签名Java小程序的连接抛出安全例外到WebService [英] Signed Java Applet Throws Security Exception on Connect to a Webservice
问题描述
我在Tomcat 5.5上运行的Java小程序。这是签署(-selfcert)。我仍然得到了 java.security.AccessControlException:访问被拒绝(java.lang.RuntimePermission createClassLoader)
例外,当我的小程序试图连接到(在这一行已经)web服务
I have an java applet running on tomcat 5.5. It is signed ( -selfcert). I still get an java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
Exception, when my Applet tries to connect to a webservice (already in this line):
ws_locator = new My_WebserviceLocator(ws_adress + "?wsdl",
new javax.xml.namespace.QName("http://impl.webservice", "My_Webservice"));
因为这里也有一些类似的问题,一个I阅读:
Since there are some similar questions here, an i read them:
-
是的,小程序签名。我-verify检查它。
Yes, the applet is signed. I checked it with -verify.
Tomcat的安全异常,可能是,但我已经加入到catalina.policy里:
Tomcat security exception, may be, but i have added to catalina.policy:
grant codeBase "file:/home/me/apache-tomcat-5.5.27/webapps/myapplet/-" {
permission java.security.AllPermission; };
拨款codeBase的文件:/home/me/apache-tomcat-5.5.27/webapps/myapplet/applet.jar{权限java.security.AllPermission; };
和像平常的东西也有:
grant codeBase "file:${java.home}/jre/lib/ext/-" {
permission java.security.AllPermission;
};
没有结果。
好吧,快速更新,加入:
Ok, quick update, adding:
grant{
permission java.security.AllPermission;
};
要在本地java.policy文件解决问题。但那不是我所期待的,小程序应在avarage机器上运行,与dafault java.policy文件。所以它必须从code内的固定
to the local java.policy file fixes the problem. BUT thats not what i am looking for, the applet should run on an avarage machine, with dafault java.policy file. So it has to be fixed from within the code.
推荐答案
你从applet主线程或由该applet的方法使用JavaScript的调用所启动一个线程调用您的WS?
Do you call your WS from the applet main thread or from a thread initiated by a call to the applet's method using javascript?
参见下面的例子。
希望它帮助。
public class MyApplet extends JApplet {
@Override
public void start() {
// It will work if your applet is signed
callWebService();
}
public void methodCalledFromJavascriptWrong() {
// It will NOT work even if your applet is signed
callWebService();
}
public void methodCalledFromJavascriptGood() {
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
// It will work if your applet is signed
callWebService();
return null;
}
});
}
private void callWebService() {
//Here you call your web service
}
}
这篇关于签名Java小程序的连接抛出安全例外到WebService的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!