Java jnlp 应用程序被安全设置阻止
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/20967995/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Java jnlp application blocked by Security settings
提问by ali kerim erkan
I have an enterprise java application that has plenty of jars that are downloaded to the client's jvm cache by a jnlp file. When I start the application I get the following stack trace on Java Console:
我有一个企业 Java 应用程序,其中包含大量 jars,这些 jars 文件通过 jnlp 文件下载到客户端的 jvm 缓存中。当我启动应用程序时,我在 Java 控制台上得到以下堆栈跟踪:
Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException
at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source)
at com.sun.deploy.ui.DialogTemplate.finalImageAvailable(Unknown Source)
at com.sun.deploy.ui.ImageLoader.run(Unknown Source)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access0(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
Exception in thread "AWT-EventQueue-1" java.lang.NullPointerException
at com.sun.deploy.ui.DialogTemplate.imageAvailable(Unknown Source)
at com.sun.deploy.ui.DialogTemplate.finalImageAvailable(Unknown Source)
at com.sun.deploy.ui.ImageLoader.run(Unknown Source)
at java.awt.event.InvocationEvent.dispatch(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access0(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.awt.EventQueue.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
#### Java Web Start Error:
#### The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel.
My JNLP File is like the following with some censored descriptions:
我的 JNLP 文件如下所示,但有一些经过的描述:
<?xml version="1.0" encoding="utf-8"?>
<jnlp spec="1.0+" codebase="http://10.100.10.9/ikarusdelhitest/" href="ikarus.jnlp">
<information>
<title>ikarus</title>
<vendor>my company</vendor>
<homepage href="http://www.mycompanyaddress.com" />
<description>My enterprise java ee swing application</description>
<icon href="ikarus.jpg" />
<offline-allowed />
</information>
<security>
<all-permissions />
</security>
<resources>
<jar href="jars/ikarus/ikarusClient.jar" />
<jar href="jars/ikarus/ikarusDelegators.jar" />
<jar href="jars/ikarus/clientRules.jar" />
<jar href="jars/ikarus/ruleImps.jar" />
<jar href="jars/ikarus/ikarusUtil.jar" />
<jar href="jars/ikarus/ikarusResources.jar" />
<jar href="jars/ikarus/domain.jar" />
<jar href="jars/ikarus/domain_repository.jar" />
<jar href="jars/ikarus/domain_service.jar" />
<jar href="jars/ikarus/app_repository.jar" />
<jar href="jars/ikarus/app_service.jar" />
<jar href="jars/ikarus/infrastructure.jar" />
<jar href="jars/ikarus/integration_domain.jar" />
<jar href="jars/jboss_ejb_auth/ejb3-persistence.jar" />
<jar href="jars/jboss_ejb_auth/jboss-ejb3x.jar" />
<jar href="jars/jboss_ejb_auth/jbossall-client.jar" />
<jar href="jars/jasper/commons-beanutils-1.8.0.jar" />
<jar href="jars/jasper/commons-collections-3.2.1.jar" />
<jar href="jars/jasper/commons-digester-1.7.jar" />
<jar href="jars/jasper/commons-logging-1.1.jar" />
<jar href="jars/jasper/iText-2.1.0.jar" />
<jar href="jars/jasper/jasperreports-3.6.0.jar" />
<jar href="jars/jasper/poi-3.2-FINAL-20081019.jar" />
<property name="jnlp.localization" value="Delhi"/>
</resources>
<application-desc main-class="com.celebi.ikarus.main.Ikarus" />
ALso note that I get some different exception details on the more information panel:
另请注意,我在更多信息面板上获得了一些不同的异常详细信息:
com.sun.deploy.security.BlockedException: The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel.
at com.sun.deploy.security.SandboxSecurity.showBlockedDialog(Unknown Source)
at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
at com.sun.javaws.security.AppPolicy.addPermissions(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.getTrustedCodeSources(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.access00(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at java.net.URLClassLoader.run(Unknown Source)
at java.net.URLClassLoader.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access0(Unknown Source)
at java.net.URLClassLoader.run(Unknown Source)
at java.net.URLClassLoader.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.SecurityException: Invalid Permissions value: all-permissions
at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source)
at com.sun.deploy.security.DeployManifestChecker.verify(Unknown Source)
... 39 more
I dont have any security restrictions for security on java control panel. It is at the medium level as follows: 
我对 Java 控制面板的安全性没有任何安全限制。它处于中等水平,如下所示:
Thanks for any help
谢谢你的帮助
New Edit: I got more explanatory stacktrace when I tried to run this jnlp from a jvm 1.6 machine as follows:
新编辑:当我尝试从 jvm 1.6 机器运行这个 jnlp 时,我得到了更多解释性的堆栈跟踪,如下所示:
java.lang.NoClassDefFoundError: javax/ejb/EJBAccessException
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Unknown Source)
at java.lang.Class.getMethod0(Unknown Source)
at java.lang.Class.getMethod(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.ClassNotFoundException: javax.ejb.EJBAccessException
at java.net.URLClassLoader.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at com.sun.jnlp.JNLPClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
回答by YanisTheYak
I had a very similar problem (Correctly signed JNLP application prevented from running in Java 7)
我有一个非常相似的问题(正确签名的 JNLP 应用程序被阻止在 Java 7 中运行)
I fixed it by ensuring
我通过确保修复它
- I compiled using 1.7
I updated my JNLP file to enforce 1.7
<resources>
<j2se version="1.7*" java-vm-args="-Xmx32m" max-heap-size="32m" href="http://java.sun.com/products/autodl/j2se"/>
- 我用 1.7 编译
我更新了我的 JNLP 文件以强制执行 1.7
<resources>
<j2se version="1.7*" java-vm-args="-Xmx32m" max-heap-size="32m" href="http://java.sun.com/products/autodl/j2se"/ >
回答by Hernán Eche
I recommend you to enable tracing and logging, see here how:
我建议您启用跟踪和日志记录,请在此处查看操作方法:
And then run the application from command line.
然后从命令行运行应用程序。
javaws -verbose AppName.jnlp
Then you could check for clues in log and trace files stored in this path
然后您可以检查存储在此路径中的日志和跟踪文件中的线索
\Documents and Settings\<USERNAME>\Application Data\Sun\Java\Deployment\log
img source:
图片来源:
http://www.cisco.com/c/en/us/support/docs/security/hostscan/117097-trouble-java7-00.html
http://www.cisco.com/c/en/us/support/docs/security/hostscan/117097-trouble-java7-00.html
回答by turbandroid
I fixed this by going into the Java Control Panel (Start Menu > All Programs > Java > Configure Java) and adding two URLs to the Security Edit Site List.
我通过进入 Java 控制面板(开始菜单 > 所有程序 > Java > 配置 Java)并将两个 URL 添加到安全编辑站点列表来解决此问题。
http://androidscreencast.googlecode.com
http://androidscreencast.googlecode.com
For Mac System Preferences > Java
对于 Mac 系统偏好设置 > Java
Where to add these sites
在哪里添加这些网站
Java Control Panel > Security Tab > Edit Site List > Add > Apply > Ok
Java 控制面板 > 安全选项卡 > 编辑站点列表 > 添加 > 应用 > 确定
回答by Stephen M -on strike-
We saw this problem with Java 1.8u60 caused by dead references to icons in the JNLP file. Previously the missing icons were ignored, but now we are seeing failures with the stack trace in the question. Removing the references to the icons fixed our problem.
我们在 Java 1.8u60 中看到了由对 JNLP 文件中图标的死引用引起的这个问题。以前丢失的图标被忽略,但现在我们看到问题中的堆栈跟踪失败。删除对图标的引用解决了我们的问题。
Here are the two references we removed:
以下是我们删除的两个引用:
<icon href="ORCL.jpg" kind="splash"/>
<icon href="ORCS.jpg" kind="default"/>
Hope that helps.
希望有帮助。
回答by MirlvsMaximvs
I tried to add the item file:/and worked.
我试图添加项目文件:/并工作。
回答by rinilnath
You can also try enabling the checkbox under Advanced tab of java (in controlpanel) and check mark the Always allow option under JNLP file section
您还可以尝试启用 Java 的高级选项卡(在控制面板中)下的复选框,并选中 JNLP 文件部分下的始终允许选项
回答by Micah Elliott
On an Arch Linuxsystem, I found the Java Control Panelto be accessible at /opt/java7/jre/bin/ControlPanel(a symlink to jcontrol). By running it, I was able to access the Securitytab, and then crank down the Security Level to Medium. Then I'm prompted about accepting a security warning upon starting something like /opt/java7/bin/javaws.
在Arch Linux系统上,我发现Java 控制面板可以通过/opt/java7/jre/bin/ControlPanel(指向 的符号链接jcontrol)访问。通过运行它,我能够访问Security选项卡,然后将 Security Level 降低到Medium。然后,在启动类似/opt/java7/bin/javaws.
