![](/img/trans.png)
[英]Google App Engine - Spring Security Issue (java.security.AccessControlException)
[英]Google App Engine servlet throws java.security.AccessControlException using Eclipse plugin
我在Google App Engine上运行Java servlet,该Java servlet使用kawa运行XQuery脚本,重定向到JSP并显示答案
package com.myserver.servlet;
import gnu.xquery.lang.XQuery;
import java.io.FileReader;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class XQueryTest extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
XQuery xQuery = new XQuery();
Object result = new String("");
try {
String realPath = getServletContext().getRealPath("./XQueryTest.xquery");
FileReader fileReader = new FileReader(realPath);
result = xQuery.eval(fileReader);
request.setAttribute("xQueryTest", result.toString());
} catch (Throwable e) {
e.printStackTrace();
}
RequestDispatcher requestDispatcher = request.getRequestDispatcher("/XQueryTest.jsp");
requestDispatcher.forward(request, response);
}
}
这可以在appspot.com上并使用dev_appserver命令正常运行,但是使用插件在Eclipse中运行相同的servlet会抛出java.security.AccessControlException
java.security.AccessControlException: access denied ("java.io.FilePermission" "/home/myuser/eclipse/jee-latest/eclipse" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:442)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.File.isDirectory(File.java:844)
at java.io.File.toURI(File.java:732)
at gnu.text.FilePath.toUri(FilePath.java:245)
at gnu.text.FilePath.toUri(FilePath.java:265)
at gnu.text.Path.toURI(Path.java:279)
at gnu.xquery.lang.XQParser.fixupStaticBaseUri(XQParser.java:99)
at gnu.xquery.lang.XQParser.getStaticBaseUri(XQParser.java:132)
at gnu.xquery.lang.XQParser.wrapWithBaseUri(XQParser.java:2722)
at gnu.xquery.lang.XQParser.parseXMLConstructor(XQParser.java:2540)
at gnu.xquery.lang.XQParser.parseMaybePrimaryExpr(XQParser.java:2954)
at gnu.xquery.lang.XQParser.parsePrimaryExpr(XQParser.java:2181)
at gnu.xquery.lang.XQParser.parseStepExpr(XQParser.java:2101)
at gnu.xquery.lang.XQParser.parsePathExpr(XQParser.java:1816)
at gnu.xquery.lang.XQParser.parseIntersectExceptExpr(XQParser.java:1779)
at gnu.xquery.lang.XQParser.parseUnionExpr(XQParser.java:1763)
at gnu.xquery.lang.XQParser.parseUnaryExpr(XQParser.java:1756)
at gnu.xquery.lang.XQParser.parseBinaryExpr(XQParser.java:1671)
at gnu.xquery.lang.XQParser.parseExprSingle(XQParser.java:1664)
at gnu.xquery.lang.XQParser.parseExpr(XQParser.java:1636)
at gnu.xquery.lang.XQParser.parseIfExpr(XQParser.java:3145)
at gnu.xquery.lang.XQParser.parseExprSingle(XQParser.java:1652)
at gnu.xquery.lang.XQParser.parseExpr(XQParser.java:1636)
at gnu.xquery.lang.XQParser.parseEnclosedExpr(XQParser.java:2413)
at gnu.xquery.lang.XQParser.parseFunctionDefinition(XQParser.java:3620)
at gnu.xquery.lang.XQParser.parse(XQParser.java:3784)
at gnu.xquery.lang.XQuery.parse(XQuery.java:147)
at gnu.expr.Language.parse(Language.java:702)
at gnu.expr.Language.parse(Language.java:656)
at gnu.expr.Language.eval(Language.java:1122)
at gnu.expr.Language.eval(Language.java:1063)
at gnu.expr.Language.eval(Language.java:1053)
at com.myserver.servlet.XQueryTest.doGet(XQueryTest.java:30)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
at com.google.appengine.api.socket.dev.DevSocketFilter.doFilter(DevSocketFilter.java:74)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.ResponseRewriterFilter.doFilter(ResponseRewriterFilter.java:128)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.HeaderVerificationFilter.doFilter(HeaderVerificationFilter.java:34)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:63)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectRequest(DevAppServerModulesFilter.java:366)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectModuleRequest(DevAppServerModulesFilter.java:349)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doFilter(DevAppServerModulesFilter.java:116)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at com.google.appengine.tools.development.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:95)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:508)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
我有一种理论认为,运行eclipse的JRE的安全策略引起了问题,但是在eclipse.ini中为JRE添加了对java.policy和javaws.policy的许可没有区别。
-vm
/usr/lib/jvm/java-8-oracle/jre/bin
我正在使用eclipse氧气和Google Cloud Platform插件的版本1.0.3.201704111618,在Eclipse Mars和Java 1.7中工作正常
我应该进行哪些更改以使servlet在Eclipse中正确运行?
/home/myuser/eclipse/jee-latest/eclipse
类似于您启动Eclipse IDE的位置。 如果是这样,那么现在该目录成为Google Cloud Tools for Eclipse(CT4E)插件的本地dev服务器的工作目录。 问题可能是XQuery在内部尝试访问servlet上下文之外的文件,因为XQuery可能基于Eclipse工作目录。 您是否可以尝试以下解决方法来设置正确的工作目录,以查看它是否可以解决问题?
开发Google App Engine应用程序时无法使用本地测试中的相对路径访问文件
更新:我们修复了CT4E,以自动正确地设置工作目录(除非您在单个本地服务器上运行多个项目),并且一旦固定版本推出,您将不需要解决方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.