I have a Java applet that is trying to read the http.strictPostRedirectSystem Property.

我有一个试图读取http.strictPostRedirectSystem Property的 Java 小程序。

The code is not mine (it's Java's; so i cannot change it). But you can find the code online:

代码不是我的（它是 Java 的；所以我不能改变它）。但是你可以在网上找到代码：

HttpURLConnection.java:

HttpURLConnection.java：

if (method.equals("POST") && !Boolean.getBoolean("http.strictPostRedirect") && (stat!=307)) 
{
   /* The HTTP/1.1 spec says that a redirect from a POST 
    * *should not* be immediately turned into a GET, and
    * that some HTTP/1.0 clients incorrectly did this.
    * Correct behavior redirects a POST to another POST.
    * Unfortunately, since most browsers have this incorrect
    * behavior, the web works this way now.  Typical usage
    * seems to be:
    *   POST a login code or passwd to a web page.
    *   after validation, the server redirects to another
    *     (welcome) page
    *   The second request is (erroneously) expected to be GET
    * 
    * We will do the incorrect thing (POST-->GET) by default.
    * We will provide the capability to do the "right" thing
    * (POST-->POST) by a system property, "http.strictPostRedirect=true"
    */
    ...
}

The basic failure comes from calling:

基本的失败来自于调用：

Boolean.getBoolean("http.strictPostRedirect")

Which has caused a lot of people grief. Apparently i'm not allowedto read the http.strictPostRedirectSystem Property. Trying to readit throws an AccessControlException:

这引起了很多人的悲痛。显然我不允许阅读http.strictPostRedirect系统属性。尝试读取它会引发AccessControlException：

java.security.AccessControlException: access denied (java.util.PropertyPermission http.strictPostRedirect read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.lang.Boolean.getBoolean(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.followRedirect(Unknown Source)

So, if i don't have permission to readpermission to a System Property:

因此，如果我无权读取系统属性的权限：

How do i get read permission to a system property?

如何获得系统属性的读取权限？

There obviously must be a setting that givesme permission to read a system property, otherwise Sun wouldn't have code that transparently tries to access it.

显然必须有一个设置允许我读取系统属性，否则 Sun 不会有透明地尝试访问它的代码。

Is it a machine world-wide setting? Is it a domain-wide setting? Is it a machine-wide setting? Is it a per-user setting? Is it a per-applet setting? Is it a per-invocation setting? Is it a setting tied to a particular version of the Java Runtime Engine?

它是机器全球设置吗？它是域范围的设置吗？它是机器范围的设置吗？它是每个用户的设置吗？它是每个小程序的设置吗？它是按调用设置吗？它是与特定版本的Java 运行时引擎相关的设置吗？

tl;dr: How make not crash?

tl;dr：如何不崩溃？

Reading system properties

读取系统属性

Java does have a list of system propertiesthan at applet cannot read:

Java 确实有一个系统属性列表，而不是 applet 无法读取：

• java.class.path
• java.home
• user.dir
• user.home
• user.name

• java.class.path
• java.home
• user.dir
• user.home
• user.name

My system property, http.strictPostRedirect, is not on that list. So why can't i read it?

我的系统属性,http.strictPostRedirect不在该列表中。那为什么我读不出来呢？

See also

也可以看看

• HttpURLConnection.java
• HttpURLConnection redirects my POST request into a GET
• PropertyPermission exception thrown when posting to Serlvet
• Access Denied Error
• java.security.AccessControlException
• How to sign a java applet and setting permissions to read system properties such as the logged on user of a client
• how to provide access permission for applet to write on file system
• Using Java SecurityManager to grant/deny access to system functions
• Oracle.com - What Applets Can and Cannot Do

• HttpURLConnection.java
• HttpURLConnection 将我的 POST 请求重定向到 GET
• 发布到 Serlvet 时抛出 PropertyPermission 异常
• 访问被拒绝错误
• java.security.AccessControlException
• 如何签署 Java 小程序并设置读取系统属性（例如客户端的登录用户）的权限
• 如何为小程序提供在文件系统上写入的访问权限
• 使用 Java SecurityManager 授予/拒绝访问系统功能
• Oracle.com - Applet 能做什么和不能做什么