JOGL Support (JOGL2 that is)


#141
@normen said:

@Momoko_Fan : for the mentioned examples I'd like to have offscreen rendering still.



I'm looking for a test case using FBObject...



@normen said:

@gouessej : I can't get TÜR to give me output, even starting javaws from command line doesn't yield any.. It just doesn't seem to download, idk. But as said I am having issues with java anyway here :/



Ok so it is not specific to NEWT / JOGL 2.0. Sven said it should work fine even though he only has Mac OS X 10.7.5.



Edit.: the correct name of my game is T.U.E.R which is a play on words ("Truly Unusual Experience of Revolution" in English and "tuer" is a French word meaning "to kill"). It has nothing to do with the German word "die Tür" which means "the door" as far as I know (I studied German 10 years).


#142

@normen you need to do that:

Go to the System Preferences

Select Security & Privacy

Click the lock to make changes and authorise as an admin (if necessary)

Select "Allow applications downloaded from: Anywhere"


#143
@gouessej said:

Ok so it is not specific to NEWT / JOGL 2.0. Sven said it should work fine even though he only has Mac OS X 10.7.5.



Edit.: the correct name of my game is T.U.E.R which is a play on words ("Truly Unusual Experience of Revolution" in English and "tuer" is a French word meaning "to kill"). It has nothing to do with the German word "die Tür" which means "the door" as far as I know (I studied German 10 years).



I can run some applets and also webstart apps but its borked somehow (actually the whole way oracle now puts in its Java, but thats another story).



In german if you can't write "Ü" you write "UE", guess some agent on my computer thought he's smart and inserts an "Ü" for me :wink: Yeah, its "door".



@gouessej said:

@normen you need to do that:

Go to the System Preferences

Select Security & Privacy

Click the lock to make changes and authorise as an admin (if necessary)

Select "Allow applications downloaded from: Anywhere"



Are you kidding me? Are Oracle and Apple serious?? It doesn't work as a solution for me and it also should not be a solution ^^ You can always just start an app by right-clicking and selecting "open" to run insecure apps with a confirmation, no need to mess up the global security settings.


#144
@normen said:

I can run some applets and also webstart apps but its borked somehow (actually the whole way oracle now puts in its Java, but thats another story).



Oracle is going to kill Java client side except JavaFX.



@normen said:

In german if you can't write "Ü" you write "UE", guess some agent on my computer thought he's smart and inserts an "Ü" for me :wink: Yeah, its "door".



I know that :smile: Sven's last name contains a 'ö', he always writes it "oe".



@normen said:

Are you kidding me? Are Oracle and Apple serious?? It doesn't work as a solution for me and it also should not be a solution ^^ You can always just start an app by right-clicking and selecting "open" to run insecure apps with a confirmation, no need to mess up the global security settings.



It seems to be a new security "feature" of Mac OS X 10.8, it only accepts to run applications from App Store or using trusted certificates. Buying a Mac or an IPhone is a bit like buying a jail cell. I don't really want to buy such a certificate even though I respect Mac users.


#145
@gouessej said:

Oracle is going to kill Java client side except JavaFX.



I don't think so, I rather think it will become more of a library like the MSVC dll or things like that. I like the idea of distributing the JVM along with my app, as I outlined in this Ars Technica article: http://arstechnica.com/information-technology/2012/10/java-still-has-a-crucial-role-to-play-despite-security-risks/

They might kill swing/awt at some point in favor of JavaFX though, yes.



@gouessej said:

It seems to be a new security "feature" of Mac OS X 10.8, it only accepts to run applications from App Store or using trusted certificates. Buying a Mac or an IPhone is a bit like buying a jail cell. I don't really want to buy such a certificate even though I respect Mac users.



Like I said, this feature makes very much sense and you can decide to run any app the way I explained (right-click) even without having to disable these very nice protections. And they definitely should not prevent me from installing a java app via webstart..



Buying a windows PC is like buying the parts instead of buying a complete device, even if they say they set it up for you xD I'd rather compare macs to a hotel: Expensive but everything has been set up according to the price. :wink:


#146
@normen said:

I don't think so, I rather think it will become more of a library like the MSVC dll or things like that. I like the idea of distributing the JVM along with my app, as I outlined in this Ars Technica article: http://arstechnica.com/information-technology/2012/10/java-still-has-a-crucial-role-to-play-despite-security-risks/

They might kill swing/awt at some point in favor of JavaFX though, yes.



Oracle doesn't want to allow any interoperability with JavaFX and other scenegraphs & bindings for OpenGL, someone on Javagaming.org seems to know how to make it work with JOGL 2.0 but by using a deprecated code path. That's what I meant, Oracle might plan to kill Java client except JavaFX and its new deployment "features".



@normen said:

Like I said, this feature makes very much sense and you can decide to run any app the way I explained (right-click) even without having to disable these very nice protections. And they definitely should not prevent me from installing a java app via webstart..



I'm sceptical about this feature, it's a bit too much, Java already displays a scary warning, there are similar problems with Google Chrome that claims that Java applications may always harm the computer.



@normen said:

Buying a windows PC is like buying the parts instead of buying a complete device, even if they say they set it up for you xD I'd rather compare macs to a hotel: Expensive but everything has been set up according to the price. :wink:



I don't buy Windows PC, I buy the components apart, etc... Maybe that's the price of freedom.


#147
@gouessej said:

Oracle doesn't want to allow any interoperability with JavaFX and other scenegraphs & bindings for OpenGL, someone on Javagaming.org seems to know how to make it work with JOGL 2.0 but by using a deprecated code path. That's what I meant, Oracle might plan to kill Java client except JavaFX and its new deployment "features".



Thats fine. The desktop deployment from javafx works for normal java apps and for the JFX API and UI elements jme games normally have no use anyway :wink: Like I said in that quote, I'd be fine with this way of distribution. I already set it up for a jME app and it works fine, idk why one would want to bind JavaFX and JOGL too closely.. Sure a "JavaFXCanvas" would be nice but in the end its a pointless mixture of things that are supposed to do the same thing.



@gouessej said:

I'm sceptical about this feature, it's a bit too much, Java already displays a scary warning, there are similar problems with Google Chrome that claims that Java applications may always harm the computer.



Its no different than windows signing or ubuntus "closed" library for updates.



@gouessej said:

I don't buy Windows PC, I buy the components apart, etc... Maybe that's the price of freedom.



Yeah it is. I have to add the price for the time I spend on that on top of the PC (or the parts) I buy. Last mac I bought for work I unpacked, put it on the desk, connected the MOTU interface, installed the driver and Ableton Live 7 and ran a show :smile: Depending on the circumstances a mac makes more sense, add to that that some apps are extremely inexpensive (Logic and Final Cut X for example are insanely cheap but only available on mac).


#148

@normen Does your suggestion (right-click, open, ...) work on TUER?


#149
@gouessej said:

@normen Does your suggestion (right-click, open, ...) work on TUER?



Its a web start and it doesn't download anything, I can't do that :)



Edit: Any very simple jar example for NEWT somewhere?


#150
@normen said:

Its a web start and it doesn't download anything, I can't do that :)



You can save the JNLP file on your desktop and run the game from it, can't you?



@normen said:

Edit: Any very simple jar example for NEWT somewhere?



Maybe this one:

http://jogamp.org/deployment/jogamp-current/jogl-demos/jogl-newt-applet-runner-angelesgl2es1.html



Edit.: Keep in mind that a JAR might be opened by another application than Java by default (Ark under GNU Linux, WinRAR under Windows, ...). It is not a reliable way of deploying applications.


#151
@gouessej said:

You can save the JNLP file on your desktop and run the game from it, can't you?



As I said, no. It doesn't proceed the download. Not even when running javaws from command line. No error output.



@gouessej said:

Edit.: Keep in mind that a JAR might be opened by another application than Java by default (Ark under GNU Linux, WinRAR under Windows, ...). It is not a reliable way of deploying applications.



:roll: orly? I think I can say that I am quite an expert on java app deployment by now :wink:


#152

Cool, that applet seems to work, at least I see something, can't move or anything though and I get "java:invalid drawable" messages in the log. Could we use this type of applet deployment for jME apps too? Is this just the standard way of packaging webstart into applets by oracle or do you do some special magic for your binaries?



Edit: Hm, after the first run where I can't move the applet won't load anymore unless I restart the browser :confused:


#153

Hm, the download of TUER seems to be something between my computer and the tuer server.. For the jnlp's in the repo where the applet is I can download them but they fail to start due to a certificate error..



ParticleEngine.jnlp output:

[xml]java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: java.security.InvalidKeyException: Wrong key usage

at com.sun.deploy.security.TrustDecider.doCheckRevocationStatus(Unknown Source)

at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)

at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)

at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)

at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)

at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)

at com.sun.javaws.Launcher.prepareResources(Unknown Source)

at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)

at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)

at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)

at com.sun.javaws.Launcher.launch(Unknown Source)

at com.sun.javaws.Main.launchApp(Unknown Source)

at com.sun.javaws.Main.continueInSecureThread(Unknown Source)

at com.sun.javaws.Main.access$000(Unknown Source)

at com.sun.javaws.Main$1.run(Unknown Source)

at java.lang.Thread.run(Thread.java:722)

Caused by: java.security.cert.CertPathValidatorException: java.security.InvalidKeyException: Wrong key usage

at sun.security.provider.certpath.OCSPResponse.verifyResponse(OCSPResponse.java:541)

at sun.security.provider.certpath.OCSPResponse.<init>(OCSPResponse.java:494)

at sun.security.provider.certpath.OCSP.check(OCSP.java:261)

at sun.security.provider.certpath.OCSP.check(OCSP.java:165)

at sun.security.provider.certpath.OCSP.check(OCSP.java:130)

at com.sun.deploy.security.TrustDecider.doOCSPEEValidation(Unknown Source)

... 16 more

Caused by: java.security.InvalidKeyException: Wrong key usage

at java.security.Signature.initVerify(Signature.java:490)

at sun.security.provider.certpath.OCSPResponse.verifyResponse(OCSPResponse.java:524)

... 21 more

[/xml]

I'd still prefer a simple jar without any intermediate deployment technologies.


#154

You have to enable OSCP which is disabled by default since Java 1.7:

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7197652



The workaround consists in going to Java Control Panel System Preferences > Other > Java > Advanced > "Enable online certificate validation".



A JAR can be opened by an archiver which can often happen because lots of them modify the default file association.



I think Sven uses NApplet. I think that these demos still use the RC10, it should work better with the RC11 and if it's not the case, please write a bug report.



My JNLP is here:

[xml]<?xml version="1.0" encoding="utf-8"?>

<jnlp spec="1.0+" codebase="http://tuer.sourceforge.net/very_experimental/" href="tuer.jnlp">

<information>

<title>TUER</title>

<vendor>Julien GOUESSE</vendor>

<homepage href="http://tuer.sourceforge.net"/>

<description>Small Quake-like written in Java + JOGL</description>

<description kind="short">kill them all!!</description>

<icon href="tuerLogo.png"/>

<icon kind="splash" href="tuerLogo.png"/>

<offline-allowed/>

</information>

<security>

<all-permissions />

</security>

<update check="always" policy="always"/>

<resources>

<j2se version="1.6+" href="http://java.sun.com/products/autodl/j2se" initial-heap-size="32m" max-heap-size="256m" java-vm-args="-XX:MaxDirectMemorySize=128M"/>

<property name="sun.java2d.noddraw" value="true"/>

<jar href="tuer.jar" download="eager" main="true"/>

<jar href="ardor3d-animation-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="ardor3d-collada-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="ardor3d-core-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="ardor3d-math-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="ardor3d-savable-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="ardor3d-extras-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="ardor3d-awt-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="ardor3d-jogl-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="ardor3d-ui-0.8-SNAPSHOT.jar" download="eager" main="false"/>

<jar href="fettle-0.7.0.jar" download="eager" main="false"/>

<jar href="guava-r09.jar" download="eager" main="false"/>

<jar href="mockachino-full-0.3.1.jar" download="eager" main="false"/>

<jar href="CodecJOrbis.jar" download="eager" main="false"/>

<jar href="LibraryJavaSound.jar" download="eager" main="false"/>

<jar href="LibraryJOAL.jar" download="eager" main="false"/>

<jar href="SoundSystem.jar" download="eager" main="false"/>

<jar href="gluegen-rt.jar" download="eager" main="false"/>

<jar href="joal.jar" download="eager" main="false"/>

<jar href="jogl-all.jar" download="eager" main="false"/>

</resources>

<resources os="Linux" arch="i386">

<nativelib href = "joal-natives-linux-i586.jar" />

<nativelib href = "jogl-all-natives-linux-i586.jar" />

<nativelib href = "gluegen-rt-natives-linux-i586.jar" />

</resources>

<resources os="Linux" arch="x86">

<nativelib href = "joal-natives-linux-i586.jar" />

<nativelib href = "jogl-all-natives-linux-i586.jar" />

<nativelib href = "gluegen-rt-natives-linux-i586.jar" />

</resources>

<resources os="Linux" arch="amd64">

<nativelib href = "joal-natives-linux-amd64.jar" />

<nativelib href = "jogl-all-natives-linux-amd64.jar" />

<nativelib href = "gluegen-rt-natives-linux-amd64.jar" />

</resources>

<resources os="Linux" arch="x86_64">

<nativelib href = "joal-natives-linux-amd64.jar" />

<nativelib href = "jogl-all-natives-linux-amd64.jar" />

<nativelib href = "gluegen-rt-natives-linux-amd64.jar" />

</resources>

<resources os="SunOS" arch="sparc">

<nativelib href = "joal-natives-solaris-sparc.jar" />

<nativelib href = "jogl-all-natives-solaris-sparc.jar" />

<nativelib href = "gluegen-rt-natives-solaris-sparc.jar" />

</resources>

<resources os="SunOS" arch="sparcv9">

<nativelib href = "joal-natives-solaris-sparcv9.jar" />

<nativelib href = "jogl-all-natives-solaris-sparcv9.jar" />

<nativelib href = "gluegen-rt-natives-solaris-sparcv9.jar" />

</resources>

<resources os="SunOS" arch="x86">

<nativelib href = "joal-natives-solaris-i586.jar" />

<nativelib href = "jogl-all-natives-solaris-i586.jar" />

<nativelib href = "gluegen-rt-natives-solaris-i586.jar" />

</resources>

<resources os="SunOS" arch="amd64">

<nativelib href = "joal-natives-solaris-amd64.jar" />

<nativelib href = "jogl-all-natives-solaris-amd64.jar" />

<nativelib href = "gluegen-rt-natives-solaris-amd64.jar" />

</resources>

<resources os="SunOS" arch="x86_64">

<nativelib href = "joal-natives-solaris-amd64.jar" />

<nativelib href = "jogl-all-natives-solaris-amd64.jar" />

<nativelib href = "gluegen-rt-natives-solaris-amd64.jar" />

</resources>

<resources os="Mac OS X" arch="i386">

<nativelib href = "joal-natives-macosx-universal.jar" />

<nativelib href = "jogl-all-natives-macosx-universal.jar" />

<nativelib href = "gluegen-rt-natives-macosx-universal.jar" />

</resources>

<resources os="Mac OS X" arch="x86_64">

<nativelib href = "joal-natives-macosx-universal.jar" />

<nativelib href = "jogl-all-natives-macosx-universal.jar" />

<nativelib href = "gluegen-rt-natives-macosx-universal.jar" />

</resources>

<resources os="Windows" arch="x86">

<nativelib href = "joal-natives-windows-i586.jar" />

<nativelib href = "jogl-all-natives-windows-i586.jar" />

<nativelib href = "gluegen-rt-natives-windows-i586.jar" />

</resources>

<resources os="Windows" arch="amd64">

<nativelib href = "joal-natives-windows-amd64.jar" />

<nativelib href = "jogl-all-natives-windows-amd64.jar" />

<nativelib href = "gluegen-rt-natives-windows-amd64.jar" />

</resources>

<resources os="Windows" arch="x86_64">

<nativelib href = "joal-natives-windows-amd64.jar" />

<nativelib href = "jogl-all-natives-windows-amd64.jar" />

<nativelib href = "gluegen-rt-natives-windows-amd64.jar" />

</resources>

<application-desc main-class="engine.service.Ardor3DGameServiceProvider" />

</jnlp>



[/xml]


#155

Okay so I have to write up a command line for java -jar myself to be able to test this without all the hassle and deployment systems yeah? You know changing defaults is not an option for serious applications. I know this is only a certificate issue / bug though.



Edit: It works by running from command line or by enabling the online certificate validation btw. So it seems in a normal context (no applet and deployment) NEWT works nicely on 10.8.


#156

@normen Java Web Start worked very well before this regression (which I reported by myself). TUER should not have been concerned by this bug as it uses a self signed certificate, it's worse than I thought, I'm really disappointed.



As NEWT works nicely on Mac OS X 10.8, I will start to switch to NEWT tomorrow.


#157
@gouessej said:

@normen Java Web Start worked very well before this regression (which I reported by myself). TUER should not have been concerned by this bug as it uses a self signed certificate, it's worse than I thought, I'm really disappointed.



Yes, java delpoyment is a pain atm, thats why I like to do most of the deployment stuff "myself" until oracle gets its infrastructure clean again.



@gouessej said:

As NEWT works nicely on Mac OS X 10.8, I will start to switch to NEWT tomorrow.



Cool 8)


#158
@normen said:

Yes, java delpoyment is a pain atm, thats why I like to do most of the deployment stuff "myself" until oracle gets its infrastructure clean again.



Ok but the OpenJDK team is working on this bug and I would like to understand the root cause. I don't use a trusted certificate, you should have been able to run TUER only with the first change of settings ("Allow applications downloaded from: Anywhere"). If the second change (OSCP) is required to make it work, it means that my analysis was a bit wrong. Please can you tell me whether these both changes are absolutely necessary? Is the first one enough?


#159
@gouessej said:

Ok but the OpenJDK team is working on this bug and I would like to understand the root cause. I don't use a trusted certificate, you should have been able to run TUER only with the first change of settings ("Allow applications downloaded from: Anywhere"). If the second change (OSCP) is required to make it work, it means that my analysis was a bit wrong. Please can you tell me whether these both changes are absolutely necessary? Is the first one enough?



The first one did nothing for me and doesn't seem to tie into the java deployment at all (except starting jar files) from what I see. The latter only applies to webstart/applets and is the only thing necessary to make it work. Conclusion: Its not the bad apples fault :stuck_out_tongue:


#160

@normen I don't understand why enabling OCSP seems to be necessary even for self signed certificates only under Mac whereas this bug under Windows occurs only with trusted certificates.