java 我将如何使用 Maven 安装 JCE Unlimited Strength Policy 文件?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/3425766/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How would I use Maven to install the JCE Unlimited Strength Policy files?
提问by Jeff Martin
Some code I have requires the JCE unlimited Strength Policy Files. I'd like to add this dependency into the Maven Pom file so the other developers on my team don't have to individually each apply this to their systems.
我的一些代码需要 JCE 无限强度策略文件。我想将此依赖项添加到 Maven Pom 文件中,以便我团队中的其他开发人员不必单独将其应用到他们的系统中。
I realize that the systems this is eventually deployed to will need to have the JCE files manually installed. This is a development solution only.
我意识到最终部署到的系统需要手动安装 JCE 文件。这只是一个开发解决方案。
I was thinking that we would add the policy files to our repository and maven would be able to handle installation, but I am surprised that I can't find anyone else doing this (and blogging about it.).
我想我们会将策略文件添加到我们的存储库中,maven 将能够处理安装,但我很惊讶我找不到其他人这样做(并在博客上写)。
采纳答案by Pascal Thivent
You could maybe try this:
你也许可以试试这个:
- Bundle (
zip?) the JCE unlimited strength policy files. - Install them to your corporate repository as a
zipdependency. - Use the
dependency:unpackgoal to unpack the created dependency to${java.home}/jre/lib/securityas part of your build, e.g. duringinitialize(see Unpacking specific artifacts).
- 捆绑 (
zip?) JCE 无限强度策略文件。 - 将它们作为
zip依赖项安装到您的公司存储库中。 - 使用
dependency:unpack目标将创建的依赖项解包${java.home}/jre/lib/security为构建的一部分,例如在期间initialize(请参阅解包特定工件)。
回答by Bart Prokop
I've found that answer, when googling for Maven dependencies for policy JARs and realized that it's JRE installation specific, thus fixing this as part of Maven build will work only for developers and only when you have rights to /jre/lib/security folder. For me the following code hack works much better (invoke this as one of the very first things your application does):
我找到了这个答案,当在谷歌上搜索策略 JAR 的 Maven 依赖项并意识到它是特定于 JRE 安装时,因此将此作为 Maven 构建的一部分修复将仅适用于开发人员并且仅当您有权访问 /jre/lib/security 文件夹时. 对我来说,以下代码 hack 效果更好(将其作为应用程序执行的第一件事之一来调用):
try {
Field field = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
field.setAccessible(true);
field.set(null, java.lang.Boolean.FALSE);
} catch (ClassNotFoundException | NoSuchFieldException | SecurityException | IllegalArgumentException | IllegalAccessException ex) {
ex.printStackTrace(System.err);
}
回答by Andrii Karaivanskyi
Java 8 security hack
Java 8 安全黑客
// hack for JCE Unlimited Strength
Field field = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
field.setAccessible(true);
Field modifiersField = Field.class.getDeclaredField("modifiers");
modifiersField.setAccessible(true);
modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL);
field.set(null, false);
