Java RMI AccessControlException:访问被拒绝
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2427473/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Java RMI AccessControlException: access denied
提问by Gwilym
Hey I'm getting a AccessControlException: access deniedwhen attempting to start up a RMI app I'm writing, I can't work out why I get this exception if I open it on the default port 1099, or on another dynamic port, my policy file currently grants everything (will change when app is finished).
嘿,我AccessControlException: access denied在尝试启动我正在编写的 RMI 应用程序时遇到了一个问题,如果我在默认端口 1099 或另一个动态端口上打开它,我无法弄清楚为什么会出现此异常,我的策略文件当前授予一切(应用程序完成后会改变)。
I am stuck as to where it is going wrong, any help would be of great use
我被困在哪里出了问题,任何帮助都会很有用
My code
我的代码
public class Main {
/**
* @param args the command line arguments
*/
public static void main(String[] args) throws RemoteException, AlreadyBoundException, MalformedURLException {
if (System.getSecurityManager() == null)
{
System.setSecurityManager ( new RMISecurityManager() );
}
CreditCardServer ccs = new CreditCardServer();
int port = 1099;
try {
port = Integer.valueOf(args[0]);
}
catch (Exception e)
{
System.out.println("Invlaid Port");
}
if (((port <= 65535) && (port >= 49152)) || port ==1099)
{
System.out.println("Valid Port");
}
else
{
port = 1099;
System.out.println("Port not in Dynamic Range 49152<-->65535");
}
System.out.println(port);
LocateRegistry.createRegistry(port);
LocateRegistry.getRegistry().bind("CreditCardServer", ccs);
while (true)
{
//hum?
}
}
}
}
The Stack Trace
堆栈跟踪
vega3 [ia32.linux] 23% java -Djava.security.policy=wideopen.policy -jar "BookStore-CreditCardServer.jar 65000"
Valid Port
有效端口
65000
65000
Exception in thread "main" java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
at java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
at java.net.Socket.connect(Socket.java:536)
at java.net.Socket.connect(Socket.java:492)
at java.net.Socket.<init>(Socket.java:389)
at java.net.Socket.<init>(Socket.java:203)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:146)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:340)
at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
at bookstorecreditcardserver.Main.main(Main.java:56)
My Policy File
我的政策文件
grant {
// Allow everything for now
permission java.security.AllPermission;
};
采纳答案by Gwilym
Basically, I'm stupid, i assumed that because Java was not complaining it was finding the .policy file AOK, turns out it was not moving a new copy of the.policy file into the working directory solves all :-D
基本上,我很愚蠢,我认为因为 Java 没有抱怨它找到了 .policy 文件 AOK,结果它没有将 .policy 文件的新副本移动到工作目录中解决了所有问题:-D
回答by Dining Philosopher
I've been stuck on this all day (after figuring out I had to start the rmiregistry from the commandline), trying to make this work locally with Eclipse, and finally solved it. A few pointers to save others this cruel fate:
我一整天都被困在这个问题上(在弄清楚我必须从命令行启动 rmiregistry 之后),试图用 Eclipse 在本地完成这项工作,最后解决了它。拯救他人这个残酷命运的几点建议:
1 - assign the policy file correctly, either with a commandline flag:
1 - 使用命令行标志正确分配策略文件:
java -Djava.security.policy=/home/.../<filename>.policy ...
or by putting this directly in your code:
或者直接把它放在你的代码中:
System.setProperty("java.security.policy","file:///home/.../<filename>.policy");
You can also put it in the same folder as your project root), to reduce the URI to
您也可以将其放在与您的项目根目录相同的文件夹中),以将 URI 减少为
file:./<filename>.policy
(use a relative instead of absolute URI - I actually didn't understand this until today).
(使用相对而不是绝对 URI - 我实际上直到今天才理解这一点)。
2 - make sure the format of the policy file is correct, e.g.:
2 - 确保策略文件的格式正确,例如:
grant codeBase "file:<path>/bin/-" {
permission java.security.AllPermission;
};
This should refer to the folder where your binary is located! A thorough explanation of the format of the policy file is here.
这应该是指您的二进制文件所在的文件夹!策略文件格式的详尽解释在此处。
That's about it, I'd also recommend this tutorial, I found it very helpful to get on the right track.
就是这样,我还推荐本教程,我发现它对走上正轨非常有帮助。
回答by Peter Kaminski
I found most of the answers on this topic vague and unhelpful, and spent several hours debugging this. More than likely, your error is because the policy file is either incorrectly formatted or you're not correctly setting it as a command line argument.
我发现有关此主题的大多数答案都含糊不清且无济于事,并花了几个小时对此进行调试。您的错误很可能是因为策略文件的格式不正确,或者您没有将其正确设置为命令行参数。
If you're getting a java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")
如果你得到一个 java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")
- Create a security policy file with all permissions, just to test it out
- 创建一个具有所有权限的安全策略文件,只是为了测试一下
grant codeBase "file:/-" {
permission java.security.AllPermission;
};
grant codeBase "file:/-" {
permission java.security.AllPermission;
};
Use this security file for both the client and the server, just to get it running.
Make sure you don't have any typos. I spent hours trying to figure out why it wasn't working, and i had typed -Djava.rmi.security.policy instead of -Djava.security.policy=...
将此安全文件用于客户端和服务器,只是为了让它运行。
确保你没有任何错别字。我花了几个小时试图弄清楚为什么它不起作用,我输入了 -Djava.rmi.security.policy 而不是-Djava.security.policy=...
For those of us that just want to get the RMI tutorial from Oracle up and running, this security policy will be more than enough for that example.
对于我们这些只想从 Oracle 获取并运行 RMI 教程的人来说,此安全策略对于该示例来说绰绰有余。
