Java RMI AccessControlException:访问被拒绝

发布于 2024-08-25 12:48:46 字数 2916 浏览 10 评论 0原文

嘿,当我尝试启动我正在编写的 RMI 应用程序时,我遇到了 AccessControlException:访问被拒绝 ,我无法弄清楚为什么在默认端口 1099 上打开它时会出现此异常,或在另一个动态端口上,我的策略文件当前授予一切(将在应用程序完成时更改)。

我不知道哪里出了问题,任何帮助都会很有用

我的代码

public class Main {

/**
 * @param args the command line arguments
 */
public static void main(String[] args) throws RemoteException, AlreadyBoundException, MalformedURLException {
     if (System.getSecurityManager() == null)
     {
        System.setSecurityManager ( new RMISecurityManager() );
     }

     CreditCardServer ccs = new CreditCardServer();

     int port = 1099;

     try {
        port = Integer.valueOf(args[0]);
        }
     catch (Exception e)
        {
        System.out.println("Invlaid Port");
        }

     if (((port <= 65535) && (port >= 49152)) || port ==1099)
     {
     System.out.println("Valid Port");
     }
     else
     {
         port = 1099;
        System.out.println("Port not in Dynamic Range 49152<-->65535");
     }

     System.out.println(port);

     LocateRegistry.createRegistry(port);

     LocateRegistry.getRegistry().bind("CreditCardServer", ccs);

     while (true)
     {
        //hum?
     }
}

}

堆栈跟踪

vega3 [ia32.linux] 23% java -Djava.security.policy=wideopen.policy -jar "BookStore-CreditCardServer.jar 65000"

有效端口

65000

Exception in thread "main" java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve)
        at java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
        at java.security.AccessController.checkPermission(AccessController.java:553)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
        at java.net.Socket.connect(Socket.java:536)
        at java.net.Socket.connect(Socket.java:492)
        at java.net.Socket.<init>(Socket.java:389)
        at java.net.Socket.<init>(Socket.java:203)
        at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
        at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:146)
        at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
        at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
        at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
        at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:340)
        at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
        at bookstorecreditcardserver.Main.main(Main.java:56)

我的策略文件 >

grant {
// Allow everything for now
permission java.security.AllPermission;
};

Hey I'm getting a AccessControlException: access denied when attempting to start up a RMI app I'm writing, I can't work out why I get this exception if I open it on the default port 1099, or on another dynamic port, my policy file currently grants everything (will change when app is finished).

I am stuck as to where it is going wrong, any help would be of great use

My code

public class Main {

/**
 * @param args the command line arguments
 */
public static void main(String[] args) throws RemoteException, AlreadyBoundException, MalformedURLException {
     if (System.getSecurityManager() == null)
     {
        System.setSecurityManager ( new RMISecurityManager() );
     }

     CreditCardServer ccs = new CreditCardServer();

     int port = 1099;

     try {
        port = Integer.valueOf(args[0]);
        }
     catch (Exception e)
        {
        System.out.println("Invlaid Port");
        }

     if (((port <= 65535) && (port >= 49152)) || port ==1099)
     {
     System.out.println("Valid Port");
     }
     else
     {
         port = 1099;
        System.out.println("Port not in Dynamic Range 49152<-->65535");
     }

     System.out.println(port);

     LocateRegistry.createRegistry(port);

     LocateRegistry.getRegistry().bind("CreditCardServer", ccs);

     while (true)
     {
        //hum?
     }
}

}

The Stack Trace

vega3 [ia32.linux] 23% java -Djava.security.policy=wideopen.policy -jar "BookStore-CreditCardServer.jar 65000"

Valid Port

65000

Exception in thread "main" java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve)
        at java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
        at java.security.AccessController.checkPermission(AccessController.java:553)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
        at java.net.Socket.connect(Socket.java:536)
        at java.net.Socket.connect(Socket.java:492)
        at java.net.Socket.<init>(Socket.java:389)
        at java.net.Socket.<init>(Socket.java:203)
        at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
        at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:146)
        at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
        at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
        at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
        at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:340)
        at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
        at bookstorecreditcardserver.Main.main(Main.java:56)

My Policy File

grant {
// Allow everything for now
permission java.security.AllPermission;
};

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

你的背包 2024-09-01 12:48:46

我一整天都被困在这个问题上(在弄清楚我必须从命令行启动 rmiregistry 之后),尝试使用 Eclipse 使其在本地工作,并最终解决了它。拯救其他人这种残酷命运的几点建议:

1 - 使用命令行标志正确分配策略文件:

java -Djava.security.policy=/home/.../<filename>.policy ...

或直接将其放入代码中:

System.setProperty("java.security.policy","file:///home/.../<filename>.policy");

您也可以将其放在与项目根目录相同的文件夹中),以减少URI

file:./<filename>.policy

(使用相对 URI 而不是绝对 URI - 实际上直到今天我才明白这一点)。

2 - 确保策略文件的格式正确,例如:

grant codeBase "file:<path>/bin/-" {
    permission java.security.AllPermission;
};

这应该指您的二进制文件所在的文件夹! 这里有关于策略文件格式的完整说明< /a>.

就这样,我还推荐本教程,我找到了对于走上正确的轨道非常有帮助。

I've been stuck on this all day (after figuring out I had to start the rmiregistry from the commandline), trying to make this work locally with Eclipse, and finally solved it. A few pointers to save others this cruel fate:

1 - assign the policy file correctly, either with a commandline flag:

java -Djava.security.policy=/home/.../<filename>.policy ...

or by putting this directly in your code:

System.setProperty("java.security.policy","file:///home/.../<filename>.policy");

You can also put it in the same folder as your project root), to reduce the URI to

file:./<filename>.policy

(use a relative instead of absolute URI - I actually didn't understand this until today).

2 - make sure the format of the policy file is correct, e.g.:

grant codeBase "file:<path>/bin/-" {
    permission java.security.AllPermission;
};

This should refer to the folder where your binary is located! A thorough explanation of the format of the policy file is here.

That's about it, I'd also recommend this tutorial, I found it very helpful to get on the right track.

萧瑟寒风 2024-09-01 12:48:46

基本上,我很愚蠢,我认为因为 Java 没有抱怨它找到了 .policy 文件 AOK,结果证明它没有将 .policy 文件的新副本移动到工作目录中解决了所有问题:-D

Basically, I'm stupid, i assumed that because Java was not complaining it was finding the .policy file AOK, turns out it was not moving a new copy of the.policy file into the working directory solves all :-D

吻泪 2024-09-01 12:48:46

我发现关于这个主题的大多数答案都含糊且无益,并花了几个小时对此进行调试。您的错误很可能是因为策略文件格式不正确,或者您没有将其正确设置为命令行参数。

如果您收到 java.security.AccessControlException: access returned ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")

  1. 创建具有所有权限的安全策略文件,只是为了测试一下

grant codeBase "file:/-" {
权限 java.security.AllPermission;
};

  1. 为客户端和服务器使用此安全文件,只是为了让它运行。

  2. 确保您没有任何拼写错误。我花了几个小时试图弄清楚为什么它不起作用,并且我输入了 -Djava.rmi.security.policy 而不是 -Djava.security.policy=...

对于我们这些人来说只是想让 Oracle 的 RMI 教程启动并运行,这个安全策略对于该示例来说已经足够了。

I found most of the answers on this topic vague and unhelpful, and spent several hours debugging this. More than likely, your error is because the policy file is either incorrectly formatted or you're not correctly setting it as a command line argument.

If you're getting a java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")

  1. Create a security policy file with all permissions, just to test it out

grant codeBase "file:/-" {
permission java.security.AllPermission;
};

  1. Use this security file for both the client and the server, just to get it running.

  2. Make sure you don't have any typos. I spent hours trying to figure out why it wasn't working, and i had typed -Djava.rmi.security.policy instead of -Djava.security.policy=...

For those of us that just want to get the RMI tutorial from Oracle up and running, this security policy will be more than enough for that example.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文