20131222 (Sunday, 22 December 2013)

Converting Applet to Web Start application

Im IRC-Channel ##java ist es sogar verboten, über Applets zu reden. Und sie sagen auch warum: http://javachannel.net/wiki/pmwiki.php/FAQ/Applets

Also ich muss mal folgendes lesen: http://docs.oracle.com/javase/7/docs/technotes/guides/javaws

The official Migrating Java Applets to Java Web Start Applications does not help.

Here is a great document which finally explains all this in a disgestable way: Applets & Web Start Applications It helped me to understand:

  • in fact my “applet” was already a Web Start application because it had a jnlp_href attribute.
  • I had the <security><all-permissions /></security> element missing in my .jnlp file.

Thanks to author Chua Hock-Chuan.

This was also interesting: http://mindprod.com/jgloss/javawebstart.html#APPLETSVSJWS

More problems in The EIDReader applet

Sigh! Now that The EIDReader applet finally gets permission to run, I can see (again) the same problems I had ages ago: When reading a Belgian card, I get a ClassNotFoundException: be.fedict.eid.applet.service.Identity while my Estonian card produces a javax.smartcardio.CardException: connect() failed (caused by a SCARD_E_PROTO_MISMATCH).

ClassNotFoundException: be.fedict.eid.applet.service.Identity

This error comes when reading a Belgian card.

EIDReader.readCard()
Protocol: T=0
It's a Belgian card
BelgianReader() constructor started
identityData has been read
basic: JNLP2ClassLoader.findClass: be.fedict.eid.applet.service.Identity: try again ..
java.lang.NoClassDefFoundError: be/fedict/eid/applet/service/Identity
	at src.eidreader.BelgianReader.<init>(EIDReader.java:234)
	at src.eidreader.EIDReader$2.run(EIDReader.java:460)
	at src.eidreader.EIDReader$2.run(EIDReader.java:435)
	at java.security.AccessController.doPrivileged(Native Method)
	at src.eidreader.EIDReader.readCard(EIDReader.java:435)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.ClassNotFoundException: be.fedict.eid.applet.service.Identity
	at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
	at sun.plugin2.applet.JNLP2ClassLoader.findClass(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
	at java.lang.ClassLoader.loadClass(Unknown Source)
	... 25 more
cache: MemoryCache: removed entry file:/t:/applets/eidreader.jnlp
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
EIDReader.readCard()
javax.smartcardio.CardException: connect() failed
	at sun.security.smartcardio.TerminalImpl.connect(Unknown Source)
	at src.eidreader.EIDReader$2.run(EIDReader.java:450)
	at src.eidreader.EIDReader$2.run(EIDReader.java:435)
	at java.security.AccessController.doPrivileged(Native Method)
	at src.eidreader.EIDReader.readCard(EIDReader.java:435)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)
Caused by: sun.security.smartcardio.PCSCException: SCARD_E_PROTO_MISMATCH
	at sun.security.smartcardio.PCSC.SCardConnect(Native Method)
	at sun.security.smartcardio.CardImpl.<init>(Unknown Source)
	... 25 more

And this although jar -tf eid-applet-service.jar shows me that the class is contained.

Discovered JaNeLa who told me a few intersting things (none of which seems to be the cause):

JaNeLA Report - version 11.05.17


Report for file:/home/luc/hgwork/eid/applets/eidreader.jnlp

Content type application/xml does not equal expected type of application/x-java-jnlp-file
XML encoding not known, but declared as UTF-8
Codebase not specified.  Defaulting to file:/home/luc/hgwork/eid/applets/
Downloads can be optimized by specifying a resource size for 'EIDReader.jar'.
The resource download at EIDReader.jar can be optimized by removing the (default) value of download='eager'.
Lazy downloads might not work as expected for EIDReader.jar unless the download 'part' is specified. 
Downloads can be optimized by specifying a resource size for 'commons-logging.jar'.
The resource download at commons-logging.jar can be optimized by removing the (default) value of download='eager'.
The resource download at commons-logging.jar can be optimized by removing the (default) value of main='false'.
It might be possible to optimize the start-up of the app. by  specifying download='lazy' for the commons-logging.jar resource.
Lazy downloads might not work as expected for commons-logging.jar unless the download 'part' is specified. 
Downloads can be optimized by specifying a resource size for 'commons-codec.jar'.
The resource download at commons-codec.jar can be optimized by removing the (default) value of download='eager'.
The resource download at commons-codec.jar can be optimized by removing the (default) value of main='false'.
It might be possible to optimize the start-up of the app. by  specifying download='lazy' for the commons-codec.jar resource.
Lazy downloads might not work as expected for commons-codec.jar unless the download 'part' is specified. 
Downloads can be optimized by specifying a resource size for 'eid-applet-service.jar'.
The resource download at eid-applet-service.jar can be optimized by removing the (default) value of download='eager'.
The resource download at eid-applet-service.jar can be optimized by removing the (default) value of main='false'.
It might be possible to optimize the start-up of the app. by  specifying download='lazy' for the eid-applet-service.jar resource.
Lazy downloads might not work as expected for eid-applet-service.jar unless the download 'part' is specified. 




Content type application/xml does not equal expected type of application/x-java-jnlp-file

Maybe one of the jar manifest attributes?

Hm… Trusted-Library: true doesn’t seem to change anything, but with Trusted-Only: true it seems to fail later and reports an InvocationTargetException. The console traceback is now:

EIDReader.readCard()
basic: JNLP2ClassLoader.findClass: src.eidreader.EIDReader$2: try again ..
Protocol: T=0
basic: JNLP2ClassLoader.findClass: src.eidreader.BelgianReader: try again ..
It's a Belgian card
BelgianReader() constructor started
identityData has been read
basic: JNLP2ClassLoader.findClass: be.fedict.eid.applet.service.Identity: try again ..
basic: JNLP2ClassLoader.getPermissions()
security: Loading Deployment certificates from C:\Documents and Settings\Luc Saffre\Application Data\Sun\Java\Deployment\security\trusted.certs
security: Loaded Deployment certificates from C:\Documents and Settings\Luc Saffre\Application Data\Sun\Java\Deployment\security\trusted.certs
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: SHA-256Certificate finger print: F6AEE8639C23ED32D0B5FDB05064C93C9898452FDABBBC933FEE5F7BBCFAF4DB
security: SHA-256Certificate finger print: 178439CF1D0C81E7F3AEC4F1193C4884BEF139FE0A016016AA7E72177AE01419
security: SHA-256Certificate finger print: EBD41040E4BB3EC742C9E381D31EF2A41A48B6685C96E7CEF3C1DF6CD4331C99
security: Loading Root CA certificates from C:\Program Files\Java\jre7\lib\security\cacerts
security: Loaded Root CA certificates from C:\Program Files\Java\jre7\lib\security\cacerts
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
	at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
	at sun.plugin2.applet.JNLP2ClassLoader.findClass(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
	at java.lang.ClassLoader.loadClass(Unknown Source)
	at src.eidreader.BelgianReader.<init>(EIDReader.java:234)
	at src.eidreader.EIDReader$2.run(EIDReader.java:460)
	at src.eidreader.EIDReader$2.run(EIDReader.java:435)
	at java.security.AccessController.doPrivileged(Native Method)
	at src.eidreader.EIDReader.readCard(EIDReader.java:435)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	... 35 more
Caused by: java.lang.NullPointerException
	at sun.plugin2.applet.Plugin2ClassLoader.loadAllowedCodebases(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)
	at sun.plugin2.applet.JNLP2ClassLoader.getPermissions(Unknown Source)
	at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
	at java.security.SecureClassLoader.defineClass(Unknown Source)
	at java.net.URLClassLoader.defineClass(Unknown Source)
	... 39 more

Aha, the following combination gets it to work:

Trusted-Only: true
Trusted-Library: false

TODO:

  • If there is anybody here who can explain me why it works?! I guess that it has to do with the fact that the third-party jars do not have a Trusted-Library attribute…

  • The alert message seems to show only the first line of text “Reader: BE”, but in fact the remained is there, you can see it by scrolling down.

  • There is still a “Security Warning”:

    This web site is requesting access and control of the Java application shown above. Allow access only if you trust the web site and know that the application is intended to run on this site.

    Allow access to the following application from the web site?

    Yes / No / Help

    The message is irritating in that it does not mention any application neither “above” nor “following”.

javax.smartcardio.CardException: connect() failed

Now there is still the Estonian card:

This error comes when reading an Estonian card.

Java Plug-in 10.45.2.18
Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\Luc Saffre
----------------------------------------------------
c:   clear console window
f:   finalize objects on finalization queue
g:   garbage collect
h:   display this help message
l:   dump classloader list
m:   print memory usage
o:   trigger logging
q:   hide console
r:   reload policy configuration
s:   dump system and deployment properties
t:   dump thread list
v:   dump thread stack
x:   clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------
cache: Initialize resource manager: com.sun.deploy.cache.ResourceProviderImpl@a75e9f
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7
network: Created version ID: 2.2.45
temp: new XMLParser with source:
temp: <?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+">
<information>
    <title>EIDReader</title>
    <vendor>Code Gears / Rumma &amp; Ko</vendor>
    <offline-allowed/>
</information>
<security><all-permissions /></security>
<resources>
    <!-- Application Resources -->
    <j2se version="1.7+"
          href="http://java.sun.com/products/autodl/j2se"/>
    <jar href="EIDReader.jar" main="true" />
    <jar href="commons-logging.jar" download="lazy" main="false" />
    <jar href="commons-codec.jar" download="lazy" main="false" />
    <jar href="eid-applet-service.jar" download="lazy" main="false" />

</resources>
<applet-desc 
     name="EIDReader"
     main-class="src.eidreader.EIDReader"
     width="200"
     height="200">
 </applet-desc>
</jnlp>

temp: 

returning ROOT as follows:

<jnlp spec="1.0+">
  <information>
    <title>EIDReader</title>
    <vendor>Code Gears / Rumma & Ko</vendor>
    <offline-allowed/>
  </information>
  <security>
    <all-permissions/>
  </security>
  <resources>
    <j2se version="1.7+" href="http://java.sun.com/products/autodl/j2se"/>
    <jar href="EIDReader.jar" main="true"/>
    <jar href="commons-logging.jar" download="lazy" main="false"/>
    <jar href="commons-codec.jar" download="lazy" main="false"/>
    <jar href="eid-applet-service.jar" download="lazy" main="false"/>
  </resources>
  <applet-desc name="EIDReader" main-class="src.eidreader.EIDReader" width="200" height="200"/>
</jnlp>
temp: returning LaunchDesc from XMLFormat.parse():

<jnlp spec="1.0+" codebase="file:/t:/applets/">
  <information>
    <title>EIDReader</title>
    <vendor>Code Gears / Rumma & Ko</vendor>
    <homepage href="null"/>
    <offline-allowed/>
  </information>
  <security>
    <all-permissions/>
  </security>
  <update check="timeout" policy="always"/>
  <resources>
    <java href="http://java.sun.com/products/autodl/j2se" version="1.7+"/>
    <jar href="file:/t:/applets/EIDReader.jar" download="eager" main="true"/>
    <jar href="file:/t:/applets/commons-logging.jar" download="lazy" main="false"/>
    <jar href="file:/t:/applets/commons-codec.jar" download="lazy" main="false"/>
    <jar href="file:/t:/applets/eid-applet-service.jar" download="lazy" main="false"/>
  </resources>
  <applet-desc name="EIDReader" main-class="src.eidreader.EIDReader" documentbase="file:/t:/applets/test_using_jnlp.html" width="200" height="200"/>
</jnlp>
network: ResponseCode for file:/t:/applets/eidreader.jnlp : 200
network: Encoding for file:/t:/applets/eidreader.jnlp : null
network: Server response: (length: 788, lastModified: Sun Dec 22 07:14:51 EET 2013, downloadVersion: null, mimeType: application/x-java-jnlp-file)
network: Downloading resource: file:/t:/applets/eidreader.jnlp
	Content-Length: 788
	Content-Encoding: null
network: Wrote URL file:/t:/applets/eidreader.jnlp to File C:\Documents and Settings\Luc Saffre\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\40\5cf1cde8-1880de83-temp
network: Downloaded file:/t:/applets/eidreader.jnlp: C:\Documents and Settings\Luc Saffre\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\40\5cf1cde8-1880de83
cache: Adding MemoryCache entry: file:/t:/applets/eidreader.jnlp
temp: new XMLParser with source:
temp: <?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+">
<information>
    <title>EIDReader</title>
    <vendor>Code Gears / Rumma &amp; Ko</vendor>
    <offline-allowed/>
</information>
<security><all-permissions /></security>
<resources>
    <!-- Application Resources -->
    <j2se version="1.7+"
          href="http://java.sun.com/products/autodl/j2se"/>
    <jar href="EIDReader.jar" main="true" />
    <jar href="commons-logging.jar" download="lazy" main="false" />
    <jar href="commons-codec.jar" download="lazy" main="false" />
    <jar href="eid-applet-service.jar" download="lazy" main="false" />

</resources>
<applet-desc 
     name="EIDReader"
     main-class="src.eidreader.EIDReader"
     width="200"
     height="200">
 </applet-desc>
</jnlp>

temp: 

returning ROOT as follows:

<jnlp spec="1.0+">
  <information>
    <title>EIDReader</title>
    <vendor>Code Gears / Rumma & Ko</vendor>
    <offline-allowed/>
  </information>
  <security>
    <all-permissions/>
  </security>
  <resources>
    <j2se version="1.7+" href="http://java.sun.com/products/autodl/j2se"/>
    <jar href="EIDReader.jar" main="true"/>
    <jar href="commons-logging.jar" download="lazy" main="false"/>
    <jar href="commons-codec.jar" download="lazy" main="false"/>
    <jar href="eid-applet-service.jar" download="lazy" main="false"/>
  </resources>
  <applet-desc name="EIDReader" main-class="src.eidreader.EIDReader" width="200" height="200"/>
</jnlp>
temp: returning LaunchDesc from XMLFormat.parse():

<jnlp spec="1.0+" codebase="file:/t:/applets/">
  <information>
    <title>EIDReader</title>
    <vendor>Code Gears / Rumma & Ko</vendor>
    <homepage href="null"/>
    <offline-allowed/>
  </information>
  <security>
    <all-permissions/>
  </security>
  <update check="timeout" policy="always"/>
  <resources>
    <java href="http://java.sun.com/products/autodl/j2se" version="1.7+"/>
    <jar href="file:/t:/applets/EIDReader.jar" download="eager" main="true"/>
    <jar href="file:/t:/applets/commons-logging.jar" download="lazy" main="false"/>
    <jar href="file:/t:/applets/commons-codec.jar" download="lazy" main="false"/>
    <jar href="file:/t:/applets/eid-applet-service.jar" download="lazy" main="false"/>
  </resources>
  <applet-desc name="EIDReader" main-class="src.eidreader.EIDReader" documentbase="file:/t:/applets/test_using_jnlp.html" width="200" height="200"/>
</jnlp>
basic: Plugin2ClassLoader.addURL2 called for file:/t:/applets/EIDReader.jar
basic: Plugin2ClassLoader.addURL2 called for file:/t:/applets/commons-logging.jar
basic: Plugin2ClassLoader.addURL2 called for file:/t:/applets/commons-codec.jar
basic: Plugin2ClassLoader.addURL2 called for file:/t:/applets/eid-applet-service.jar
basic: Plugin2ClassLoader.drainPendingURLs addURL called for file:/t:/applets/EIDReader.jar
basic: Plugin2ClassLoader.drainPendingURLs addURL called for file:/t:/applets/commons-logging.jar
basic: Plugin2ClassLoader.drainPendingURLs addURL called for file:/t:/applets/commons-codec.jar
basic: Plugin2ClassLoader.drainPendingURLs addURL called for file:/t:/applets/eid-applet-service.jar
security: Security check for progress jars: allSigned=true
network: LaunchDownload: concurrent downloads from LD: 4
network: Total size to download: -1
network: ResponseCode for file:/t:/applets/EIDReader.jar : 200
network: Encoding for file:/t:/applets/EIDReader.jar : null
network: Server response: (length: 14865, lastModified: Sun Dec 22 07:30:15 EET 2013, downloadVersion: null, mimeType: application/x-java-archive)
network: Downloading resource: file:/t:/applets/EIDReader.jar
	Content-Length: 14.865
	Content-Encoding: null
network: Wrote URL file:/t:/applets/EIDReader.jar to File C:\DOCUME~1\LUCSAF~1\LOCALS~1\Temp\jar_cache5878694946898381634.tmp
security: Blacklist revocation check is enabled
security: blacklist: created: NEED_LOAD, lastModified: 1387509960686
security: blacklist: check contains G/djOsvDOT3m8hknkXZwR0cp39V8J20en8W+5qfYb2A=, state now NEED_LOAD
security: blacklist: loadCache
security: blacklist: not  found in cache
security: Trusted libraries list check is enabled
security: Trusted libraries list file not found
security: blacklist: check contains G/djOsvDOT3m8hknkXZwR0cp39V8J20en8W+5qfYb2A=, state now IN_MEMORY
security: blacklist: not  found in cache
network: Downloaded file:/t:/applets/EIDReader.jar: C:\DOCUME~1\LUCSAF~1\LOCALS~1\Temp\jar_cache5878694946898381634.tmp
cache: Adding MemoryCache entry: file:/t:/applets/EIDReader.jar
network: Download Progress: jarsDone: 1
network: Created version ID: 1.7+
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7
network: Created version ID: 2.2.45
basic: LaunchDesc.selectJRE(false, false) returning selected jre: JREInfo for index 0:
    platform is: 1.7
    product is: 1.7.0_45
    location is: http://java.sun.com/products/autodl/j2se
    path is: C:\Program Files\Java\jre7\bin\javaw.exe
    args is: 
    native platform is: Windows, x86 [ x86, 32bit ]
    JavaFX runtime is: JavaFX 2.2.45 found at C:\Program Files\Java\jre7\
    enabled is: true
    registered is: true
    system is: true

basic: LaunchDesc location: file:/t:/applets/EIDReader.jarjnlp
security:  --- parseCommandLine converted : 
into:
[]
network: Created version ID: 1.0+
network: Created version ID: 7.0
security: Istrusted: null false
security: Loading Deployment certificates from C:\Documents and Settings\Luc Saffre\Application Data\Sun\Java\Deployment\security\trusted.certs
security: Loaded Deployment certificates from C:\Documents and Settings\Luc Saffre\Application Data\Sun\Java\Deployment\security\trusted.certs
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Loading blacklisted.certs file: C:\Documents and Settings\Luc Saffre\Application Data\Sun\Java\Deployment\security\blacklisted.certs
security: SHA-256Certificate finger print: F6AEE8639C23ED32D0B5FDB05064C93C9898452FDABBBC933FEE5F7BBCFAF4DB
security: SHA-256Certificate finger print: 178439CF1D0C81E7F3AEC4F1193C4884BEF139FE0A016016AA7E72177AE01419
security: SHA-256Certificate finger print: EBD41040E4BB3EC742C9E381D31EF2A41A48B6685C96E7CEF3C1DF6CD4331C99
security: Loading Root CA certificates from C:\Program Files\Java\jre7\lib\security\cacerts
security: Loaded Root CA certificates from C:\Program Files\Java\jre7\lib\security\cacerts
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: The OCSP support is enabled
security: The CRL support is enabled
security: Failing over to CRLs: Certificate does not specify OCSP responder
network: Connecting http://crl.globalsign.net/root.crl with proxy=DIRECT
network: Connecting http://crl.globalsign.net:80/ with proxy=DIRECT
network: Server http://crl.globalsign.net/root.crl requesting to set-cookie with "__cfduid=d3d8977ccb700a0f225fa9a82b636eaec1387691795037; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.globalsign.net; HttpOnly"
network: Connecting http://ocsp2.globalsign.com/gscodesigng2 with proxy=DIRECT
network: Connecting http://ocsp2.globalsign.com:80/ with proxy=DIRECT
network: Server http://ocsp2.globalsign.com/gscodesigng2 requesting to set-cookie with "__cfduid=d712224f71bb88e0a7db34ec803bb77e21387691795232; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.globalsign.com; HttpOnly"
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: passing security checks; secureArgs:true, allSigned:false
security:  --- parseCommandLine converted : 
into:
[]
basic: continuing launch in this VM
basic: JNLP2ClassLoader.getPermissions()
security: SHA-256Certificate finger print: F6AEE8639C23ED32D0B5FDB05064C93C9898452FDABBBC933FEE5F7BBCFAF4DB
security: SHA-256Certificate finger print: 178439CF1D0C81E7F3AEC4F1193C4884BEF139FE0A016016AA7E72177AE01419
security: SHA-256Certificate finger print: EBD41040E4BB3EC742C9E381D31EF2A41A48B6685C96E7CEF3C1DF6CD4331C99
security: JAVAWS AppPolicy Permission requested for: file:/t:/applets/EIDReader.jar
security: Istrusted: null false
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: F6AEE8639C23ED32D0B5FDB05064C93C9898452FDABBBC933FEE5F7BBCFAF4DB
security: SHA-256Certificate finger print: 178439CF1D0C81E7F3AEC4F1193C4884BEF139FE0A016016AA7E72177AE01419
security: SHA-256Certificate finger print: EBD41040E4BB3EC742C9E381D31EF2A41A48B6685C96E7CEF3C1DF6CD4331C99
security: The OCSP support is enabled
security: The CRL support is enabled
security: Failing over to CRLs: Certificate does not specify OCSP responder
network: Connecting http://ocsp2.globalsign.com/gscodesigng2 with proxy=DIRECT
network: Server http://ocsp2.globalsign.com/gscodesigng2 requesting to set-cookie with "__cfduid=d97700297c6e304515bec37ecc2c03f181387691795359; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.globalsign.com; HttpOnly"
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: JNLP2ClassLoader.getPermissions() X
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: F6AEE8639C23ED32D0B5FDB05064C93C9898452FDABBBC933FEE5F7BBCFAF4DB
security: SHA-256Certificate finger print: 178439CF1D0C81E7F3AEC4F1193C4884BEF139FE0A016016AA7E72177AE01419
security: SHA-256Certificate finger print: EBD41040E4BB3EC742C9E381D31EF2A41A48B6685C96E7CEF3C1DF6CD4331C99
security: The OCSP support is enabled
security: The CRL support is enabled
security: Failing over to CRLs: Certificate does not specify OCSP responder
network: Connecting http://ocsp2.globalsign.com/gscodesigng2 with proxy=DIRECT
network: Server http://ocsp2.globalsign.com/gscodesigng2 requesting to set-cookie with "__cfduid=dfb02a665c698637b94f43ca892b6aa681387691795436; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.globalsign.com; HttpOnly"
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
security: SSV validation:
    running: 1.7.0_45
    requested: null
    range: null
    javaVersionParam: null
    Rule Set version: null
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
security: continue with running version
basic: Applet loaded.
basic: Applet resized and added to parent container
basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 357185 us, pluginInit dt 2508852 us, TotalTime: 2866037 us
EIDReader initialized
basic: Applet initialized
basic: Starting applet
basic: completed perf rollup
basic: Applet made visible
basic: Applet started
basic: Told clients applet is started
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
EIDReader.readCard()
Protocol: T=0
It's a Belgian card
BelgianReader() constructor started
identityData has been read
basic: JNLP2ClassLoader.findClass: be.fedict.eid.applet.service.Identity: try again ..
java.lang.NoClassDefFoundError: be/fedict/eid/applet/service/Identity
	at src.eidreader.BelgianReader.<init>(EIDReader.java:234)
	at src.eidreader.EIDReader$2.run(EIDReader.java:460)
	at src.eidreader.EIDReader$2.run(EIDReader.java:435)
	at java.security.AccessController.doPrivileged(Native Method)
	at src.eidreader.EIDReader.readCard(EIDReader.java:435)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
	at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
	at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.ClassNotFoundException: be.fedict.eid.applet.service.Identity
	at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
	at sun.plugin2.applet.JNLP2ClassLoader.findClass(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
	at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
	at java.lang.ClassLoader.loadClass(Unknown Source)
	... 25 more

I’ll leave this open for now since I personally need to read only Belgian cards.