Community
Participate
Working Groups
Created attachment 286714 [details] Error message when running Servlet on Eclipse 2021 06 on macOS 11.4 This bug report refers to the 2021-06 release of Eclipse and maybe specific to the MacOS operating system. I am running MacOS 11.4 I have a servlet project in my Eclipse IDE which has been unmodified for some time. I can use the "Run on Server" IDE command in Eclipse 2021-03 and my servlet runs as expected. When I upgraded to Eclipse 2021-06 I found that I was unable to run the Servlet using the exact same version of Java and Tomcat. I get this error :- Page load failed with error: The resource could not be loaded because the App Transport Security policy requires the use of a secure connection. see attached screen dump It should be noted that I can create a .war file, manually deploy it to the same Tomcat Server 9 and open the app in Safari without any problems. I has been suggested to me that this is possibly to do with the client "Eclipse Browser" rather than the server or servlet.
Created attachment 286715 [details] Screen dump in pdf format.
Unable to specify version as 2021-06 not in list
I am wondering if the version of Java bundled with Eclipse is relevant as Java 16 is now with 2021 06 I read this and thought it maybe related https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8202393
Likely requires changes to the process that creates the Info.plist file for the Platform and EPP packages in accordance with https://developer.apple.com/documentation/security/preventing_insecure_network_connections
Thank you David for the bug report. (In reply to Nitin Dahyabhai from comment #4) > Likely requires changes to the process that creates the Info.plist file for > the Platform and EPP packages in accordance with @Nitin - Please raise an additional issue against Eclipse platform for the SDK build to resolve this. I assume this means changing releng\org.eclipse.epp.config\macos\product.entitlements? Is this a change you know how to make? If so great, otherwise make EPP dependent on the platform one and we can follow their lead (hopefully someone there knows how to resolve this).
Just wondering how this issue is progressing. Thanks Dave
I think I have the solution for you. I watched this YouTube video https://www.youtube.com/watch?v=oMlCF2dGlAY Then I made the change by using "Show Package Contents" from finder and then editing the existing Info.plist with the Apple Xcode app. You have to have run Eclipse at least once before making the change. Afterwards my Info.plist looks like this :- The "NSAllowsArbitraryLoads" is the new bit. <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>NSRequiresAquaSystemAppearance</key> <true/> <key>CFBundleExecutable</key> <string>eclipse</string> <key>CFBundleGetInfoString</key> <string>Eclipse 4.21 for Mac OS X, Copyright IBM Corp. and others 2002, 2021. All rights reserved.</string> <key>CFBundleIconFile</key> <string>Eclipse.icns</string> <key>CFBundleIdentifier</key> <string>org.eclipse.platform.ide</string> <key>CFBundleInfoDictionaryVersion</key> <string>6.0</string> <key>CFBundleName</key> <string>Eclipse</string> <key>CFBundlePackageType</key> <string>APPL</string> <key>CFBundleShortVersionString</key> <string>4.21.0</string> <key>CFBundleSignature</key> <string>????</string> <key>CFBundleVersion</key> <string>4.21.0.I20210906-0500</string> <key>NSHighResolutionCapable</key> <true/> <key>CFBundleDevelopmentRegion</key> <string>English</string> <key>Eclipse</key> <array> <string>-keyring</string> <string>~/.eclipse_keyring</string> </array> <key>CFBundleDisplayName</key> <string>Eclipse</string> <key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict> </dict> </plist>
It seems I was a little hasty. It does work for a while and then maybe after logging in and out again it says that either the app is damaged or I don't have permissions to run it. Back to the drawing board. Could really use a workaround at this point.
(In reply to Jonah Graham from comment #5) > @Nitin - > > Please raise an additional issue against Eclipse platform for the SDK build > to resolve this. @Nitin - did anything happen on the platform side that we can learn from in EPP?
(In reply to Jonah Graham from comment #9) Just the existence of bug 568749 and bug 567130, the former mentioning that modifying the Info.plist before signing might be the only solution.
I did seem to work for a while - I asked Finder to show the contents of the Eclipse package and then opened the plist file with Xcode - following the method in the Youtube video. I was able to run the Servlet without the error. I suspect once I had unmounted the image file the app became unusable. I probably broke the "signing" of the file. Dave
(In reply to Nitin Dahyabhai from comment #10) > (In reply to Jonah Graham from comment #9) > Just the existence of bug 568749 and bug 567130, the former mentioning that > modifying the Info.plist before signing might be the only solution. Is there any possibility of testing version of 2021 09 "Eclipse IDE for Enterprise Java and Web Developers" version with the additional plist permission as it's blocking me from running and debugging at the moment. Many thanks Dave
Bug 568749 seems quite on point. I have added that to the depends on list. I don't think the packages can/should make this change unless Eclipse SDK also does.
(In reply to Jonah Graham from comment #13) > Bug 568749 seems quite on point. I have added that to the depends on list. > > I don't think the packages can/should make this change unless Eclipse SDK > also does. I'm sorry I don't understand what you mean. All I know is that is works with 2021 03 release of Eclipse and does not work with 2021 06 / 09 releases. I assume something changed within Eclipse Dave
(In reply to Jonah Graham from comment #13) > Bug 568749 seems quite on point. I have added that to the depends on list. > > I don't think the packages can/should make this change unless Eclipse SDK > also does. I'm not involved in Eclipse development so could you explain what you meant above. Is this a problem we can overcome ? Dave
(In reply to Nitin Dahyabhai from comment #10) > (In reply to Jonah Graham from comment #9) > Just the existence of bug 568749 and bug 567130, the former mentioning that > modifying the Info.plist before signing might be the only solution. I have been trying every alternative I can think of using 2021 09 today including trying to get Eclipse webapp - Run on server to use https port 8443 but I don't think that is possible. I then configured my local Tomcat 9 server to use https and enabled remote debug - but I could not get that to work either - When I ran the remote debug from eclipse it said it could not connect to the VM. If someone could explain in (not too technical terms) what would be the issue with creating a new signed Eclipse app for MacOS with the plist modification I experimented with it would be appreciated. As it stands it looks like I simply cannot use the last 2 releases of Eclipse on a Mac for webapp development due to this issue. I have such a massive commitment to MacOS development tools I can't contemplate changing platform at this point. Dave
(In reply to David Garratt from comment #15) > (In reply to Jonah Graham from comment #13) > > Bug 568749 seems quite on point. I have added that to the depends on list. > > > > I don't think the packages can/should make this change unless Eclipse SDK > > also does. > > I'm not involved in Eclipse development so could you explain what you meant > above. Is this a problem we can overcome ? Sorry David - Comment #13 was directed at Eclipse developers/maintainers, not at you. Sorry for the confusion. (In reply to David Garratt from comment #16) > If someone could explain in (not too technical terms) what would be the > issue with creating a new signed Eclipse app for MacOS with the plist > modification I experimented with it would be appreciated. There is no issue, just that this bug isn't the correct place to ask. Bug 568749 is been raised in the right place with the team that can do something about it. Once they have done something, this bug is to make sure that what is delivered to you (the end user) has the fix too. As you can see from Bug 568749 Comment 17 it is not just us. --- However, to get back to your underlying issue, and see if we can get you running again. Can you confirm that connecting to the running webapp with Safari (external browser) is also not working? In Comment 0 you mentioned that if you run the War externally *and* access with Safari it works. But the unknown to me is if you run the War in Eclipse, but access with Safari does everything work ok? Finally, I have spun up a mac VM to reproduce your problem - I am not a mac user, and I don't do webapp development - but I actually don't know how to do what you are doing. Can you please provide a simple example?
The problem is specific to the IDE and the web app works perfectly if I manually deploy it to a independent Tomcat Server running on the same machine. I can connect to it using Safari OK. Within the IDE I have my webapp (servlet) project listed. I right click on it and select "Run on Server", it then displays a dialog box for me to confirm which tomcat server to run it on and I click ok. After about 1-2 seconds I get a dialog box appear and the message is displayed :- Page load failed with error: The resource could not be loaded because the App Transport Security policy requires the use of a secure connection. If I replicate the project into a new workspace which used Eclipse 2021.03 I can right click on the exact same project and select "Run on server" and follow the same steps. This time the webapp (servlet) runs fine and is displayed within a browser window within Eclipse. I did some research on the subject and found someone else who had the same error with another application and the solution for them is shown in the video. https://www.youtube.com/watch?v=oMlCF2dGlAY I then tried to apply it to Eclipse. Within Finder I selected the Eclipse.app and selected show contents. I found the file called Info.Plist and selected Open with Xcode (this is the Apple Dev environment which is free to download from the app store). I added the same settings and then tried Eclipse 2021.09 again and it worked. At this point I thought I had got a workaround. However after a logout and log back in again I found that the same program refused to run. I suspect the .app file has been signed and when I changed the file within it the signature became invalid and prevented it from being run. I am hoping that if the same setting can be applied in a proper "build" with valid signed file.
I have just recorded my screen showing the same webapp being run from Eclipse 2021.09 and then Eclipse 2021.03 https://www.screencast.com/t/CgXBXBuFlHQ See link. Java 11 and Apache Tomcat 9 for this specific project Dave
Hi David, In the 2021-09 part of the recording, when the internal web browser fails to connect, at that point can you connect from Safari? If so, perhaps changing the default to use the external browser will address your problem? Preferences -> General -> Web Browser and choose "Use external web browser"
As I understand it from my reading up on the Apple error message it's the OS blocking the connection to an insecure http connection rather than https. However that does not explain why the 2021 03 version of Eclipse works. It should be noted that the 2021 06 version does not work either. How would I tell Eclipse to use Safari rather than it's own built in browser ? I will prepare another video showing Safari for you. Dave
(In reply to David Garratt from comment #21) > How would I tell Eclipse to use Safari rather than it's own built in browser > ? (In reply to Jonah Graham from comment #20) > If so, perhaps changing the default to use the external browser will address > your problem? Preferences -> General -> Web Browser and choose "Use external > web browser"
(In reply to David Garratt from comment #21) > However that does not explain why the 2021 03 version of Eclipse works. In my experience macOS is a constantly changing target for security, e.g. some stuff that did not need to be signed so that we could notarize Eclipse started needing to be signed in 2021 otherwise notarization failed. I suspect the difference is related to that between 2021-03 and 2021-06/09. Either that, or a difference in JRE/JDKs (if you are using different ones for the two versions).
(In reply to Jonah Graham from comment #22) > (In reply to David Garratt from comment #21) > > How would I tell Eclipse to use Safari rather than it's own built in browser > > ? > > (In reply to Jonah Graham from comment #20) > > If so, perhaps changing the default to use the external browser will address > > your problem? Preferences -> General -> Web Browser and choose "Use external > > web browser" You're a 24 carrot life saver. I never knew you could change the browser. I did as you suggested and re-ran the test using 2021 09 and now it works. https://www.screencast.com/t/uqc5u9ue This gets me out of a hole. I will leave you to deliberate on the reason why its causing a problem with the Eclipse browser and what to do in future releases on MacOS. Boy have I spent some time on this reinstalling testing and so on. Can 2 versions of eclipse share the same source files if they have different workspaces pointing to the same physical source files ? I've been creating new workspaces for each version of eclipse and importing the files back and forth like a crazy person. Dave
(In reply to Jonah Graham from comment #23) > (In reply to David Garratt from comment #21) > > However that does not explain why the 2021 03 version of Eclipse works. > > In my experience macOS is a constantly changing target for security, e.g. > some stuff that did not need to be signed so that we could notarize Eclipse > started needing to be signed in 2021 otherwise notarization failed. > > I suspect the difference is related to that between 2021-03 and 2021-06/09. > > Either that, or a difference in JRE/JDKs (if you are using different ones > for the two versions). Each version of Eclipse does have it's own built in JDK but the project I am running in both Eclipse versions uses the same system JDK which is from the Zulu website. Dave
Glad to hear you got a workaround now. If Bug 568749 gets resolved then the internal browser may work again in your use case in future versions. The JDK/JRE that matters for this is the one that Eclipse is using (as that is the JDK hosting the internal browser). I normally use the same workspace when I upgrade my IDE. You can have the same project in multiple workspaces too - but I would avoid having them both open at the same time. Finally, Eclipse supports upgrading projects/workspaces to new versions, and normally you can open a newer project/workspace with an older version of Eclipse, but that is technically unsupported.
Dear all, I confirm the issue that it is currently impossible to use Eclipse 2021-09 internal web browser for web/servlet development on macOS 11.6 and that configuring the external browser as default browser fixes the problem. I am looking forward the resolution of Bug 568749 and will be happy to help testing potential fixes.
