让 RMI 安全策略发挥作用时遇到问题
我在使 RMI 安全策略发挥作用时遇到问题。我在服务器和客户端上都有一个 .policy 文件,每个文件都运行一个 SecurityManager。
当我尝试运行客户端时,它失败了。我的政策文件授予一切 atm 权限。内容如下:
grant { permission java.security.AllPermission };
我的 JAR 文件的根目录中有文件 client.policy (我也尝试使用 jar 外部的策略文件运行它)。然后我使用以下命令运行客户端:
java -jar PagePlanner.jar -Djava.security.policy=client.policy -Djava.rmi.codebase=http://192.168.0.88:2077/home/me/NetbeansProjects/PageServer/dist/PageServer.jar -Djava.security.debug=access
指定我的策略文件和代码库的路径。我不确定这些是否正确。我还尝试设置调试开关,因为我在某处读到它应该为我提供有关出现问题的额外信息,但它似乎没有什么区别。这是我运行客户端时的输出:
Exception in thread "main" java.security.AccessControlException: access denied (java.awt.AWTPermission setWindowAlwaysOnTop)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.awt.Window.setAlwaysOnTop(Window.java:2038)
at gui.LoginForm.<init>(LoginForm.java:59)
at main.Main.main(Main.java:21)
从这一点开始,客户端挂起。你知道我在这里做错了什么吗?服务器端的策略设置几乎相同。如果有帮助的话我可以发布详细信息。
干杯。
I'm having trouble getting RMI security policies working. I have a .policy file on both the server and client, each of which is running a SecurityManager.
When I try and run the client its failing. My policy file grants everything atm. Heres the content:
grant { permission java.security.AllPermission };
I have the file client.policy in the root directory of my JAR file (I tried running it with the policy file outside the jar too). Then I run the client with this:
java -jar PagePlanner.jar -Djava.security.policy=client.policy -Djava.rmi.codebase=http://192.168.0.88:2077/home/me/NetbeansProjects/PageServer/dist/PageServer.jar -Djava.security.debug=access
Specifying my policy file and the path to my code base. I'm not sure if either of these are correct. I also tried setting the debug switch as I read somewhere it should give me extra info about whats going wrong, but it does not seem to make a difference.Heres the output when I run the client:
Exception in thread "main" java.security.AccessControlException: access denied (java.awt.AWTPermission setWindowAlwaysOnTop)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.awt.Window.setAlwaysOnTop(Window.java:2038)
at gui.LoginForm.<init>(LoginForm.java:59)
at main.Main.main(Main.java:21)
From which point the client just hangs. Any ideas what I'm doing wrong here? The policy setup on the server-side is pretty much the same. I can post the details if that helps.
Cheers.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
使用 -Djava.security.debug=access,failure 运行客户端。很可能没有找到您的 .policy 文件。
顺便说一句,您不需要在客户端设置代码库,除非客户端有自己的抽象类/接口的实现并且服务器不知道它们。代码库通常只在服务器上设置,以便注释下载到客户端和注册表的类。
Run the client with -Djava.security.debug=access,failure. Most probably your .policy file isn't being found.
BTW you don't need to set the codebase at the client unless the client has its own implementations of abstract classes/interfaces and the server doesn't know about them. The codebase is normally only set at the server, so as to annotate classes that are downloaded to the client and the Registry.