但是在执行相同操作时,我收到“XStream 的安全框架未初始化,XStream 可能容易受到攻击”。下面是代码片段
package com.jmeter.runner;
import java.io.FileInputStream;
import org.apache.jmeter.engine.StandardJMeterEngine;
import org.apache.jmeter.save.SaveService;
import org.apache.jmeter.util.JMeterUtils;
import org.apache.jorphan.collections.HashTree;
import com.thoughtworks.xstream.XStream;
public class JMeterFromExistingJMX {
public static void main(String[] argv) throws Exception {
Class<?>[] classes = new Class[] { JMeterFromExistingJMX.class };
XStream xStream = new XStream();
XStream.setupDefaultSecurity(xStream);
xStream.allowTypes(classes);
// JMeter Engine
StandardJMeterEngine jmeter = new StandardJMeterEngine();
// Initialize Properties, logging, locale, etc.
JMeterUtils.loadJMeterProperties("F:/Required_Setup_Softwares/apache-jmeter-3.3/bin/jmeter.properties");
JMeterUtils.setJMeterHome("F:/Required_Setup_Softwares/apache-jmeter-3.3");
JMeterUtils.initLogging();// you can comment this line out to see extra log messages of i.e. DEBUG level
JMeterUtils.initLocale();
// Initialize JMeter SaveService
SaveService.loadProperties();
// Load existing .jmx Test Plan
FileInputStream in = new FileInputStream("F:/Required_Setup_Softwares/apache-jmeter-3.3/bin/test.jmx");
HashTree testPlanTree = SaveService.loadTree(in);
in.close();
// Run JMeter Test
jmeter.configure(testPlanTree);
jmeter.run();
}
}
运行时我收到如下 Xstream 安全错误
Security framework of XStream not initialized, XStream is probably vulnerable.
Exception in thread "main" java.lang.NullPointerException
at org.apache.jmeter.engine.StandardJMeterEngine.configure(StandardJMeterEngine.java:176)
at com.jmeter.runner.JMeterFromExistingJMX.main(JMeterFromExistingJMX.java:46)
jmeter.configure(testPlanTree);此行导致问题的原因是其内部使用 Xstream。所以我尝试了下面的代码来克服,但它不起作用。
Class<?>[] classes = new Class[] { JMeterFromExistingJMX.class };
XStream xStream = new XStream();
XStream.setupDefaultSecurity(xStream);
xStream.allowTypes(classes);
请帮我做同样的事情。我也尝试了下面的代码,但它也不起作用
XStream xstream = new XStream();
// clear out existing permissions and set own ones
xstream.addPermission(NoTypePermission.NONE);
// allow some basics
xstream.addPermission(NullPermission.NULL);
xstream.addPermission(PrimitiveTypePermission.PRIMITIVES);
xstream.allowTypeHierarchy(Collection.class);
// allow any type from the same package
xstream.allowTypesByWildcard(new String[] {
"com.your.package.**"
});
最佳答案
我无法重现您的问题,但是您的代码看起来有点不稳定:
- 查看
F:/Required_Setup_Softwares/apache-jmeter-3.3看来您正在使用 JMeter 3.3 - 调查SaveService.loadTree()根据 JMeter 3.3 的功能,它需要 File ,而不是 FileInputStream
因此我建议执行以下故障排除步骤:
- 确保您有 JMeter 3.3 libraries在您的项目依赖项中
确保删除以下代码:
// Load existing .jmx Test Plan FileInputStream in = new FileInputStream("F:/Required_Setup_Softwares/apache-jmeter-3.3/bin/test.jmx"); HashTree testPlanTree = SaveService.loadTree(in); in.close();并将其替换为以下行:
HashTree testPlanTree = SaveService.loadTree(new File("F:/Required_Setup_Softwares/apache-jmeter-3.3/bin/test.jmx"));对您的项目执行干净的构建 - 问题应该会消失。
关于java - 通过java代码调用JMETER并运行JMX测试文件导致Xstream安全异常,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47937641/