Google App Engine Servlet使用Eclipse插件引发java.security.AccessControlException
[英]Google App Engine servlet throws java.security.AccessControlException using Eclipse plugin
问题描述
I'm running a Java servlet on Google App Engine, which runs an XQuery script using kawa, redirects to a JSP and displays the answer 
我在Google App Engine上运行Java servlet,该Java servlet使用kawa运行XQuery脚本,重定向到JSP并显示答案
package com.myserver.servlet;
import gnu.xquery.lang.XQuery;
import java.io.FileReader;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class XQueryTest extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
XQuery xQuery = new XQuery();
Object result = new String("");
try {
String realPath = getServletContext().getRealPath("./XQueryTest.xquery");
FileReader fileReader = new FileReader(realPath);
result = xQuery.eval(fileReader);
request.setAttribute("xQueryTest", result.toString());
} catch (Throwable e) {
e.printStackTrace();
}
RequestDispatcher requestDispatcher = request.getRequestDispatcher("/XQueryTest.jsp");
requestDispatcher.forward(request, response);
}
}
This runs fine on appspot.com and using the dev_appserver command, but running the same servlet in Eclipse using the plugin throws a java.security.AccessControlException 这可以在appspot.com上并使用dev_appserver命令正常运行,但是使用插件在Eclipse中运行相同的servlet会抛出java.security.AccessControlException
java.security.AccessControlException: access denied ("java.io.FilePermission" "/home/myuser/eclipse/jee-latest/eclipse" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:442)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.File.isDirectory(File.java:844)
at java.io.File.toURI(File.java:732)
at gnu.text.FilePath.toUri(FilePath.java:245)
at gnu.text.FilePath.toUri(FilePath.java:265)
at gnu.text.Path.toURI(Path.java:279)
at gnu.xquery.lang.XQParser.fixupStaticBaseUri(XQParser.java:99)
at gnu.xquery.lang.XQParser.getStaticBaseUri(XQParser.java:132)
at gnu.xquery.lang.XQParser.wrapWithBaseUri(XQParser.java:2722)
at gnu.xquery.lang.XQParser.parseXMLConstructor(XQParser.java:2540)
at gnu.xquery.lang.XQParser.parseMaybePrimaryExpr(XQParser.java:2954)
at gnu.xquery.lang.XQParser.parsePrimaryExpr(XQParser.java:2181)
at gnu.xquery.lang.XQParser.parseStepExpr(XQParser.java:2101)
at gnu.xquery.lang.XQParser.parsePathExpr(XQParser.java:1816)
at gnu.xquery.lang.XQParser.parseIntersectExceptExpr(XQParser.java:1779)
at gnu.xquery.lang.XQParser.parseUnionExpr(XQParser.java:1763)
at gnu.xquery.lang.XQParser.parseUnaryExpr(XQParser.java:1756)
at gnu.xquery.lang.XQParser.parseBinaryExpr(XQParser.java:1671)
at gnu.xquery.lang.XQParser.parseExprSingle(XQParser.java:1664)
at gnu.xquery.lang.XQParser.parseExpr(XQParser.java:1636)
at gnu.xquery.lang.XQParser.parseIfExpr(XQParser.java:3145)
at gnu.xquery.lang.XQParser.parseExprSingle(XQParser.java:1652)
at gnu.xquery.lang.XQParser.parseExpr(XQParser.java:1636)
at gnu.xquery.lang.XQParser.parseEnclosedExpr(XQParser.java:2413)
at gnu.xquery.lang.XQParser.parseFunctionDefinition(XQParser.java:3620)
at gnu.xquery.lang.XQParser.parse(XQParser.java:3784)
at gnu.xquery.lang.XQuery.parse(XQuery.java:147)
at gnu.expr.Language.parse(Language.java:702)
at gnu.expr.Language.parse(Language.java:656)
at gnu.expr.Language.eval(Language.java:1122)
at gnu.expr.Language.eval(Language.java:1063)
at gnu.expr.Language.eval(Language.java:1053)
at com.myserver.servlet.XQueryTest.doGet(XQueryTest.java:30)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
at com.google.appengine.api.socket.dev.DevSocketFilter.doFilter(DevSocketFilter.java:74)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.ResponseRewriterFilter.doFilter(ResponseRewriterFilter.java:128)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.HeaderVerificationFilter.doFilter(HeaderVerificationFilter.java:34)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:63)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectRequest(DevAppServerModulesFilter.java:366)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectModuleRequest(DevAppServerModulesFilter.java:349)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doFilter(DevAppServerModulesFilter.java:116)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at com.google.appengine.tools.development.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:95)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:508)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
I had a theory that the security policy of the JRE running eclipse was causing the problem, but adding the permission to java.policy and javaws.policy for the JRE in eclipse.ini made no difference. 我有一种理论认为,运行eclipse的JRE的安全策略引起了问题,但是在eclipse.ini中为JRE添加了对java.policy和javaws.policy的许可没有区别。
-vm
/usr/lib/jvm/java-8-oracle/jre/bin
I'm using eclipse oxygen and version 1.0.3.201704111618 of the Google Cloud Platform plugin This worked fine in eclipse Mars and Java 1.7 我正在使用eclipse氧气和Google Cloud Platform插件的版本1.0.3.201704111618,在Eclipse Mars和Java 1.7中工作正常
What changes should I make to let the servlet run correctly in Eclipse? 我应该进行哪些更改以使servlet在Eclipse中正确运行?
1 个解决方案
解决方案1
1 已采纳 2017-05-03 16:33:59
/home/myuser/eclipse/jee-latest/eclipse looks like where you started your Eclipse IDE. /home/myuser/eclipse/jee-latest/eclipse类似于您启动Eclipse IDE的位置。 If that's the case, then for now, that directory becomes a working directory of the local dev server of the Google Cloud Tools for Eclipse (CT4E) plugin. 如果是这样,那么现在该目录成为Google Cloud Tools for Eclipse(CT4E)插件的本地dev服务器的工作目录。 The problem might be that XQuery internally tries to access files outside the servlet context because XQuery may be basing off of the Eclipse working directory. 问题可能是XQuery在内部尝试访问servlet上下文之外的文件,因为XQuery可能基于Eclipse工作目录。 Can you try the following workaround to set a correct working directory to see if it solves the problem? 您是否可以尝试以下解决方法来设置正确的工作目录,以查看它是否可以解决问题?
Cannot access file using relative path in local test when developing Google App Engine applications 开发Google App Engine应用程序时无法使用本地测试中的相对路径访问文件
UPDATE: We fixed CT4E to automatically set the working directory properly (unless you run multiple projects in a single local server), and you won't need the workaround once the fixed version rolls out. 更新:我们修复了CT4E,以自动正确地设置工作目录(除非您在单个本地服务器上运行多个项目),并且一旦固定版本推出,您将不需要解决方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.