java.security.AccessControlException:访问被拒绝(“ java.security.SecurityPermission”“ authProvider.SunMSCAPI”)

问题描述 投票:6回答:2

直到早上,我的applet一切正常。我进行了Java更新,一切都停止了。我正在使用小程序处理数字证书。这是我的堆栈跟踪。我关注了一些甲骨文文章,但没有用。

https://blogs.oracle.com/java-platform-group/entry/liveconnect_changes_in_7u45http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_libraryhttp://www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html

Java Plug-in 10.45.2.18
Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM
User home directory = C:\Users\vicky.thakor

java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
    at java.security.AccessControlContext.checkPermission(Unknown Source)
    at java.security.AccessController.checkPermission(Unknown Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source)
    at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755)
    at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62)
    at java.security.KeyStore.load(Unknown Source)
    at SecurityApplet.initializeBrowserKeyStore(SecurityApplet.java:162)
    at SecurityApplet.isCertificateInstalled(SecurityApplet.java:268)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)

我正在用applet的.java.policy方法创建的[public void init()文件。在访问applet中的任何内容之前。

grant
{
permission java.security.AllPermission;
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.io.FilePermission "<<ALL FILES>>", "write";
permission java.util.PropertyPermission "*", "read, write";
permission java.util.PropertyPermission "user.home", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.lang.RuntimePermission "modifyThread";
permission java.lang.RuntimePermission "*";
};

更新:2013年11月18日

即使使用代码签名证书也不起作用

<< img src =“ https://image.soinside.com/eyJ1cmwiOiAiaHR0cHM6Ly9pLnN0YWNrLmltZ3VyLmNvbS9na1l2bi5wbmcifQ==” alt =“在此处输入图像描述”>

java oracle security applet
2个回答
1
投票

我还不能发表评论,所以我将其作为答案。

  1. 我相信在applet中创建.java.policy文件为时已晚-插件将已经启动并在运行任何代码之前读取策略文件。

  2. 您可以签名小程序并使用jnlp文件在安全元素中分配权限


0
投票

我知道现在回答这个问题已经很晚了,但是添加我的解决方案是因为我在这方面遇到了困难:

我的问题:在部署依赖于Bouncy Castle库的应用程序(WAR文件)时,我遇到了这个问题:`

cannot create instance of
org.bouncycastle.jcajce.provider.digest.GOST3411$Mappings
 java.security.AccessControlException: access denied
("java.security.SecurityPermission"
"putProviderProperty.BC")

`

这是我所做的,对我有用:前往:{Installed JDK path}\jre\lib\security\打开文件java.policy

添加权限:permission java.security.SecurityPermission "putProviderProperty.BC";

重新启动程序以加载更改。

我还不了解它到底是如何工作的,或者只是像这样更改java.policy文件是否安全(仍在寻找实现这种配置的其他方法)。

请务必谨慎进行此类更改。甲骨文doc的更多内容>

© www.soinside.com 2019 - 2024. All rights reserved.