GWT - java.security.AccessControlException:ubuntu/tomca6 部署中序列化程序的访问被拒绝
我正在尝试将我的 gwt 应用程序部署到 ubuntu 9.10 下的 tomcat6 并获取 (我想你们很多人都知道) “java.security.AccessControlException:访问被拒绝”错误(完整 异常可以在最后找到)。我在网上搜索了一下,发现Java默认的安全性 权限阻止序列化器访问我的类 私人成员(他们确实有吸气剂和吸气剂),我应该 使用位于 /etc/tomcat6/policy.d/60gwt.policy 的文件添加到 tomcat 策略 下列: 授予代码库“文件:/var/lib/tomcat6/webapps/-”{ 权限 java.security.AllPermission; 尽管
我已经这样做了(并且我理解其含义),但我仍然 无论我重新启动服务器多少次,都会出现相同的错误。这 下一步可能是禁用 tomcats 安全管理器 完全,但这个应用程序最终将投入生产和识别 想知道这里发生了什么事。另外,我宁愿不做任何 成员变量公共... 有什么想法吗? 欢呼
严重:分派传入 RPC 调用时出现异常 java.security.AccessControlException:访问被拒绝 (java.lang.reflect.ReflectPermission 抑制AccessChecks) 在 java.security.AccessControlContext.checkPermission (AccessControlContext.java:323) 在 java.security.AccessController.checkPermission (AccessController.java:546) 在 java.lang.SecurityManager.checkPermission(SecurityManager.java: 第532章) 在 java.lang.reflect.AccessibleObject.setAccessible (AccessibleObject.java:107) 在 com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeClass (服务器序列化流写入器.java:694) 在 com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeImpl (服务器序列化流写入器.java:730) 在 com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeClass (服务器序列化流写入器.java:712) 在 com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeImpl (服务器序列化流写入器.java:730) 在 com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali ze (服务器序列化流写入器.java:612) 在 com.google.gwt.user.client.rpc.impl.AbstractSerializationStreamWriter.write 对象 (AbstractSerializationStreamWriter.java:129) 在 com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter $ValueWriter$8.write(ServerSerializationStreamWriter.java:152) 在 com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeValue (服务器序列化流写入器.java:534) 在 com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:609) 在 com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure (RPC.java:383) 在 com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse (RPC.java:581) 在 com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall (RemoteServiceServlet.java:188) 在 com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost (RemoteServiceServlet.java:224) 在 com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost (AbstractRemoteServiceServlet.java:62) 在 javax.servlet.http.HttpServlet.service(HttpServlet.java:637) 在 javax.servlet.http.HttpServlet.service(HttpServlet.java:717) 在 sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法) 在 sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:39) 在 sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:25) 在 java.lang.reflect.Method.invoke(Method.java:597) 在 org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java: 269) 在 java.security.AccessController.doPrivileged(本机方法) 在 javax.security.auth.Subject.doAsPrivileged(Subject.java:517) 在 org.apache.catalina.security.SecurityUtil.execute (SecurityUtil.java:301) 在 org.apache.catalina.security.SecurityUtil.doAsPrivilege (SecurityUtil.java:162) 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter (应用程序过滤链.java:283) 在 org.apache.catalina.core.ApplicationFilterChain.access$000 (应用程序过滤链.java:56) 在 org.apache.catalina.core.ApplicationFilterChain$1.run (应用程序过滤链.java:189) 在 java.security.AccessController.doPrivileged(本机方法) 在 org.apache.catalina.core.ApplicationFilterChain.doFilter (应用程序过滤链.java:185) 在 org.apache.catalina.core.StandardWrapperValve.invoke (StandardWrapperValve.java:233) 在 org.apache.catalina.core.StandardContextValve.invoke (StandardContextValve.java:191) 在 org.apache.catalina.core.StandardHostValve.invoke (StandardHostValve.java:128) 在 org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102) 在 org.apache.catalina.core.StandardEngineValve.invoke (StandardEngineValve.java:109) 在 org.apache.catalina.connector.CoyoteAdapter.service (CoyoteAdapter.java:293) 在 org.apache.coyote.http11.Http11Processor.process (Http11Processor.java:849) 在 org.apache.coyote.http11.Http11Protocol $Http11ConnectionHandler.process(Http11Protocol.java:583) 在 org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java: 第454章) 在 java.lang.Thread.run(Thread.java:619)
I am trying to deploy my gwt app to tomcat6 under ubuntu 9.10 and get
the (i suppose known to many of you)
"java.security.AccessControlException: access denied" error (Full
exception can be found at the end). I have searched the net in general and found that the Java default security
permissions are preventing the serializer from accessing my classes
private members (they do have getters and setters) and that i should
add to tomcat policy with a file at /etc/tomcat6/policy.d/60gwt.policy
the following:
grant codeBase "file:/var/lib/tomcat6/webapps/-" {
permission java.security.AllPermission;
}
Although i have done that (and i understand the implications) i still
get the same error, no matter how many times i restart the server. The
next step would problably be to disable tomcats security manager
completely but this app will eventually go into production and i d
like to know what's going on here. Also, i'd rather not make any
member variables public...
Any ideas?
cheers
SEVERE: Exception while dispatching incoming RPC call
java.security.AccessControlException: access denied
(java.lang.reflect.ReflectPermission suppressAccessChecks)
at java.security.AccessControlContext.checkPermission
(AccessControlContext.java:323)
at java.security.AccessController.checkPermission
(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:
532)
at java.lang.reflect.AccessibleObject.setAccessible
(AccessibleObject.java:107)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeClass
(ServerSerializationStreamWriter.java:694)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeImpl
(ServerSerializationStreamWriter.java:730)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeClass
(ServerSerializationStreamWriter.java:712)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeImpl
(ServerSerializationStreamWriter.java:730)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali ze
(ServerSerializationStreamWriter.java:612)
at
com.google.gwt.user.client.rpc.impl.AbstractSerializationStreamWriter.write Object
(AbstractSerializationStreamWriter.java:129)
at com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter
$ValueWriter$8.write(ServerSerializationStreamWriter.java:152)
at
com.google.gwt.user.server.rpc.impl.ServerSerializationStreamWriter.seriali zeValue
(ServerSerializationStreamWriter.java:534)
at com.google.gwt.user.server.rpc.RPC.encodeResponse(RPC.java:609)
at com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure
(RPC.java:383)
at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse
(RPC.java:581)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall
(RemoteServiceServlet.java:188)
at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost
(RemoteServiceServlet.java:224)
at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost
(AbstractRemoteServiceServlet.java:62)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:
269)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute
(SecurityUtil.java:301)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege
(SecurityUtil.java:162)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter
(ApplicationFilterChain.java:283)
at org.apache.catalina.core.ApplicationFilterChain.access$000
(ApplicationFilterChain.java:56)
at org.apache.catalina.core.ApplicationFilterChain$1.run
(ApplicationFilterChain.java:189)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter
(ApplicationFilterChain.java:185)
at org.apache.catalina.core.StandardWrapperValve.invoke
(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke
(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service
(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol
$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:
454)
at java.lang.Thread.run(Thread.java:619)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
没关系,我解决了问题。我实际上使用的是 file:$
{catalina.base}webapps/- 而不是 file:/var/lib/tomcat6/webapps
我之前写过。 /etc/default/tomcat 中的 Tomcat 配置说如果
如果不设置 catalina.base 那么默认使用 /var/lib/tomcat6/
但...
Never mind, i solved the problem. I was actually using file:$
{catalina.base}webapps/- instead of file:/var/lib/tomcat6/webapps that
i wrote previously.Tomcat config in /etc/default/tomcat says that if
you don't set catalina.base then /var/lib/tomcat6/ is used by default
but...
无论如何:GWT 无法序列化这种异常,因为该类型在模拟 JRE 库中不可用。因此,要么您通过超级源自己定义它,要么在服务器上处理异常并确保只抛出受支持的异常。
Well anyway: GWT can not serialize this kind of exception because the type is not available in the emulated JRE library. So either you define it yourself via en supersource or you hande the exception on the server and make sure that you only throw supported exceptions.