Problem :
Exception in thread "main" java.lang.SecurityException: Invalid signature file digest for Manifest main attributes
Solution :
You need to add the following to pom.xml:
search for your maven-shade-plugin under <plugin> </plugin>
The above configuration filters all files in META-INF ending with .SF, .DSA, and .RSA for all artifacts (*:*) when creating uber-jar file.
The reason java.lang.SecurityException is raised is because some dependency jar files are signed jar files. A jar file is signed by using jarsigner, which creates 2 additional files and places them in META-INF:
a signature file, with a .SF extension, and
a signature block file, with a .DSA, .RSA, or .EC extension.
Since the uber-jar file is created, the signatures and integrity of signed JAR files are no longer valid. When the uber-jar file is executed, java.lang.SecurityException is thrown.
Exception in thread "main" java.lang.SecurityException: Invalid signature file digest for Manifest main attributes
Solution :
You need to add the following to pom.xml:
search for your maven-shade-plugin under <plugin> </plugin>
POM.xml
1 2 3 4 5 6 7 8 9 10 11 12 | <configuration> <filters> <filter> <artifact>*:*</artifact> <excludes> <exclude>META-INF/*.SF</exclude> <exclude>META-INF/*.DSA</exclude> <exclude>META-INF/*.RSA</exclude> </excludes> </filter> </filters> </configuration> |
The above configuration filters all files in META-INF ending with .SF, .DSA, and .RSA for all artifacts (*:*) when creating uber-jar file.
The reason java.lang.SecurityException is raised is because some dependency jar files are signed jar files. A jar file is signed by using jarsigner, which creates 2 additional files and places them in META-INF:
a signature file, with a .SF extension, and
a signature block file, with a .DSA, .RSA, or .EC extension.
Since the uber-jar file is created, the signatures and integrity of signed JAR files are no longer valid. When the uber-jar file is executed, java.lang.SecurityException is thrown.
No comments:
Post a Comment