从 Java Webstart 启动嵌入式 Tomcat 时出现 AccessControlException [英] AccessControlException when starting embedded Tomcat from Java Webstart

问题描述

对于我们的 Kunagi Java Web 应用程序，我们有一个签名的 kunagi.jar 文件，其中包含我们的类以及来自嵌入式 Tomcat 6 的类.这在调用 java -jar kunagi.jar 时完美运行.

For our Kunagi Java web application we have a signed kunagi.jar file which contains our classes together with classes from embedded Tomcat 6. This runs perfectly when calling java -jar kunagi.jar.

但是当使用 Java WebStart 启动它时，我在嵌入式 Tomcat 启动时遇到异常:

But when starting it with Java WebStart, I get an exception while embedded Tomcat is starting:

java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.org.apache.catalina.deploy)
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:393)
    at java.security.AccessController.checkPermission(AccessController.java:553)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
    at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1529)
    at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:291)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:266)
    at net.sourceforge.jnlp.runtime.JNLPClassLoader.loadClass(JNLPClassLoader.java:1018)
    at java.lang.Class.getDeclaredMethods0(Native Method)
    at java.lang.Class.privateGetDeclaredMethods(Class.java:2444)
    at java.lang.Class.getMethod0(Class.java:2687)
    at java.lang.Class.getMethod(Class.java:1620)
    at org.apache.catalina.startup.SetPublicIdRule.begin(WebRuleSet.java:639)
    at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1276)
    ... 33 more

当然kunagi.jar 是签名的，否则它甚至不会启动.它接缝 Java WebStart 全局启用 Java Security，它以某种方式嵌入 Tomcat继承"并且无法初始化.

Of course kunagi.jar is signed, otherwise it wouldn't even start. It seams Java WebStart enables Java Security globally, which somehow embedded Tomcat "inherits" and fails to initialize.

这是 JNLP 文件:

Here is the JNLP file:

<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="http://kunagi.org/webstart" href="kunagi.jnlp">
    <information>
        <title>Kunagi</title>
        <vendor>Kunagi Team</vendor>
        <homepage href="http://kunagi.org"/>
        <description>SCRUM Tool</description>
        <description kind="short">SCRUM Tool</description>
        <offline-allowed/>
    </information>
    <security>
        <all-permissions/>
    </security>
    <resources>
        <j2se version="1.6+" href="http://java.sun.com/products/autodl/j2se"/>
        <jar href="kunagi.jar" main="true" />
    </resources>
    <application-desc name="Kunagi" main-class="katokorbo.Katokorbo"/>
    <update check="always"/>
</jnlp>

有没有办法在 Java WebStart 中禁用 Tomcat 的安全检查?或者如何配置嵌入式 Tomcat 以允许访问 org.apache.catalina...?

Is there a way to disable security checks for Tomcat inside of Java WebStart? Or how can I configure embedded Tomcat to permit access to org.apache.catalina...?

推荐答案

我的问题解决如下:

在 WebStart 启动我的应用程序后禁用安全管理器.我的 main() 方法中的第一行:

Disable security manager after WebStart started my application. First line in my main() method:

System.setSecurityManager(null);

告诉 Tomcat 使用默认的类加载器:

Tell Tomcat to use the default class loader:

context.setLoader(new WebappLoader(getClass().getClassLoader()));

现在 Tomcat 在 WebStart 中运行 :-D

Now Tomcat runs within WebStart :-D

这篇关于从 Java Webstart 启动嵌入式 Tomcat 时出现 AccessControlException的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！