Java 8中的新java.security.AccessControlException [英] New java.security.AccessControlException in Java 8
问题描述
以前工作的网络代码在完全沙盒化的Java 小程序
中抛出 java.security.AccessControlException
。
无法获取套接字2255:java.security.AccessControlException:access denied(java.net.SocketPermission50.31 .1.13:2255连接,解决)
Oracle改变了什么 - 新的安全箍必须具备什么跳到
保持套接字工作?
这在Java 1.7.0_55和所有以前版本的java中都有效。
这确实发生了变化......来自文档
http://docs.oracle.com/javase/8/docs/technotes/guides/jweb/enhancements-8 .html
对于沙盒RIA,
URLPermission
现在用于允许连接回到他们所服务的服务器开始了。根据代码源的协议,主机和端口授予URLPermissions
。此更改具有以下含义:
- 对于沙箱RIA,
SocketPermissions
的原点主机不再被授予。从JavaScript代码到RIA的调用未被授予从JDK 8开始的SocketPermissions
。
...
换句话说,你不能创建一个新的<$ c沙盒中的$ c> Socket 了。您只能使用与完全相同的主机相同端口和相同协议作为代码库创建 URL
然后是沙盒小程序。
除非Oracle改变主意,否则沙盒小程序无法解决这个问题(否则会导致整个安全概念被破坏)。 / p>
Previously working network code is throwing java.security.AccessControlException
in a fully sandboxed Java applet
.
Can't get socket 2255: java.security.AccessControlException: access denied ("java.net.SocketPermission" "50.31.1.13:2255" "connect,resolve")
What has Oracle changed - what new security hoop must be jumped to keep sockets to working?
This worked/works in Java 1.7.0_55 and all previous versions of java.
This has indeed changed… From the documentation
http://docs.oracle.com/javase/8/docs/technotes/guides/jweb/enhancements-8.html
For sandbox RIAs,
URLPermission
is now used to allow connections back to the server from which they were started.URLPermissions
is granted based on protocol, host and port of the code source. This change has the following implications:
- For sandbox RIAs,
SocketPermissions
for the origin host is no longer granted. Calls from JavaScript code to the RIA are not grantedSocketPermissions
beginning with JDK 8.…
In other words, you cannot create a new Socket
in a sandbox anymore. You can only create a URL
using the same host, same port, and same protocol as the codebase from a fully sandboxed applet then.
Unless Oracle changes its mind, there is no way for a sandboxed applet to get around this (otherwise it would render the entire security concept broken).
这篇关于Java 8中的新java.security.AccessControlException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!