perfSONAR User Q&A and Other Discussion

["Nickless, Bill" <>]

Good afternoon,

Please try running http://perfsonar-sef2.labworks.org:7123 (NDT) and 
http://perfsonar-sef2.labworks.org:8000 (NPAD).  Their associated applets are 
signed and should work with a stock client installation of current Oracle 
Java with default security settings.

This took four steps:

1. Modify the NDT and NPAD source RPMs to incorporate a "Permissions: 
sandbox" line in MANIFEST.MF.  (The NPAD tarball in the source RPM includes a 
precompiled DiagClient.jar file so by default it is never recompiled; fixing 
that took another small change to the .spec file %prep section.)

2. Have the resulting .jar files signed by someone at PNNL who went through 
the trouble and expense of securing an Extended Validation Java code signing 
certificate from Entrust.

3. Copy over /usr/ndt/Tcpbw100.jar and /var/lib/npad/DiagClient.jar with the 
signed .jar files.

4. Stop and restart the NDT and NPAD services.

I'm happy to share the modified NDT and NPAD source RPMs for (e.g.) peer 
review.  Just let me know.

Best regards,

Bill Nickless
Secure Cyber Systems
Pacific Northwest National Laboratory

+1 509 713 2455