java - 如何解决java.security.AccessControlException

Question

我需要有关 java.security.AccessControlException 的建议，这是在执行以下代码时得到的。 (我在这里咨询过类似的问题，但没有成功使其发挥作用)

这是我的服务器代码:

 public class GetPageInfos extends UnicastRemoteObject  implements RemoteGetInfo{

    private static final String url="http://www.lemonde.fr/";
public class GetPageInfos extends UnicastRemoteObject  implements RemoteGetInfo{
    private static final String url="http://www.lemonde.fr/";

    public GetPageInfos() throws RemoteException{           
    }

    public String getSiteInfos() throws RemoteException {
         Document doc;
            try {                   
                 doc = Jsoup.connect(url).get();
                 String title = doc.title();  
                 return "title is "+title;                                       
            } catch (IOException e) {
                System.out.println("Faild! "+e.getMessage());
                return "not found";
            }  

    }

    public static void main(String[] args){
         try {

            GetPageInfos infos= new GetPageInfos();
            //System.setProperty("java.rmi.server.hostname","5lq04x1.gemalto.com");
            Naming.rebind("RemoteGetInfo", infos);
             /*GetPageInfos obj=new GetPageInfos(); 
             RemoteGetInfo stub = (RemoteGetInfo) UnicastRemoteObject.exportObject(obj, 0);
             Registry registry = LocateRegistry.getRegistry();
             registry.bind("RemoteGetInfo", stub);
             */
             System.out.println("server ready");

        } catch (RemoteException e) {
              System.out.println("GetPageInfos "+e.getMessage());
        }
        catch (MalformedURLException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }   
    }
}

这是我的客户端代码:

//RMI Client
public class PrintSiteInfos {

    public static void main(String arg[]) 
    { 

        System.setSecurityManager(new RMISecurityManager());

             try 
                { 

                   /*String host=null;
                   Registry registry = LocateRegistry.getRegistry(host);
                   RemoteGetInfo stub = (RemoteGetInfo) registry.lookup("RemoteGetInfo");
                   String response = stub.getSiteInfos();
                   System.out.println(response); */
                 RemoteGetInfo obj = (RemoteGetInfo) Naming.lookup( "RemoteGetInfo");        
                 System.out.println(obj.getSiteInfos()); 
                } 
                catch (Exception e) 
                { 
                   System.out.println("PrintSiteInfos exception: " + e.getMessage()); 
                   e.printStackTrace(); 
                }  
    }   
}

所以我得到

exception: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")

我发现我必须传递一个策略文件，如下所示:

grant { 
  permission java.security.AllPermission;}; 

但是怎么办呢？还有什么建议吗？

Answer 1

您可以仅授予套接字权限，而不是所有权限(这可能存在安全风险)。因此类似:

grant {
    permission java.net.SocketPermission "127.0.0.1:1099", "connect, resolve";
};

有两种方法:

1) 作为命令行参数

java -Djava.security.policy=mypolicyfile PrintSiteInfo

2)在JRE环境中:

在JRE_HOME/lib/security/java.policy文件中添加权限