与Java小程序的问题来连接我们的服务器调用PHP文件 [英] Problem with Java Applet to connect our server to call a PHP file
问题描述
我们正面临着介绍最新JRE 6更新22和23的问题问题是,我们正在运行的使用Java小程序商店网站/检索DATAS。对于过去7年来,我们从来没有一个单一的问题,但现在最新的JRE是,我们有一个问题。 Java小程序加载正常,但无法连接我们的服务器(UNIX服务器)的假设来调用PHP文件。
We are facing a problem with lastest JRE 6 update 22 and 23. The problem is we are running a site which uses Java Applet to stores/retrieve datas by calling a PHP file. For last 7 years we never had a single issue but now with latest JRE are we having a problem. The Java applet is loaded fine but failed to connect our sever (unix server) which suppose to call the PHP file.
请注意:我们使用JavaScript调用Java函数来连接我们的服务器,从PHP文件检索数据
Note: We use Javascript to call a Java function to connect our server, to retrieve data from the PHP file.
下面是Java控制台中发现的错误消息:
Here is the error message found in Java console:
basic: Applet started
basic: Told clients applet is started
Retreiving cmi for sco=778 from ATutor server
network: Connecting http://www.example.com/training/scorm/read.php with proxy=DIRECT
network: Cache entry not found [url: http://xxx.xxx.xxx.xxx/crossdomain.xml, version: null]
network: Connecting http://xxx.xxx.xxx.xxx/crossdomain.xml with proxy=DIRECT
network: Connecting http://xxx.xxx.xxx.xxx:80/ with proxy=DIRECT
network: Server http://xxx.xxx.xxx.xxx/crossdomain.xml requesting to set-cookie with "SESSdba781ab68368f3b7b29ce28e33a2679=983ded5e21e40047871b1f3ce5c259d7; expires=Monday, 07-Mar-11 20:45:53 GMT; path=/"
ATutor cmi retrieval failed.
java.security.AccessControlException: access denied (java.net.SocketPermission xxx.xxx.xxx.xxx:80 connect,resolve)
甲骨文已经发布了说明和解决这一问题的解决方案,
网站: http://www.oracle.com/technetwork/java/javase /6u22releasenotes-176121.html
为CVE-2010-3560的修复可能导致
某些Java小程序在运行
新的Java插件停止工作,如果
它们被嵌入在网页其中
包含JavaScript调用成
Java的,以执行其行动
需要网络安全权限。
这些小程序可能会失败与网络
在一些安全异常
如果情况名称服务
从而解决了原来的网页
URL主机名不返回
匹配名称的结果
反向地址查询。这是最
可能发生的新的Java
插件在Solaris和Linux上运行
当配置为使用NIS的主机
与地图的网络地址解析
含主机名这是在
短形式(而不是作为全
合格的域名)。
The fix for CVE-2010-3560 could cause certain Java applets running in the new Java Plug-in to stop working if they are embedded in web pages which contain JavaScript that calls into Java in order to perform actions which require network security permissions. These applets may fail with a network security exception under some circumstances if the name service which resolved the original web page URL host name does not return a matching name as the result of a reverse address lookup. This is most likely to occur for the new Java Plug-in running on Solaris and Linux when configured to use NIS for host to network address resolution with maps containing host names which are in short form (rather than as a fully qualified domain name).
如果一个applet被怀疑的失败
由于这种变化,你可以验证
通过设置的日志记录级别
Java控制台5,寻找
用插座开头的字符串记录
访问限制,这将
描述的具体原因
不匹配,将在确定帮助
正确的解决方法是使用
描述如下:
If an applet is suspected of failing due to this change you can verify that by setting the logging level of the Java Console to 5 and looking for logging strings beginning with "socket access restriction" which will describe the specific cause of the mismatch and will help in identifying the correct workaround to use as described below:
添加新的主机名前锋映射条目
(在/ etc / hosts文件,NIS或DNS)中
这是由公认的特殊形式
Java进行验证的目的
IPv4和IPv6名称服务映射。
在IPv4通用名形式后跟
AN / etc / hosts文件片段的例子
对于IP地址10.11.12.13是:
Add a new host name forward map entry (in /etc/hosts, NIS, or DNS) in a special form which is recognized by Java for the purpose of validating IPv4 and IPv6 name service mappings. The IPv4 general name form followed by an /etc/hosts file fragment example for IP address 10.11.12.13 is:
host.auth.ddd.ccc.bbb.aaa.in-addr.arpa
# /etc/hosts example
10.11.12.13 foo.bar.com.auth.13.12.11.10.in-addr.arpa
有是IPv6等价形式
它使用IP6.ARPA地址
在RFC定义域根格式
3596
There is an equivalent form for IPv6 addresses which uses the IP6.ARPA domain root format defined in RFC 3596.
有关DNS,这些将是A(IPv4)的或
AAAA(IPv6)的条目。
For DNS, these would be A (IPv4) or AAAA (IPv6) entries.
pre-挂起一个完全合格的主机名
之前其他映射到相同的
地址。例如,在/ etc / hosts中
格式为:
Pre-pend a fully qualified host name before other mappings to the same address. For example, in /etc/hosts format:
#10.11.12.13 foo loghost
10.11.12.13 foo.bar.com foo loghost
作为替代更新名称
服务记录,它可能会向
安全地修改小程序来执行
使用网络操作仅它自己的
权限独立卷材的
其中包含它利用页
的doPrivileged的()方法
java.security.AccessController类。
As an alternative to updating name service records, it may be possible to safely modify the applet to perform the network action using only it's own permissions independent of the web page which contains it by using the doPrivileged() method of the java.security.AccessController class.
我是PHP开发人员,我对Java的知之甚少。我无法理解由Oracle提供的解决方案。他们希望在/ etc / hosts文件,添加新的主机名,任何人都可以请更明显的例子解释什么在添加/ etc / hosts中。
I am PHP developer and I have very little knowledge on Java. I couldn't understand the solution provided by the Oracle. They want to add new host name in /etc/hosts file, can anyone please explain with more clear example what to add in /etc/hosts.
此外,我不知道在哪里添加doPrivileged的()方法,请大家帮帮忙。
Also I don't know where to add doPrivileged() method, please help.
感谢
推荐答案
圣保罗
服务器管理员上传crossdomain.xml文件到网站的根Web目录解决公网IP。这是我收到的唯一信息。
Server admin uploaded a crossdomain.xml file to the root web directory of the site that resolve the public ip. This is the only information I received.
下面是在的crossdomain.xml 文件,
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
这解决了问题,并没有错误出现在Java控制台日志中。
This fixed the problem and no errors appears in Java console logs.
这些错误是固定的,
network: Cache entry not found [url: http://xxx.xxx.xxx.xxx/crossdomain.xml, version: null]
java.security.AccessControlException: access denied (java.net.SocketPermission xxx.xxx.xxx.xxx:80 connect,resolve)
这篇关于与Java小程序的问题来连接我们的服务器调用PHP文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
