loading a signed JAR file using URLClassLoader

Felix Farkas (ff635@cs.utt.ro)
Sun, 17 May 1998 20:31:29 +0300 (EET DST)

Date: Sun, 17 May 1998 20:31:29 +0300 (EET DST)
From: Felix Farkas <ff635@cs.utt.ro>
To: java-security@web2.javasoft.com
Subject: loading a signed JAR file using URLClassLoader

Dear Sir,

I'm a beginner in Java security. So if this question is a stupid one i
appologize.
I try to make a small application which is using URLClassLoader to load a
class archivated in a signed Jar file. The application runs (manage to
load the class) but the URLClassLoader doesn't recognize that my class
comes from a signed archive.
I noticed this because the loaded classed belongs to a ProtectionDomain
which has no public keys associated with it. ( i used JDK1.2beta3 )

Thanks.

here is the source code of my application:

// TestLoader.java

import java.io.File;
import java.net.*;
import java.security.SecureClassLoader;

public class TestLoader {

public static void main(String[] args) {
new TestLoader(args);
}

public TestLoader(String[] args) {

URL[] saddress=new URL[1];
try{
saddress[0]=new URL("jar:http://www.cs.utt.ro/~ff636/Writer.jar!/");
}
catch(Exception e) {
e.printStackTrace();
System.exit(1);
}

URLClassLoader loader = null;
loader = new URLClassLoader(saddress);
Class testClass = null;

try {
String sir="Writer";
testClass = loader.loadClass(sir);
} catch(Exception ex) {
print("Loading missed");
ex.printStackTrace();
return;
}
try {
Runnable writer = (Runnable)testClass.newInstance();
writer.run();
} catch(Exception ex) {
print("Instantiation missed");
ex.printStackTrace();
}
}

private static void print(String text) {
System.out.println(text);
}
}