Java:从本地小程序调用 .dll ......我做错了什么 [英] Java: Calling .dll from a LOCAL applet... I'm doing something wrong

问题描述

应该没有安全限制，因为小程序是本地安装的.

There should be no security restriction because the applet is locally installed.

然而我明白了:

java.security.AccessControlException: 访问被拒绝 (java.lang.RuntimePermission loadLibrary.jzmq)

java.security.AccessControlException: access denied (java.lang.RuntimePermission loadLibrary.jzmq)

当我的应用尝试调用时

static{
     System.loadLibrary("jzmq");
}

什么给?在没有安全问题的情况下，我缺少什么才能顺利运行(因为它是用户安装的本地小程序，所以应该这样做)?

What gives? What am I missing for it to work smoothly without a security question (as it should since it's a user-installed local applet)?

顺便说一下，它在 Eclipse运行"中运行良好，只是不在我希望它运行的浏览器中.

By the way it works fine from Eclipse "Run", just not in a browser, where I want it to run.

推荐答案

通过浏览器插件从本地文件系统 (file:///) 运行的小程序与从本地文件系统 (file:///) 加载的小程序几乎完全相同的安全检查网络.不同之处在于从网络加载的小程序具有回拨"权限，即.连接回小程序源自的服务器，从文件系统加载的小程序有权访问同一文件夹中的文件.

Applets run via browser plug-in from the local file-system (file:///) are subject to almost exactly the same security checks as applets loaded from the web. The difference being that applets loaded from the web have the permission to "call home", ie. connect back to the server the applet originated from, and applets loaded from the filesystem have the permission to access the files in the same folder.

默认情况下，沙箱在任何一种情况下都不允许加载本机库.

The sandbox by default does not permit loading native libraries in either case.

您可以考虑签署小程序.用户必须确定安全对话框.除非您有从证书颁发机构购买的代码签名证书，否则对话框会警告用户它不是由受信任方签名的事实.

You could consider signing the applet. The user will have to OK the security dialog. And unless you have a code-signing certificate purchased from a certificate authority the dialog will warn the user of the fact that it's not signed by a trusted party.

我没有完全理解你的用例，但如果你可以在本地机器上运行其他代码，你总是可以改变 java 安全策略，以便信任某个特定本地位置的 .jar 文件.这样就不会出现安全对话框.

I didn't fully understand your use-case, but if you can run other code on the local machine, you could always alter the java security policy in order to trust a .jar file in some specific local location. This way no security dialog gets presented.

为此，您需要更改 Java 策略文件，该文件在装有 Java 6 的 Windows 机器上可能位于:

To do this, you alter the java policy file, which on a windows machine with Java 6 would probably be in:

%程序文件%\Java\jre6\lib\security\java.policy

%PROGRAM FILES%\Java\jre6\lib\security\java.policy

并添加一个新权限，如下所示:

And add a new permission, something like this:

grant codeBase "file:///path/yourcomponent.jar" {
      permission java.lang.RuntimePermission "loadLibrary.jzmq";
};

要授予完全权限，您可以添加这样的权限(这是从我刚刚完成的成功测试中复制的):

To give full permissions, you could add a permission like this (this is copied from a succesful test I did just now):

grant codeBase "file:///C:/component/policytest.jar" {
      permission java.security.AllPermission;
};

这篇关于Java:从本地小程序调用 .dll ......我做错了什么的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！