Fix "signer information does not match" error

Update ExecutableArchiveLauncher so that `-cp` URLs are not added
when they are already contained as nested JARs. This prevents a
SecurityException "signer information does not match error" when using
signed jars. The root cause of the issue was that the primary JAR file
was on the default classpath with the URL "file:....jar" and in the
main URL set as "jar:file:....jar". It is now filtered so that only
the "jar:" variant is added.

Fixes gh-1134

spring-boot-tools/spring-boot-loader/src/main/java/org/springframework/boot/loader/ExecutableArchiveLauncher.java

@@ -78,11 +78,11 @@ public abstract class ExecutableArchiveLauncher extends Launcher {
 
 	@Override
 	protected ClassLoader createClassLoader(URL[] urls) throws Exception {
-		Set<URL> copy = new LinkedHashSet<URL>();
+		Set<URL> copy = new LinkedHashSet<URL>(urls.length);
 		ClassLoader loader = getDefaultClassLoader();
 		if (loader instanceof URLClassLoader) {
 			for (URL url : ((URLClassLoader) loader).getURLs()) {
-				if (!this.javaAgentDetector.isJavaAgentJar(url)) {
+				if (addDefaultClassloaderUrl(urls, url)) {
 					copy.add(url);
 				}
 			}
@@ -93,6 +93,16 @@ public abstract class ExecutableArchiveLauncher extends Launcher {
 		return super.createClassLoader(copy.toArray(new URL[copy.size()]));
 	}
 
+	private boolean addDefaultClassloaderUrl(URL[] urls, URL url) {
+		String jarUrl = "jar:" + url + "!/";
+		for (URL nestedUrl : urls) {
+			if (nestedUrl.equals(url) || nestedUrl.toString().equals(jarUrl)) {
+				return false;
+			}
+		}
+		return !this.javaAgentDetector.isJavaAgentJar(url);
+	}
+
 	/**
 	 * Determine if the specified {@link JarEntry} is a nested item that should be added
 	 * to the classpath. The method is called once for each entry.