java.security.AccessControlException:访问被拒绝(“java.net.SocketPermission”“smtp.gmail.com”“解决”)
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/13793578/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
java.security.AccessControlException: access denied ("java.net.SocketPermission" "smtp.gmail.com" "resolve")
提问by Chayemor
I am using GlassFish Server 3.1 and the Java mail Api 1.4.5.
我使用的是 GlassFish Server 3.1 和 Java 邮件 Api 1.4.5。
Scenario: I have an applet, that when clicked it sends an email message.
场景:我有一个小程序,点击它会发送一封电子邮件。
Send the mail works perfectly on Netbeans AppletViewer, but it turns into hell when added to the browser and trying to send the email from there.
发送邮件在 Netbeans AppletViewer 上运行完美,但当添加到浏览器并尝试从那里发送电子邮件时,它变成了地狱。
I have read for hours, about policy files, signed/unsigned applets...etc.
我已经阅读了几个小时,关于策略文件、签名/未签名小程序......等。
I have tried using the signed applet (plenty of tutorials out there for signing it, was quite simple using the keytools from java). When I run it on the browser it asks for permission because it′s a self-signed certificate, I give it permission , but it still spits out the same exception.
我尝试过使用签名的小程序(有很多用于签名的教程,使用 java 中的 keytools 非常简单)。当我在浏览器上运行它时,它要求许可,因为它是自签名证书,我给了它许可,但它仍然吐出相同的异常。
I have also tried modifying java.poilcy file adding
我也尝试修改 java.policy 文件添加
permission java.net.SocketPermission "smtp.gmail.com:587", "listen,resolve";
权限 java.net.SocketPermission "smtp.gmail.com:587", "listen,resolve";
But nothing.
但没什么。
I know it′s that exception because I activaded the Java Console in the Java Control Panel. I really don′t know what else to do.
我知道这是个例外,因为我在 Java 控制面板中激活了 Java 控制台。我真的不知道还能做什么。
Here is the code that sends the email:
这是发送电子邮件的代码:
String host = "smtp.gmail.com";
String from = *****;
String pass = ******;
Properties props = new Properties();
props.put("mail.smtp.starttls.enable", "true");
props.put("mail.smtp.host", host);
props.put("mail.smtp.user", from);
props.put("mail.smtp.password", pass);
props.put("mail.smtp.port", "587");
props.put("mail.smtp.auth", "true");
Session session = Session.getDefaultInstance(props, null);
this.message = new MimeMessage(session);
message.setFrom(new InternetAddress(from));
InternetAddress toAddress = new InternetAddress(this.to);
this.message.addRecipient(Message.RecipientType.TO, toAddress);
this.message.setSubject(this.subject);
this.message.setText(this.body);
Transport transport = session.getTransport("smtp");
transport.connect(host, from, pass);
transport.sendMessage(this.message, this.message.getAllRecipients());
transport.close();
采纳答案by Chayemor
JApplet is in a "sandbox" on it's own, given different permissions than regular applications (applications are only executed when the users chooses directly to do so, hence, the user accepts the consequences). A JApplet executes when a browser downloads it, giving the user no option whatsoever, that′s why if you want to have your applet deployed and executed by others (when the applet accesses servers others than the one from which it is deployed) it must be signed (either a self-signed certificate or a certificate signed by an authorized organization, which usually implies paying some fees) so that the user can "Accept" the consequences of using said Applet, allowing it "out of the sandbox".
JApplet 本身就在一个“沙箱”中,被赋予与常规应用程序不同的权限(应用程序仅在用户直接选择这样做时才执行,因此,用户接受后果)。JApplet 在浏览器下载时执行,给用户任何选择,这就是为什么如果你想让你的小程序被其他人部署和执行(当小程序访问其他服务器而不是部署它的服务器时)它必须签名(自签名证书或由授权组织签署的证书,通常意味着支付一些费用),以便用户可以“接受”使用所述 Applet 的后果,允许其“脱离沙箱”。
For some reason, signing it with a self-cert using keytolls and jarsigner did not work for me whatsoever. Even though when I accessed the webpage and the browser warned me about executing the applet (giving me the option to not execute it) and I accepted said warning, it seemed the JApplet was not getting it′s permissions.
出于某种原因,使用 keytolls 和 jarsigner 使用自证书对其进行签名对我来说无论如何都不起作用。即使当我访问网页并且浏览器警告我关于执行小程序(给我不执行它的选项)并且我接受了所述警告时,JApplet 似乎没有获得它的权限。
My boyfriend suggested moving the email class out of the "sandbox". He solved it(bless him!), moving the emailClass (the one which uses the java mail api) to the server gave no problems whatsoever. Using the Front Controller Command for Client-Server Arquitecture, all I had to do was implement my Controller class with the code that I posted at the beginning of the question, and send from my applet (when the button was clicked) an http-request with the toEmailAddress, subject, and body to my servlet.
我的男朋友建议将电子邮件类移出“沙盒”。他解决了它(祝福他!),将 emailClass(使用 java 邮件 API 的那个)移动到服务器上没有任何问题。使用客户端-服务器架构的前端控制器命令,我所要做的就是使用我在问题开头发布的代码实现我的控制器类,并从我的小程序(当单击按钮时)发送一个 http 请求将 toEmailAddress、主题和正文添加到我的 servlet。
Works perfect.
工作完美。
回答by user207421
You must sign the applet so it can connect to a host other than the one it was loaded from, and either you must use a non-self-signed-certificate or the user must accept the certificate when prompted.
您必须对小程序进行签名,以便它可以连接到加载它的主机以外的主机,并且您必须使用非自签名证书,或者用户必须在出现提示时接受该证书。
回答by Daniel De León
Distribute you program with JNLP with signature, is easy and solve this kind of situations.
用带有签名的 JNLP 分发你的程序,很容易解决这种情况。
Check tutorials about JNLP of your IDE and read this for more info: http://docs.oracle.com/javase/6/docs/technotes/guides/jweb/deployment_advice.html
检查有关您的 IDE 的 JNLP 的教程并阅读此内容以获取更多信息:http: //docs.oracle.com/javase/6/docs/technotes/guides/jweb/deployment_advice.html
回答by paulsm4
Several things to look at:
要看几个方面:
1) double check and make sure your applet signing is correct:
1) 仔细检查并确保您的小程序签名正确:
2) Look at crossdomain.xml:
2)查看crossdomain.xml:
3) Look at applet.policy
3)查看applet.policy
