【发布时间】:2023-04-09 22:11:02
【问题描述】:
我遇到了这个问题,试了很久,还是没解决。 stackoverfflow 中类似主题的所有解决方案都已尝试过,但对我没有用。任何帮助将不胜感激!
错误:
Set initial logic: Analyzer_ADD
java.rmi.UnmarshalException: error unmarshalling return; nested exception is:
java.lang.ClassNotFoundException:AnalyzerLogicAdd (no security manager: RMI class loader disabled)
at sun.rmi.server.UnicastRef.invoke(Unknown Source)
at java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(Unknown Source)
at java.rmi.server.RemoteObjectInvocationHandler.invoke(Unknown Source)
at com.sun.proxy.$Proxy0.loadLogicFromRepository(Unknown Source)
at exampleSAS.logicRepository.LocalLogicRepository.loadLogicFromRepository(LocalLogicRepository.java:61)
at exampleSAS.adaptationLogic.AdaptationLogicService.implementLogic(AdaptationLogicService.java:50)
at exampleSAS.MainStarter.main(MainStarter.java:18)
Caused by: java.lang.ClassNotFoundException: AnalyzerLogicAdd (no security manager: RMI class loader disabled)
at sun.rmi.server.LoaderHandler.loadClass(Unknown Source)
at sun.rmi.server.LoaderHandler.loadClass(Unknown Source)
at java.rmi.server.RMIClassLoader$2.loadClass(Unknown Source)
at java.rmi.server.RMIClassLoader.loadClass(Unknown Source)
at sun.rmi.server.MarshalInputStream.resolveClass(Unknown Source)
at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
at java.io.ObjectInputStream.readClassDesc(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at sun.rmi.server.UnicastRef.unmarshalValue(Unknown Source)
... 7 more
我在 RMI 服务器项目中有 server.policy 文件,在 RMI 客户端项目中有 client.policy:
grant {
permission java.security.AllPermission ;
};
我为服务器项目指定了 VM 参数:
-Djava.rmi.server.codebase=file:C:\workspace\Repository\ -Djava.security.policy=C:\workspace\Repository\server.policy
对于客户项目:
-Djava.rmi.server.codebase=file:C:\workspace\Repository\ -Djava.security.policy=C:\workspace\SAS\client.policy
以及服务器的启动代码:
public static void main(String[] args) {
try {
LocateRegistry.createRegistry(Registry.REGISTRY_PORT);
System.setProperty("java.security.policy", "AllPermission.policy");
//create a local instance of the object and export the service
LogicRepository rep = LogicRepository.getInstance();
ILogicRepository stub = (ILogicRepository)UnicastRemoteObject.exportObject(rep, 0);
Registry registry = LocateRegistry.getRegistry();
registry.rebind(SasConstants.LOGIC_REPOSITORY, stub);
System.out.println("Logic Repository has been started");
} catch (RemoteException e) {
e.printStackTrace();
}
}
我知道这里是带有虚拟机参数的重复策略设置,但即使我删除它仍然不起作用。
不知何故,我认为安全管理器不起作用,有人可以在这里帮忙吗?
服务端可以正常启动,客户端也可以在服务端调用helloWorld之类的简单方法,但是当我尝试返回一个对象时,错误就出来了。
非常感谢! 问候,托尼
添加 setSecurityManager 后,出现错误“拒绝访问”。代码和错误如下:
public static void main(String[] args) {
try {
LocateRegistry.createRegistry(Registry.REGISTRY_PORT);
System.setProperty("java.security.policy", "AllPermission.policy");
if (System.getSecurityManager() == null) {
System.setSecurityManager(new SecurityManager());
}
......
错误堆栈:
access: access allowed ("java.io.FilePermission" "C:\workspace\Repository\bin" "read")
access: access allowed ("java.lang.RuntimePermission" "getClassLoader")
access: access allowed ("java.lang.RuntimePermission" "modifyThreadGroup")
access: access allowed ("java.lang.RuntimePermission" "modifyThread")
access: access allowed ("java.lang.RuntimePermission" "setContextClassLoader")
access: access allowed ("java.lang.RuntimePermission" "modifyThread")
access: access allowed ("java.lang.RuntimePermission" "getClassLoader")
access: access allowed ("java.lang.RuntimePermission" "modifyThreadGroup")
access: access allowed ("java.lang.RuntimePermission" "modifyThread")
access: access allowed ("java.lang.RuntimePermission" "setContextClassLoader")
access: access allowed ("java.lang.RuntimePermission" "modifyThread")
access: access allowed ("java.lang.RuntimePermission" "modifyThreadGroup")
access: access allowed ("java.lang.RuntimePermission" "modifyThreadGroup")
access: access allowed ("java.lang.RuntimePermission" "modifyThread")
access: access allowed ("java.lang.RuntimePermission" "modifyThread")
access: access allowed ("java.lang.RuntimePermission" "modifyThread")
access: access allowed ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
access: access allowed ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
access: access allowed ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
access: access denied ("java.net.SocketPermission" "TONYYANG70FC" "resolve")
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Unknown Source)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at java.net.InetAddress.getLocalHost(Unknown Source)
at java.rmi.registry.LocateRegistry.getRegistry(Unknown Source)
at java.rmi.registry.LocateRegistry.getRegistry(Unknown Source)
at java.rmi.registry.LocateRegistry.getRegistry(Unknown Source)
at LogicRepositoryStarter.main(LogicRepositoryStarter.java:37)
access: access allowed ("java.security.SecurityPermission" "getPolicy")
access: access allowed ("java.io.FilePermission" "C:\workspace\Repository\bin" "read")
access: domain that failed ProtectionDomain (file:/C:/workspace/Repository/bin/ <no signer certificates>)
sun.misc.Launcher$AppClassLoader@387f44
<no principals>
java.security.Permissions@17c264 (
("java.util.PropertyPermission" "java.specification.version" "read")
("java.util.PropertyPermission" "java.version" "read")
("java.util.PropertyPermission" "os.arch" "read")
("java.util.PropertyPermission" "java.specification.vendor" "read")
("java.util.PropertyPermission" "java.vm.specification.name" "read")
("java.util.PropertyPermission" "java.vm.vendor" "read")
("java.util.PropertyPermission" "path.separator" "read")
("java.util.PropertyPermission" "os.version" "read")
("java.util.PropertyPermission" "file.separator" "read")
("java.util.PropertyPermission" "line.separator" "read")
("java.util.PropertyPermission" "java.vm.specification.vendor" "read")
("java.util.PropertyPermission" "java.specification.name" "read")
("java.util.PropertyPermission" "java.vendor.url" "read")
("java.util.PropertyPermission" "java.vendor" "read")
("java.util.PropertyPermission" "java.vm.version" "read")
("java.util.PropertyPermission" "java.vm.name" "read")
("java.util.PropertyPermission" "java.vm.specification.version" "read")
("java.util.PropertyPermission" "os.name" "read")
("java.util.PropertyPermission" "java.class.version" "read")
("java.io.FilePermission" "\C:\workspace\Repository\bin\-" "read")
("java.lang.RuntimePermission" "exitVM")
("java.lang.RuntimePermission" "stopThread")
("java.net.SocketPermission" "localhost:0" "listen,resolve")
)
access: access allowed ("java.util.PropertyPermission" "java.rmi.server.hostname" "read")
access: access allowed ("java.util.PropertyPermission" "sun.rmi.transport.connectionTimeout" "read")
access: access allowed ("java.util.PropertyPermission" "sun.rmi.transport.tcp.handshakeTimeout" "read")
access: access allowed ("java.util.PropertyPermission" "sun.rmi.transport.tcp.responseTimeout" "read")
access: access allowed ("java.lang.RuntimePermission" "sun.rmi.runtime.RuntimeUtil.getInstance")
access: access allowed ("java.util.PropertyPermission" "jdk.net.ephemeralPortRange.low" "read")
access: access allowed ("java.lang.RuntimePermission" "loadLibrary.net")
access: access allowed ("java.io.FilePermission" "C:\Program Files\Java\jre1.8.0_40\bin\net.dll" "read")
access: access allowed ("java.util.PropertyPermission" "jdk.net.ephemeralPortRange.high" "read")
access: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Unknown Source)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(Unknown Source)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(Unknown Source)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(Unknown Source)
at sun.rmi.transport.tcp.TCPChannel.createConnection(Unknown Source)
at sun.rmi.transport.tcp.TCPChannel.newConnection(Unknown Source)
at sun.rmi.server.UnicastRef.newCall(Unknown Source)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at LogicRepositoryStarter.main(LogicRepositoryStarter.java:38)
access: access allowed ("java.security.SecurityPermission" "getPolicy")
access: access allowed ("java.io.FilePermission" "C:\workspace\Repository\bin" "read")
access: domain that failed ProtectionDomain (file:/C:/workspace/Repository/bin/ <no signer certificates>)
sun.misc.Launcher$AppClassLoader@387f44
<no principals>
java.security.Permissions@81197d (
("java.util.PropertyPermission" "java.specification.version" "read")
("java.util.PropertyPermission" "java.version" "read")
("java.util.PropertyPermission" "os.arch" "read")
("java.util.PropertyPermission" "java.specification.vendor" "read")
("java.util.PropertyPermission" "java.vm.specification.name" "read")
("java.util.PropertyPermission" "java.vm.vendor" "read")
("java.util.PropertyPermission" "path.separator" "read")
("java.util.PropertyPermission" "os.version" "read")
("java.util.PropertyPermission" "file.separator" "read")
("java.util.PropertyPermission" "line.separator" "read")
("java.util.PropertyPermission" "java.vm.specification.vendor" "read")
("java.util.PropertyPermission" "java.specification.name" "read")
("java.util.PropertyPermission" "java.vendor.url" "read")
("java.util.PropertyPermission" "java.vendor" "read")
("java.util.PropertyPermission" "java.vm.version" "read")
("java.util.PropertyPermission" "java.vm.name" "read")
("java.util.PropertyPermission" "java.vm.specification.version" "read")
("java.util.PropertyPermission" "os.name" "read")
("java.util.PropertyPermission" "java.class.version" "read")
("java.io.FilePermission" "\C:\workspace\Repository\bin\-" "read")
("java.lang.RuntimePermission" "exitVM")
("java.lang.RuntimePermission" "stopThread")
("java.net.SocketPermission" "localhost:0" "listen,resolve")
)
Exception in thread "main" java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkConnect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(Unknown Source)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(Unknown Source)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(Unknown Source)
at sun.rmi.transport.tcp.TCPChannel.createConnection(Unknown Source)
at sun.rmi.transport.tcp.TCPChannel.newConnection(Unknown Source)
at sun.rmi.server.UnicastRef.newCall(Unknown Source)
at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
at LogicRepositoryStarter.main(LogicRepositoryStarter.java:38)
更多信息可以更好地揭示这个问题:
在客户端,我成功调用了服务端类的方法:
print() 只是说 hello world
loadLogicFromRepository(type, logicID)
客户端代码:
protected ILogicRepository server;
private void initializeRMI() {
Registry registry;
try {
registry = LocateRegistry.getRegistry();
server = (ILogicRepository) registry.lookup(FesasConstants.LOGIC_REPOSITORY);
} catch (RemoteException | NotBoundException e) {
e.printStackTrace();
}
try {
//TODO: check, that the correct meta data is used (string with the ID at the beginning)
server.print();
return server.loadLogicFromRepository(type, logicID);
} catch (RemoteException | LogicNotFoundException e) {
e.printStackTrace();
}
}
server.loadLogicFromRepository 的代码:
public ILogic loadLogicFromRepository(LogicType type, String logicID) throws RemoteException, LogicNotFoundException {
AnalyzerLogicAdd logic =new AnalyzerLogicAdd();
return logic;
}
它什么也不做,只是返回另一个服务器类 AnalyzerLogicAdd 的对象,它实现了可序列化的接口
而且这个对象对我从服务器获取非常重要。
【问题讨论】:
-
您的安全调试跟踪显示
AllPermission未生效,这只能表示您的 .policy 文件未找到。 -
我添加了 'System.out.println(System.getProperty("java.security.policy")); System.out.println(System.getProperty("java.rmi.server.codebase"));'它指向正确的策略文件和代码库路径
-
非常感谢!我解决了安全问题,它是缺少“src”的路径,抱歉愚蠢的错误。但是当我尝试返回服务器类 AnalyzerLogicAdd 的对象时,我仍然得到 java.lang.ClassNotFoundException。客户端好像没有它的类定义,请问如何解决?
-
这也可能是代码库 URL 问题吗?这个设置正确吗? -Djava.rmi.server.codebase=文件:C:\workspace\Repository\src\
-
java.lang.ClassNotFoundException 的原因是 URL 应该是 Djava.rmi.server.codebase=file:C:\workspace\Repository\bin\ ,而不是 ...\src\
标签: java rmi policy securitymanager