javaws 系统属性放宽或删除安全性? [英] javaws system property to relax or remove security?
问题描述
升级到 Java 7(Oracle/Sun JDK,而不是 OpenJDK)后,如果我尝试使用 javaws
在 Web Start 下测试我的应用程序,它会告诉我应用程序被安全设置阻止".我可以使用 Java 控制面板将安全性从高降低到中等以使其正常工作(它询问我是否要启动未签名的应用程序),但这也会降低我的 Web 浏览器的安全级别.是否有任何系统属性可以让我执行 javaws -J-Dkey=value
来让 javaws 的一个实例放松或忽略关于将启动的内容的安全性(但否则保持安全性不变)?
Having upgraded to Java 7 (Oracle/Sun JDK, not OpenJDK), if I try to test my app under Web Start with javaws
, it tells me "Application Blocked by Security Settings". I can use the Java control panel to reduce security from high to medium to get it to work (it asks me if I want to launch an unsigned app), but that also reduces the security level for my web browser. Is there any system property that'll let me do javaws -J-Dkey=value
to get that one instance of javaws to relax or ignore security with regards to what will launch (but otherwise keep security the same)?
编辑:如果有人能指出 javaws
的 Java 7 源代码在哪里,我很乐意通读代码以找到答案.
EDIT: If anyone could point me to where the Java 7 source code for javaws
is, I'd be happy to read through the code to find the answer.
EDIT 2:当我通过 Java 控制面板将 Java 安全性设置为中等时,使用 javaws
启动我的应用程序会导致它询问我是否要运行未签名的应用程序;这就是我想要复制的.控制面板通过将系统属性 deployment.security.level=MEDIUM
添加到文件 ~/.java/deployment/deployment.properties
来将安全设置为中.我尝试了两种方法来使用它:
EDIT 2: When I set Java security to medium through the Java control panel, launching my app with javaws
results in it asking me if I want to run an unsigned app; this is what I want to duplicate. The control panel sets security to medium via adding the system property deployment.security.level=MEDIUM
to the file ~/.java/deployment/deployment.properties
. I've tried two ways to use this:
1) 将 -J-Ddeployment.security.level=MEDIUM
传递给 javaws
.这会导致我的应用完全启动,而不会询问我是否要运行未签名的应用.
1) Pass -J-Ddeployment.security.level=MEDIUM
to javaws
. This results in my app fully launching without it asking me if I want to run an unsigned app.
2)通过-J-Ddeployment.system.config=~/.java/deployment/FOO.properties
,其中FOO.properties
是普通的拷贝deployment.properties
文件,手动添加 deployment.security.level=MEDIUM
.同样,这会导致我的应用完全启动,而不会询问我是否要运行未签名的应用.
2) Pass -J-Ddeployment.system.config=~/.java/deployment/FOO.properties
, where FOO.properties
is a copy of the normal deployment.properties
file, with deployment.security.level=MEDIUM
added manually. Again, this results in my app fully launching without it asking me if I want to run an unsigned app.
EDIT 3:请注意,我使用的是 Oracle/Sun JDK,而不是 OpenJDK.
EDIT 3: Note that I'm using Oracle/Sun JDK, not OpenJDK.
推荐答案
- 您是否尝试过创建自己的自定义
SecurityManager
? - 您是否尝试过使用
java.security.AllPermission
(只是为了测试这是否适合您)? - Have you tried creating your own custom
SecurityManager
? - Have you tried using
java.security.AllPermission
(just to test if this is a fix for you) ? - http://docs.oracle.com/javase/7/docs/api/java/lang/SecurityManager.html
- http://download.java.net/jdk8/docs/technotes/guides/security/permissions.html
- http://download.java.net/jdk8/docs/technotes/guides/security/spec/security-spec.doc.html
相关规格:
这可能与您非常相关:
回复:javaws,检查 javaws 本身的调用.我做了 cat/usr/bin/javaws
然后我们开始:
Re: javaws, check out the invocation of javaws itself. I did cat /usr/bin/javaws
and here we go:
#!/bin/bash
JAVA=/usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java
LAUNCHER_BOOTCLASSPATH="-Xbootclasspath/a:/usr/share/icedtea-web/netx.jar"
LAUNCHER_FLAGS=-Xms8m
CLASSNAME=net.sourceforge.jnlp.runtime.Boot
BINARY_LOCATION=/usr/bin/javaws
PROGRAM_NAME=javaws
CP=/usr/lib/jvm/java-6-openjdk-amd64/jre/lib/rt.jar
JAVA_ARGS=( )
ARGS=( )
COMMAND=()
i=0
j=0
while [ "$#" -gt "0" ]; do
case "$1" in
-J*)
JAVA_ARGS[$i]="${1##-J}"
i=$((i+1))
;;
*)
ARGS[$j]="$1"
j=$((j+1))
;;
esac
shift
done
k=0
COMMAND[k]="${JAVA}"
k=$((k+1))
COMMAND[k]="${LAUNCHER_BOOTCLASSPATH}"
k=$((k+1))
COMMAND[k]="${LAUNCHER_FLAGS}"
k=$((k+1))
i=0
while [ "$i" -lt "${#JAVA_ARGS[@]}" ]; do
COMMAND[k]="${JAVA_ARGS[$i]}"
i=$((i+1))
k=$((k+1))
done
COMMAND[k]="-classpath"
k=$((k+1))
COMMAND[k]="${CP}"
k=$((k+1))
COMMAND[k]="-Dicedtea-web.bin.name=${PROGRAM_NAME}"
k=$((k+1))
COMMAND[k]="-Dicedtea-web.bin.location=${BINARY_LOCATION}"
k=$((k+1))
COMMAND[k]="-Djava.security.manager"
k=$((k+1))
COMMAND[k]="-Djava.security.policy=/etc/icedtea-web/javaws.policy"
k=$((k+1))
COMMAND[k]="${CLASSNAME}"
k=$((k+1))
j=0
while [ "$j" -lt "${#ARGS[@]}" ]; do
COMMAND[k]="${ARGS[$j]}"
j=$((j+1))
k=$((k+1))
done
"${COMMAND[@]}"
exit $?
这篇关于javaws 系统属性放宽或删除安全性?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!