java.security.AccessControlException:访问被拒绝(“java.net.SocketPermission”“smtp.gmail.com”“resolve”)
[英]java.security.AccessControlException: access denied (“java.net.SocketPermission” “smtp.gmail.com” “resolve”)
问题描述
I am using GlassFish Server 3.1 and the Java mail Api 1.4.5. 
我正在使用GlassFish Server 3.1和Java邮件Api 1.4.5。
Scenario: I have an applet, that when clicked it sends an email message. 场景:我有一个小程序,单击它时会发送一封电子邮件。
Send the mail works perfectly on Netbeans AppletViewer, but it turns into hell when added to the browser and trying to send the email from there. 发送邮件在Netbeans AppletViewer上完美运行,但是当它被添加到浏览器并尝试从那里发送电子邮件时它会变成地狱。
I have read for hours, about policy files, signed/unsigned applets...etc. 我已经阅读了几个小时,关于策略文件,签名/未签名的小程序等等。
I have tried using the signed applet (plenty of tutorials out there for signing it, was quite simple using the keytools from java). 我已经尝试使用签名的applet(有很多教程用于签名,使用java中的keytools非常简单)。 When I run it on the browser it asks for permission because it´sa self-signed certificate, I give it permission , but it still spits out the same exception. 当我在浏览器上运行它时,它要求许可,因为它是一个自签名证书,我给它许可,但它仍然会吐出相同的异常。
I have also tried modifying java.poilcy file adding 我也试过修改java.poilcy文件添加
permission java.net.SocketPermission "smtp.gmail.com:587", "listen,resolve"; 权限java.net.SocketPermission“smtp.gmail.com:587”,“听,解决”;
But nothing. 但没什么。
I know it´s that exception because I activaded the Java Console in the Java Control Panel. 我知道这是异常,因为我在Java控制面板中激活了Java控制台。 I really don´t know what else to do. 我真的不知道还能做什么。
Here is the code that sends the email: 以下是发送电子邮件的代码:
String host = "smtp.gmail.com";
String from = *****;
String pass = ******;
Properties props = new Properties();
props.put("mail.smtp.starttls.enable", "true");
props.put("mail.smtp.host", host);
props.put("mail.smtp.user", from);
props.put("mail.smtp.password", pass);
props.put("mail.smtp.port", "587");
props.put("mail.smtp.auth", "true");
Session session = Session.getDefaultInstance(props, null);
this.message = new MimeMessage(session);
message.setFrom(new InternetAddress(from));
InternetAddress toAddress = new InternetAddress(this.to);
this.message.addRecipient(Message.RecipientType.TO, toAddress);
this.message.setSubject(this.subject);
this.message.setText(this.body);
Transport transport = session.getTransport("smtp");
transport.connect(host, from, pass);
transport.sendMessage(this.message, this.message.getAllRecipients());
transport.close();
4 个解决方案
解决方案1
3 已采纳 2012-12-10 11:43:46
JApplet is in a "sandbox" on it's own, given different permissions than regular applications (applications are only executed when the users chooses directly to do so, hence, the user accepts the consequences). JApplet在它自己的“沙盒”中,给予与常规应用程序不同的权限(应用程序仅在用户选择直接执行时执行,因此,用户接受后果)。 A JApplet executes when a browser downloads it, giving the user no option whatsoever, that´s why if you want to have your applet deployed and executed by others (when the applet accesses servers others than the one from which it is deployed) it must be signed (either a self-signed certificate or a certificate signed by an authorized organization, which usually implies paying some fees) so that the user can "Accept" the consequences of using said Applet, allowing it "out of the sandbox". JApplet在浏览器下载时执行,给用户没有任何选项,这就是为什么如果你想让你的applet部署和执行applet(当applet访问服务器而不是部署服务器的服务器时)签名(自签名证书或授权组织签署的证书,通常意味着支付一些费用),以便用户可以“接受”使用所述Applet的后果,允许它“脱离沙箱”。
For some reason, signing it with a self-cert using keytolls and jarsigner did not work for me whatsoever. 出于某种原因,使用keytolls和jarsigner使用自我证书进行签名对我来说无效。 Even though when I accessed the webpage and the browser warned me about executing the applet (giving me the option to not execute it) and I accepted said warning, it seemed the JApplet was not getting it´s permissions. 即使当我访问网页并且浏览器警告我执行applet(给我选项不执行它)并且我接受了警告时,似乎JApplet没有获得它的权限。
My boyfriend suggested moving the email class out of the "sandbox". 我的男朋友建议将电子邮件类移出“沙盒”。 He solved it (bless him!), moving the emailClass (the one which uses the java mail api) to the server gave no problems whatsoever. 他解决了它 (祝福他!),将emailClass(使用java邮件api的那个)移动到服务器没有任何问题。 Using the Front Controller Command for Client-Server Arquitecture, all I had to do was implement my Controller class with the code that I posted at the beginning of the question, and send from my applet (when the button was clicked) an http-request with the toEmailAddress, subject, and body to my servlet. 使用前端控制器命令进行客户端 - 服务器Arquitecture,我所要做的就是使用我在问题开头发布的代码实现我的Controller类,并从我的applet发送(当点击按钮时)一个http请求使用toEmailAddress,subject和body到我的servlet。
Works perfect. 工作完美。
解决方案2
2 2012-12-10 09:00:19
您必须对applet进行签名,以便它可以连接到加载它之外的主机,并且您必须使用非自签名证书,或者用户必须在出现提示时接受证书。
解决方案3
1 2012-12-10 01:03:56
Several things to look at: 有几点需要注意:
1) double check and make sure your applet signing is correct: 1)仔细检查并确保您的applet签名正确:
- http://www-personal.umich.edu/~lsiden/tutorials/signed-applet/signed-applet.html http://www-personal.umich.edu/~lsiden/tutorials/signed-applet/signed-applet.html
2) Look at crossdomain.xml: 2)查看crossdomain.xml:
- access denied (java.net.SocketPermission 127.0.0.1:8080 connect,resolve) 访问被拒绝(java.net.SocketPermission 127.0.0.1:8080 connect,resolve)
3) Look at applet.policy 3)看看applet.policy
解决方案4
1 2013-03-31 14:53:59
Distribute you program with JNLP with signature, is easy and solve this kind of situations. 用JNLP分配你的程序签名,很容易解决这种情况。
Check tutorials about JNLP of your IDE and read this for more info: http://docs.oracle.com/javase/6/docs/technotes/guides/jweb/deployment_advice.html 查看有关IDE的JNLP的教程,并阅读以获取更多信息: http : //docs.oracle.com/javase/6/docs/technotes/guides/jweb/deployment_advice.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.