top black image
Home
Java Verified Program
Java Verified Process
Prepare & Submit Application
Application Pretesting
Selecting a Test Provider
Application Testing
Digital Signing
Go to Market
Marketing Opportunities
Test Criteria and other documents
Table of Supported Devices
Java Powered Logo Usage
Known Issues and UpComing Changes
Frequently asked questions
Chat
Contact Us
bottom black image



The purpose of the Java Verified Program (JVP) is to provide developers with a central facility for quickly and easily getting their Java ME Technology MIDP applications to market while having their work tested for a level of quality defined by the Unified Testing Initiative (UTI). For the Members of the UTI and for the customers of the applications (Operators, Subscribers, Aggregators, Publishers, etc.), the program makes available a set of well-qualified applications.

To this end, a set of testing criteria and a testing process were designed by the members of the UTI as well as some of the major operators. A number of testing providers were selected to implement these criteria as test plans and to apply these tests to Java ME Technology MIDlets. As proof of having passed through this testing process, a PKI certificate is issued and the application is signed. The signature serves to prove the authenticity of the signing and the integrity of the software.

Overview

JVP registered developers can log in at the JVP website's developer portal. From this portal they move their application through a series of steps. They are (in order):

  1. Application Upload: Developers upload their applications. During the upload, a set of automatic checks of the uploaded files,is made. If an uploaded application is correct in content and form, it is stored at the JVP site.

  2. Pretesting: After a successful submission, pretesting is performed next. Pretesting consists of the examination of the application's JAR and JAD. Subsequently, developers are are shown the results in a document that they can retrieve. The report will inform the developer of potential problems such as missing JAD attributes, missing signature, devices it will or will not run on, etc.

  3. Testing: In the testing step, developers choose the tester that they want to have test their application. Once a tester has been selected, developers notify the tester that they have submitted their application to the JVP and wish to have the tester retrieve it and test it. Developers can establish a business relationship with the tester either before or after submitting their application for testing.

  4. Retrieval: The tester retrieves the developer's application and applies a series of manual tests that are based on the UTI Testing Criteria. The JVP and the developer are notified of the results.

    1. If the application fails testing then the developers must correct and resubmit their application beginning with the first step again.

    2. If the application passes testing, it is digitally signed so that anyone can verify that the application has passed testing according the Unified Testing Initiative Criteria. Developers are notified by email. They can return to the JVP website and pick up their signed application.

A high-level diagram of the testing process is shown below. Each stage in the testing process is explained in more detail in subsequent sections.

Developer Identity and Registration

While not a part of the JVP testing process, the ability to confirm the identity of the developer is a pre-requisite to the testing step of the process. This pre-requisite is required in order to ensure the authenticity and integrity of a developer's application. The developer can meet this requirement by signing her application with a PKI certificate. The certificate must be obtained from a trusted Certificate Authority (CA). The information that the developer enters for JVP registration is used by the CA to vet the developer prior to issuing a certificate.

If the application does not have a signature and certificate upon entry to the testing step, the developer is notified and asked to obtain a certificate and then to resubmit a signed copy of his or her application. Note that submission and pretesting do not require a signed application.

Roles and Responsibilities

There are five roles involved in the JVP testing process. They are listed below along with their responsibilities:

  1. Developer

    • Submits Application to the JVP

    • Chooses device(s) for pretesting.

    • Chooses Tester

  2. Submission Checker - Automatic (JVP)

    • Checks for complete application set (JAD and JAR)

    • Checks for required MIDlet attributes

  3. Pretester - Automatic (JVP)

    • Checks the static contents of the JAD and JAR

    • Prepares report

  4. Tester (Authorized third-party testing company)

    • Develops a testing plan according to UTI Criteria

    • Manually tests the application

    • Prepares reports (pass or fail)

  5. Signer (GeoTrust)

    • Generates a public/private key pair

    • Creates a certificate which depends on the UTI Root certificate

    • Signs application with private key

    • Returns signature and certificate

Submission/Uploading

Before submitting an application for testing, please ensure that the requirements met. To view the requirements click submission/Uploading

Submission is the first step that a developer must perform. It involves uploading his application to the JVP and having the submission checked.

  1. The developer creates a Zip file containing the JAD and JAR for his application. This file is uploaded to the JVP.

  2. The submission is checked to see if:

    1. The JAD matches the JAR.

    2. The JAD is in the proper format.

    3. The JAD has all required attributes.

    4. The JAR is in the proper format.

  3. If the submission fails in any of these checks, a report is created and can be retrieved by the developer at the website.

  4. If the submission passes the checks, it is stored at the JVP and marked as being "Uploaded".

Pretesting

Pretesting is the second step in the JVP testing process. Pretesting determines whether the application will run on specific target devices or groups of devices. Note that pretesting has been designed to be extensible. Their may be other That is, if further automated tests that can be optionally performed on the application.

  1. The developer chooses his "Uploaded" application from a list of his applications at the JVP website.

  2. The JVP automatically retrieves the application from storage.

  3. The JVP retrieves the profiles of the selected device(s) and group(s) of devices.

  4. The application's classes are examined to see if:

    1. It exists on the device (in its libraries) or in the JAR.

    2. Any class that is used by the application can be found in the application Jar or on the device.

    3. If the conditions above are not met for a device then this is noted in the report.

    4. If the conditions are all met for a device then this is noted in the pretesting report.

  5. Once pretesting is finished, the developer can retrieve the report at the JVP website.

  6. Note 1: To know how the JAD and JAR files are examined, click Application Pretesting

Testing

Note: An application must be signed with a verifiable PKI certificate before it will be accepted for testing. Please see the section entitled Developer Identity.

Testing, the third step, involves sending a pretested application to the testing provider that the developer has chosen.

  1. The developer chooses a "Pretested" application.

  2. The developer has evaluated all the UTI-qualified testers and now chooses the one that he or she wants to test his or her application.

  3. A message is sent by the JVP to the tester containing the developer's identity (name and email address) and the name and identity of the application.

  4. The tester logs onto the JVP Testers Portal and retrieves the application from a "To be tested" list.

  5. The tester downloads the application from the JVP.

  6. The tester runs the application through a series of manual tests according to the UTI test criteria.

  7. If the application fails to pass the UTI tests, the JVP is notified and a failure report is generated for the developer to see.

  8. If the application passes the UTI tests, the JVP is notified and the application is stored and marked as "Tested". In parallel, the developer is notified by email. Finally, the signer is notified that an application needs to be signed.

Signing

The signing of the application is the last step in the JVP testing process. It happens automatically when a tester indicates that an application has passed testing.

  1. The JVP automatically retrieves an application that has passed testing.

  2. The application and information about the developer is uploaded to the signer in a secure manner.

  3. The signer generates a PKI Key pair: a private key and a public key

  4. A PKI certificate is issued based on the UTI Root Certificate. This UTI Root Certificate is embedded in devices that support MIDP 2.0 Security.

  5. The developer's application is signed with the private key. The signature and the certificate are placed in the JAD.

  6. The signed JAD is uploaded to the JVP.

  7. The signed application is stored at the JVP and marked as being "Certified". The developer is notified by email. He or she may download it from the Developer Portal.
  ACCESS CO., LTD | LG Electronics | Motorola, Inc. | Nokia Corporation | Orange | Samsung | Sony Ericsson Mobile Communications AB |
Sun Microsystems, Inc. | Vodafone Group Services Limited |
Java Technology | JavaOne | Java Community Process 		 
 

Java, J2EE, J2SE, Java ME Technology, and all Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.


Copyright © 1995-2004 Sun Microsystems, Inc.
All Rights Reserved. Terms of Use. Privacy Policy. Trademarks.