+    }
 …
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
+     * <ul><li><code>result != null</code>
+     * </ul></dd></dl>
+     *
+     */
+    public Enumeration enumerateChildren() {
+     * <ul><li>{@code result != null}</li>
+     * </ul></dd></dl>
+     */
+    public Enumeration<XMLElement> enumerateChildren() {
         return this.children.elements();
+    }
 …
     /**
      * Returns the PCDATA content of the object. If there is no such content,
+     * <CODE>null</CODE> is returned.
+     *
+     * {@code null} is returned.
      */
     public String getContent() {
 …
     /**
      * Returns the line nr in the source data on which the element is found.
      * This method returns <code>0</code> there is no associated source data.
+     * This method returns {@code 0} there is no associated source data.
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
      * <ul><li><code>result >= 0</code>
+     * <ul><li>{@code result >= 0}</li>
      * </ul></dd></dl>
      */
 …
     /**
      * Returns an attribute of the element.
      * If the attribute doesn't exist, <code>null</code> is returned.
+     * Returns an attribute of the element.<br/>
+     * If the attribute doesn't exist, {@code null} is returned.
+     *
      * @param name The name of the attribute.
+     *
+     * </dl><dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li><code>name != null</code>
+     *     <li><code>name</code> is a valid XML identifier
+     * </ul></dd></dl><dl>
+     *
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code name != null}</li>
+     *     <li>{@code name} is a valid XML identifier</li>
+     * </ul></dd></dl>
      */
     public Object getAttribute(String name) {
 …
     /**
      * Returns the name of the element.
+     *
+     * @return this {@code XMLElement} object's name
      */
     public String getName() {
 …
     /**
      * Reads one XML element from a java.io.Reader and parses it.
+     * Reads one XML element from a {@link java.io.Reader} and parses it.
+     *
      * @param reader
      *     The reader from which to retrieve the XML data.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>reader != null</code>
      *     <li><code>reader</code> is not closed
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code reader != null}</li>
+     *     <li>{@code reader} is not closed</li>
      * </ul></dd></dl>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
      * <ul><li>the state of the receiver is updated to reflect the XML element
      *         parsed from the reader
+     *         parsed from the reader</li>
      *     <li>the reader points to the first character following the last
      *         '&gt;' character of the XML element
      * </ul></dd></dl><dl>
+     *         {@code '&gt;'} character of the XML element</li>
+     * </ul></dd></dl>
+     *
      * @throws java.io.IOException
 …
      *     The line number of the first line in the data.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>reader != null</code>
      *     <li><code>reader</code> is not closed
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code reader != null}</li>
+     *     <li>{@code reader} is not closed</li>
      * </ul></dd></dl>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
      * <ul><li>the state of the receiver is updated to reflect the XML element
      *         parsed from the reader
+     *         parsed from the reader</li>
      *     <li>the reader points to the first character following the last
      *         '&gt;' character of the XML element
      * </ul></dd></dl><dl>
+     *         {@code '&gt;'} character of the XML element</li>
+     * </ul></dd></dl>
+     *
      * @throws java.io.IOException
 …
     /**
      * Creates a new similar XML element.
      * <P>
+     * <p>
      * You should override this method when subclassing XMLElement.
+     * </p>
      */
     protected XMLElement createAnotherElement() {
 …
      *     The new name.
+     *
+     * </dl><dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li><code>name != null</code>
+     *     <li><code>name</code> is a valid XML identifier
+     * </ul></dd></dl>
+     *
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li{@code name != null}</li>
+     *     <li>{@code name} is a valid XML identifier</li>
+     * </ul></dd></dl>
      */
     public void setName(String name) {
 …
      *     The buffer in which the scanned identifier will be put.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>result != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code result != null}</li>
      *     <li>The next character read from the reader is a valid first
      *         character of an XML identifier.
+     *         character of an XML identifier.</li>
      * </ul></dd></dl>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
      * <ul><li>The next character read from the reader won't be an identifier
      *         character.
      * </ul></dd></dl><dl>
+     *         character.</li>
+     * </ul></dd></dl>
      */
     protected void scanIdentifier(StringBuffer result)
 …
     /**
      * This method scans an identifier from the current reader.
      * The scanned whitespace is appended to <code>result</code>.
+     * This method scans an identifier from the current reader.<br/>
+     * The scanned whitespace is appended to {@code result}.
+     *
      * @return the next character following the whitespace.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>result != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code result != null}</li>
      * </ul></dd></dl>
      */
 …
     /**
+     * This method scans a delimited string from the current reader.
+     * The scanned string without delimiters is appended to
+     * <code>string</code>.
+     *
+     * </dl><dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li><code>string != null</code>
+     *     <li>the next char read is the string delimiter
+     * This method scans a delimited string from the current reader.<br/>
+     * The scanned string without delimiters is appended to {@code string}.
+     *
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code string != null}</li>
+     *     <li>the next char read is the string delimiter</li>
      * </ul></dd></dl>
      */
 …
     /**
+     * Scans a #PCDATA element. CDATA sections and entities are resolved.
+     * The next &lt; char is skipped.
+     * The scanned data is appended to <code>data</code>.
+     *
+     * </dl><dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li><code>data != null</code>
+     * Scans a {@code #PCDATA} element. CDATA sections and entities are
+     * resolved.<br/>
+     * The next &lt; char is skipped.<br/>
+     * The scanned data is appended to {@code data}.
+     *
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code data != null}</li>
      * </ul></dd></dl>
      */
 …
     /**
      * Scans a special tag and if the tag is a CDATA section, append its
      * content to <code>buf</code>.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>buf != null</code>
      *     <li>The first &lt; has already been read.
+     * content to {@code buf}.
+     *
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code buf != null}</li>
+     *     <li>The first &lt; has already been read.</li>
      * </ul></dd></dl>
      */
 …
      * Skips a comment.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li>The first &lt;!-- has already been read.
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>The first &lt;!-- has already been read.</li>
      * </ul></dd></dl>
      */
 …
      *                     already been read.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li>The first &lt;! has already been read.
      *     <li><code>bracketLevel >= 0</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>The first &lt;! has already been read.</li>
+     *     <li>{@code bracketLevel &gt;= 0}</li>
      * </ul></dd></dl>
      */
 …
     /**
      * Scans the data for literal text.
+     * Scans the data for literal text.<br/>
      * Scanning stops when a character does not match or after the complete
      * text has been checked, whichever comes first.
 …
      * @param literal the literal to check.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>literal != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code literal != null}</li>
      * </ul></dd></dl>
      */
 …
      * @param elt The element that will contain the result.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li>The first &lt; has already been read.
      *     <li><code>elt != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>The first &lt; has already been read.</li>
+     *     <li>{@code elt != null}</li>
      * </ul></dd></dl>
      */
 …
     /**
      * Resolves an entity. The name of the entity is read from the reader.
      * The value of the entity is appended to <code>buf</code>.
+     * Resolves an entity. The name of the entity is read from the reader.<br/>
+     * The value of the entity is appended to {@code buf}.
+     *
      * @param buf Where to put the entity value.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li>The first &amp; has already been read.
      *     <li><code>buf != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>The first &amp; has already been read.</li>
+     *     <li>{@code buf != null}</li>
      * </ul></dd></dl>
      */
 …
      * @param ch The character to push back.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li>The read-back buffer is empty.
      *     <li><code>ch != '\0'</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>The read-back buffer is empty.</li>
+     *     <li>{@code ch != '\0'}</li>
      * </ul></dd></dl>
      */
 …
      * @param name The name of the entity.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>name != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code name != null}</li>
      * </ul></dd></dl>
      */
 …
      * @param value The value of the entity.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>name != null</code>
      *     <li><code>value != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code name != null}</li>
+     *     <li>{@code value != null}</li>
      * </ul></dd></dl>
      */
 …
      * @param context The context in which the error occured.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>context != null</code>
      *     <li><code>context.length() &gt; 0</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code context != null}</li>
+     *     <li>{@code context.length() &gt; 0}</li>
      * </ul></dd></dl>
      */
 …
      *                expected.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>charSet != null</code>
      *     <li><code>charSet.length() &gt; 0</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code charSet != null}</li>
+     *     <li>{@code charSet.length() &gt; 0}</li>
      * </ul></dd></dl>
      */
 …
      *                expected.
      * @param ch The character that was received instead.
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>charSet != null</code>
      *     <li><code>charSet.length() &gt; 0</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code charSet != null}</li>
+     *     <li>{@code charSet.length() &gt; 0}</li>
      * </ul></dd></dl>
      */
 …
      * @param name The name of the entity.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>name != null</code>
      *     <li><code>name.length() &gt; 0</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code name != null}</li>
+     *     <li>{@code name.length() &gt; 0}</li>
      * </ul></dd></dl>
      */
 …
      * xml code.
+     *
      * @param isr The reader of the InputStream containing the xml.
      * @param pout The PipedOutputStream that will be receiving the filtered
      *             xml file.
+     * @param isr The reader of the {@link InputStream} containing the xml.
+     * @param pout The {@link PipedOutputStream} that will be receiving the
+     *             filtered xml file.
      */
     public void sanitizeInput(Reader isr, OutputStream pout) {
 …
                     if (JNLPRuntime.isDebug()) {
                         if (ch == 10) {
                             System.out.println();
                             System.out.print("line: " + newline + " ");
+                            OutputController.getLogger().printOutLn("");
+                            OutputController.getLogger().printOut("line: " + newline + " ");
                             newline++;
                         } else {
                             System.out.print(ch);
+                            OutputController.getLogger().printOut(ch+"");
+                        }
+                    }
 …
                             this.sanitizeCharReadTooMuch = ch;
                             if (JNLPRuntime.isDebug()) {
                                 System.out.print('<');
                                 System.out.print('!');
                                 System.out.print('-');
+                                OutputController.getLogger().printOut("<");
+                                OutputController.getLogger().printOut("!");
+                                OutputController.getLogger().printOut("-");
+                            }
+                        }
 …
                         this.sanitizeCharReadTooMuch = ch;
                         if (JNLPRuntime.isDebug()) {
                             System.out.print('<');
                             System.out.print('!');
+                              OutputController.getLogger().printOut("<");
+                              OutputController.getLogger().printOut("!");
+                        }
+                    }
 …
                     if (JNLPRuntime.isDebug()) {
                         if (ch == 10) {
                             System.out.println();
                             System.out.print("line: " + newline + " ");
+                            OutputController.getLogger().printOutLn("");
+                            OutputController.getLogger().printOut("line: " + newline + " ");
                             newline++;
                         } else {
                             System.out.print(ch);
+                            OutputController.getLogger().printOut(ch+"");
+                        }
+                    }
 …
             // Print the stack trace here -- xml.parseFromReader() will
             // throw the ParseException if something goes wrong.
             e.printStackTrace();
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, e);
+        }
+    }

trunk/icedtea-web/netx/net/sourceforge/nanoxml/XMLParseException.java

-              r348
+              r429
  * An XMLParseException is thrown when an error occures while parsing an XML
  * string.
  * <P>
  * $Revision: 1.1 $<BR>
  * $Date: 2002/08/03 04:05:32 $<P>
+ * <p>
+ * $Revision: 1.1 $<br/>
+ * $Date: 2002/08/03 04:05:32 $</p>
+ *
  * @see net.sourceforge.nanoxml.XMLElement
 …
+     *
      * <dl><dt><b>Invariants:</b></dt><dd>
      * <ul><li><code>lineNr &gt 0 || lineNr == NO_LINE</code>
+     * <ul><li>{@code lineNr > 0 || lineNr == NO_LINE}
      * </ul></dd></dl>
      */
 …
      * @param message A message describing what went wrong.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>message != null</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code message != null}</li>
      * </ul></dd></dl>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
      * <ul><li>getLineNr() => NO_LINE
      * </ul></dd></dl><dl>
+     * <ul><li>{@code getLineNr() => NO_LINE}</li>
+     * </ul></dd></dl>
      */
     public XMLParseException(String name,
 …
      * @param message A message describing what went wrong.
+     *
      * </dl><dl><dt><b>Preconditions:</b></dt><dd>
      * <ul><li><code>message != null</code>
      *     <li><code>lineNr &gt; 0</code>
+     * <dl><dt><b>Preconditions:</b></dt><dd>
+     * <ul><li>{@code message != null}</li>
+     *     <li>{@code lineNr &gt; 0}</li>
      * </ul></dd></dl>
+     *
      * <dl><dt><b>Postconditions:</b></dt><dd>
      * <ul><li>getLineNr() => lineNr
      * </ul></dd></dl><dl>
+     * <ul><li>{@code getLineNr() => lineNr}</li>
+     * </ul></dd></dl>
      */
     public XMLParseException(String name,
 …
     /**
      * Where the error occurred, or <code>NO_LINE</code> if the line number is
+     * Where the error occurred, or {@code NO_LINE} if the line number is
      * unknown.
+     *
 …
         return this.lineNr;
+    }
+}

Context Navigation

Legend:

Download in other formats: