如何禁用Java安全管理器？ [英] How to disable Java security manager?

问题描述

有没有办法完全禁用Java安全管理器？

Is there any way to completely disable Java security manager?

我正在试验db4o的源代码。它使用反射来持久化对象，似乎安全管理器不允许反射来读写私有字段或受保护字段。

I'm experimenting with source code of db4o. It uses reflection to persist objects and it seems that security manager doesn't allow reflection to read and write private or protected fields.

我的代码：

public static void main(String[] args) throws IOException {
    System.out.println("start");
    new File( DB_FILE_NAME ).delete();
    ObjectContainer container = Db4o.openFile( DB_FILE_NAME );
    String ob = new String( "test" );
    container.store( ob );
    ObjectSet result = container.queryByExample( String.class );
    System.out.println( "retrieved (" + result.size() + "):" );
    while( result.hasNext() ) {
        System.out.println( result.next() );
    }
    container.close();
    System.out.println("finish");
}

输出：

start
[db4o 7.4.68.12069   2009-04-18 00:21:30] 
 AccessibleObject#setAccessible() is not available. Private fields can not be stored.
retrieved (0):
finish

这个主题建议修改java.policy文件以允许反射，但它似乎不起作用对我来说。

This thread suggests modifying java.policy file to allow reflection but it doesn't seem to work for me.

我正在使用参数启动JVM

-Djava.security.manager -Djava.security.policy == / home / pablo / .java.policy

所以指定的策略文件将是唯一使用的策略文件

I'm starting JVM with arguments
-Djava.security.manager -Djava.security.policy==/home/pablo/.java.policy
so specified policy file will be the only policy file used

文件如下所示：

grant {
    permission java.security.AllPermission;
    permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};

我花了最近3个小时的时间，并且没有任何想法如何使这项工作。
任何帮助表示赞赏。

I spent last 3 hrs on this and don't have any ideas how to make this work. Any help appreciated.

推荐答案

您可以尝试将其添加到程序的main（）中：

You could try adding this to the main() of your program:

System.setSecurityManager(null);

当我遇到安全管理器问题时，我为受信任的WebStart应用程序工作了。不确定它是否适用于您的db4o案例，但可能值得一试。

Worked for me for a "trusted" WebStart application when I was having security manager issues. Not sure if it will work for your db4o case, but it might be worth a try.

编辑：我不是说这是安全管理器的通用解决方案问题。我只是提出它作为一种帮助调试原始海报问题的方法。显然，如果您想从安全管理器中受益，那么您不应该禁用它。

I'm not suggesting that this is a general solution to security manager problems. I was just proposing it as a way to help debug the original poster's problem. Clearly, if you want to benefit from a security manager then you should not disable it.

这篇关于如何禁用Java安全管理器？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！