签名Java小程序的连接抛出安全例外到WebService [英] Signed Java Applet Throws Security Exception on Connect to a Webservice

问题描述

我在Tomcat 5.5上运行的Java小程序。这是签署（-selfcert）。我仍然得到了 java.security.AccessControlException：访问被拒绝（java.lang.RuntimePermission createClassLoader）例外，当我的小程序试图连接到（在这一行已经）web服务

I have an java applet running on tomcat 5.5. It is signed ( -selfcert). I still get an java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader) Exception, when my Applet tries to connect to a webservice (already in this line):

ws_locator = new My_WebserviceLocator(ws_adress + "?wsdl",
                new javax.xml.namespace.QName("http://impl.webservice", "My_Webservice"));

因为这里也有一些类似的问题，一个I阅读：

Since there are some similar questions here, an i read them:

• 是的，小程序签名。我-verify检查它。

• Yes, the applet is signed. I checked it with -verify.

Tomcat的安全异常，可能是，但我已经加入到catalina.policy里：

Tomcat security exception, may be, but i have added to catalina.policy:

grant codeBase "file:/home/me/apache-tomcat-5.5.27/webapps/myapplet/-" {
    permission java.security.AllPermission;    };

拨款codeBase的文件：/home/me/apache-tomcat-5.5.27/webapps/myapplet/applet.jar{权限java.security.AllPermission; };

和像平常的东西也有：

grant codeBase "file:${java.home}/jre/lib/ext/-" {
        permission java.security.AllPermission;
};

没有结果。

好吧，快速更新，加入：

Ok, quick update, adding:

grant{
        permission java.security.AllPermission;
};

要在本地java.policy文件解决问题。但那不是我所期待的，小程序应在avarage机器上运行，与dafault java.policy文件。所以它必须从code内的固定

to the local java.policy file fixes the problem. BUT thats not what i am looking for, the applet should run on an avarage machine, with dafault java.policy file. So it has to be fixed from within the code.

推荐答案

你从applet主线程或由该applet的方法使用JavaScript的调用所启动一个线程调用您的WS？

Do you call your WS from the applet main thread or from a thread initiated by a call to the applet's method using javascript?

参见下面的例子。

希望它帮助。

public class MyApplet extends JApplet {

    @Override
    public void start() {
    	// It will work if your applet is signed
    	callWebService();
    }

    public void methodCalledFromJavascriptWrong() {
    	// It will NOT work even if your applet is signed
    	callWebService();

    }

    public void methodCalledFromJavascriptGood() {
    	AccessController.doPrivileged(new PrivilegedAction() {

    		public Object run() {
    			// It will work if your applet is signed
    			callWebService();
    			return null;
    		}

    	});

    }

    private void callWebService() {
    	//Here you call your web service
    }
}

这篇关于签名Java小程序的连接抛出安全例外到WebService的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！