使用Domino XPages实现Java Google Drive API时的安全性问题 [英] Security issue while implementing java Google Drive API with Domino XPages

问题描述

我正在使用Java jar实施Google Drive API.我从此处找到的示例DriveCommandLine.java开始: https://developers.google.com/drive/quickstart-java . XPage引发以下内容: 调用Java构造函数时出错...(java.lang.reflect.InvocationTargetException). 不允许访问类类java.util.AbstractMap

I am implementing the Google Drive API using the java jars. I started with the sample DriveCommandLine.java found here: https://developers.google.com/drive/quickstart-java . The XPage throws the following: Error while calling java constructor ... (java.lang.reflect.InvocationTargetException). not allowed to access members in class class java.util.AbstractMap

我了解Google Java代码使用反射，默认的Lotus Domino java.policy文件不允许使用反射.我测试了将默认权限更改为: 权限java.security.AllPermission;

I understand that the Google java code uses reflection, which is not allowed by the default Lotus Domino java.policy file. I tested changing the default permission to: permission java.security.AllPermission;

解决了安全问题.

我现在关心的是，不要让java.policy文件具有开放的默认权限. 我找不到有关java.policy规范的文档... 有没有办法将此权限限制为需要它的特定代码?

My concern is now, not to leave the java.policy file with an open default permission. I was not able to find the documentation for the java.policy specs... Is there a way to narrow this permission to the specific code which needs it?

感谢您的帮助

推荐答案

请尝试

grant {
    permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};

这应该允许您的Java类进行反射.

This should allow the reflection for your java classes.

或者，您可以仅限制单个数据库的策略设置:

Alternativly you can restrict the policy settings for a single database only:

grant codeBase "xspnsf://server:0/path/to/your/db.nsf/-" {
    permission java.security.AllPermission;
};

在此设置中，您必须更改数据库的路径(通过仅替换/path/to/your/db.nsf/而不是 server:0 >).

In this setting you have to change the path to your database (by replacing the /path/to/your/db.nsf/ only, not the server:0).

除了将所有权限授予单个数据库之外，您还可以将其限制为ReflectPermission.

Instead of giving all permissions to the single database, you can restrict it to the ReflectPermission too.

这篇关于使用Domino XPages实现Java Google Drive API时的安全性问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！