签名的 Java 小程序在连接到 Web 服务时引发安全异常 [英] Signed Java Applet Throws Security Exception on Connect to a Webservice

问题描述

我有一个在 tomcat 5.5 上运行的 java 小程序.它已签名(-selfcert).我仍然收到 java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader) 异常，当我的 Applet 尝试连接到网络服务时(已经在这一行):

I have an java applet running on tomcat 5.5. It is signed ( -selfcert). I still get an java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader) Exception, when my Applet tries to connect to a webservice (already in this line):

ws_locator = new My_WebserviceLocator(ws_adress + "?wsdl",
                new javax.xml.namespace.QName("http://impl.webservice", "My_Webservice"));

因为这里有一些类似的问题，我读了它们:

Since there are some similar questions here, an i read them:

• 是的，小程序已签名.我用 -verify 进行了检查.

• Yes, the applet is signed. I checked it with -verify.

Tomcat 安全异常，可能是，但我已添加到 catalina.policy:

Tomcat security exception, may be, but i have added to catalina.policy:

grant codeBase "file:/home/me/apache-tomcat-5.5.27/webapps/myapplet/-" {
    permission java.security.AllPermission;    };

grant codeBase "file:/home/me/apache-tomcat-5.5.27/webapps/myapplet/applet.jar" { 权限 java.security.AllPermission;};

还有一些常见的东西:

grant codeBase "file:${java.home}/jre/lib/ext/-" {
        permission java.security.AllPermission;
};

没有结果.

好的，快速更新，添加:

Ok, quick update, adding:

grant{
        permission java.security.AllPermission;
};

到本地 java.policy 文件修复了问题.但那不是我要找的，applet 应该在 avarage 机器上运行，带有 dafault java.policy 文件.所以它必须从代码中修复.

to the local java.policy file fixes the problem. BUT thats not what i am looking for, the applet should run on an avarage machine, with dafault java.policy file. So it has to be fixed from within the code.

推荐答案

你是从 applet 主线程调用你的 WS，还是从使用 javascript 调用 applet 方法启动的线程调用你的 WS?

Do you call your WS from the applet main thread or from a thread initiated by a call to the applet's method using javascript?

见下面的例子.

希望有帮助.

public class MyApplet extends JApplet {

    @Override
    public void start() {
        // It will work if your applet is signed
        callWebService();
    }

    public void methodCalledFromJavascriptWrong() {
        // It will NOT work even if your applet is signed
        callWebService();

    }

    public void methodCalledFromJavascriptGood() {
        AccessController.doPrivileged(new PrivilegedAction() {

            public Object run() {
                // It will work if your applet is signed
                callWebService();
                return null;
            }

        });

    }

    private void callWebService() {
        //Here you call your web service
    }
}

这篇关于签名的 Java 小程序在连接到 Web 服务时引发安全异常的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！