Java:从本地小程序调用 .dll...我做错了什么
应该没有安全限制,因为小程序是本地安装的。
我得到:
java.security.AccessControlException:访问被拒绝(java.lang.RuntimePermission loadLibrary.jzmq)
然而,当我的应用程序尝试调用
static{
System.loadLibrary("jzmq");
}
什么时, 我缺少什么才能使它在没有安全问题的情况下顺利工作(因为它是用户安装的本地小程序,所以应该如此)?
顺便说一句,它在 Eclipse“运行”中运行良好,只是不在我希望它运行的浏览器中运行。
There should be no security restriction because the applet is locally installed.
Yet I get:
java.security.AccessControlException: access denied (java.lang.RuntimePermission loadLibrary.jzmq)
when my app tries to call
static{
System.loadLibrary("jzmq");
}
What gives?
What am I missing for it to work smoothly without a security question (as it should since it's a user-installed local applet)?
By the way it works fine from Eclipse "Run", just not in a browser, where I want it to run.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
通过浏览器插件从本地文件系统 (file:///) 运行的 Applet 与从 Web 加载的 Applet 受到几乎完全相同的安全检查。不同之处在于从网络加载的小程序具有“call home”的权限,即。连接回小程序所在的服务器,并且从文件系统加载的小程序有权访问同一文件夹中的文件。
默认情况下,沙箱不允许在任何一种情况下加载本机库。
您可以考虑签署该小程序。用户必须确定安全对话框。除非您有从证书颁发机构购买的代码签名证书,否则该对话框将警告用户该证书未经受信任方签名。
我不完全理解您的用例,但如果您可以在本地计算机上运行其他代码,您始终可以更改 java 安全策略,以便信任某个特定本地位置中的 .jar 文件。这样就不会出现安全对话框。
为此,您需要更改 java 策略文件,该文件在装有 Java 6 的 Windows 计算机上可能位于:
%PROGRAM FILES%\Java\jre6\lib\security\java.policy
并添加新权限,如下所示:
编辑:要授予完全权限,您可以添加这样的权限(这是从我刚才所做的成功测试中复制的):
Applets run via browser plug-in from the local file-system (file:///) are subject to almost exactly the same security checks as applets loaded from the web. The difference being that applets loaded from the web have the permission to "call home", ie. connect back to the server the applet originated from, and applets loaded from the filesystem have the permission to access the files in the same folder.
The sandbox by default does not permit loading native libraries in either case.
You could consider signing the applet. The user will have to OK the security dialog. And unless you have a code-signing certificate purchased from a certificate authority the dialog will warn the user of the fact that it's not signed by a trusted party.
I didn't fully understand your use-case, but if you can run other code on the local machine, you could always alter the java security policy in order to trust a .jar file in some specific local location. This way no security dialog gets presented.
To do this, you alter the java policy file, which on a windows machine with Java 6 would probably be in:
%PROGRAM FILES%\Java\jre6\lib\security\java.policy
And add a new permission, something like this:
EDIT: To give full permissions, you could add a permission like this (this is copied from a succesful test I did just now):