| [orbit-dev] Signing issues with commons.beanutils and commons.collections |
|
Hi all, the Stardust project is using the org.apache.commons.beanutils_1.8.0.v201205091237.jar and org.apache.commons.collections_3.2.0.v201005080500.jar bundles from the R20130118183705 Orbit repository. We’re deploying these
bundles into a web archive which is published to a Tomcat server. Unfortunately we get the following exception during the runtime: java.lang.SecurityException: class "org.apache.commons.collections.BeanMap"'s signer information does not match signer information of other classes in the same package at java.lang.ClassLoader.checkCerts(ClassLoader.java:806) at java.lang.ClassLoader.preDefineClass(ClassLoader.java:487) at java.lang.ClassLoader.defineClassCond(ClassLoader.java:625) at java.lang.ClassLoader.defineClass(ClassLoader.java:615) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141) If we remove the signing entries of the MANIFEST.MF files in both bundles the exception is no longer thrown. Has anyone a clue how we can fix that? The only solution which comes into my mind is either to upload new bundles without signing entries or to fix the signing information. Kind Regards, Sven |