如何禁用 Java 安全管理器? [英] How to disable Java security manager?
问题描述
有什么办法可以完全禁用 Java 安全管理器?
我正在试验 db4o 的源代码.它使用反射来持久化对象,似乎安全管理器不允许反射读取和写入私有或受保护的字段.
我的代码:
public static void main(String[] args) 抛出 IOException {System.out.println("开始");新文件(DB_FILE_NAME).删除();ObjectContainer 容器 = Db4o.openFile( DB_FILE_NAME);String ob = new String("测试");容器.store( ob );ObjectSet 结果 = container.queryByExample( String.class );System.out.println("检索到(" + result.size() + "):" );而(结果.hasNext()){System.out.println( result.next() );}容器关闭();System.out.println("完成");}输出:
<前>开始[db4o 7.4.68.12069 2009-04-18 00:21:30]AccessibleObject#setAccessible() 不可用.不能存储私有字段.检索(0):结束
这个线程 建议修改 java.policy 文件以允许反射但它似乎对我不起作用.
我正在用参数启动 JVM-Djava.security.manager -Djava.security.policy==/home/pablo/.java.policy
所以指定的策略文件将是唯一使用的策略文件
文件如下所示:
<前>授予 {权限 java.security.AllPermission;权限 java.lang.reflect.ReflectPermission "suppressAccessChecks";};我在这上面花了 3 个小时,但不知道如何进行这项工作.任何帮助表示赞赏.
您可以尝试将其添加到程序的 main() 中:
System.setSecurityManager(null);当我遇到安全管理器问题时,我为受信任的"WebStart 应用程序工作.不确定它是否适用于您的 db4o 案例,但可能值得一试.
我并不是说这是安全管理器问题的通用解决方案.我只是提出它作为帮助调试原始海报问题的一种方式.显然,如果您想从安全管理器中受益,则不应禁用它.
Is there any way to completely disable Java security manager?
I'm experimenting with source code of db4o. It uses reflection to persist objects and it seems that security manager doesn't allow reflection to read and write private or protected fields.
My code:
public static void main(String[] args) throws IOException {
System.out.println("start");
new File( DB_FILE_NAME ).delete();
ObjectContainer container = Db4o.openFile( DB_FILE_NAME );
String ob = new String( "test" );
container.store( ob );
ObjectSet result = container.queryByExample( String.class );
System.out.println( "retrieved (" + result.size() + "):" );
while( result.hasNext() ) {
System.out.println( result.next() );
}
container.close();
System.out.println("finish");
}
Output:
start [db4o 7.4.68.12069 2009-04-18 00:21:30] AccessibleObject#setAccessible() is not available. Private fields can not be stored. retrieved (0): finish
This thread suggests modifying java.policy file to allow reflection but it doesn't seem to work for me.
I'm starting JVM with arguments
-Djava.security.manager -Djava.security.policy==/home/pablo/.java.policy
so specified policy file will be the only policy file used
The file looks like this:
grant {
permission java.security.AllPermission;
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};
I spent last 3 hrs on this and don't have any ideas how to make this work. Any help appreciated.
You could try adding this to the main() of your program:
System.setSecurityManager(null);
Worked for me for a "trusted" WebStart application when I was having security manager issues. Not sure if it will work for your db4o case, but it might be worth a try.
EDIT: I'm not suggesting that this is a general solution to security manager problems. I was just proposing it as a way to help debug the original poster's problem. Clearly, if you want to benefit from a security manager then you should not disable it.
这篇关于如何禁用 Java 安全管理器?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
