朋友们好!我在这里遇到了一个大问题!首先,我去年在这里发布了一个关于如何在 JVM 中设置代理的问题,以便用 java 编程的 Lotus Notes 代理可以通过 Web 服务(也在 java 中)。经过几周的研究,我终于找到了问题所在,现在可以了!所以,现在是时候让我们在用户测试环境中移动它了……你猜怎么着?!?不工作!但是,我没有面临同样的问题。实际上,要在JVM中设置代理,我需要设置属性“http.proxyHost”和“http.proxyPort”。所以,我让 Domino 服务器的管理员更改服务器上的“java.policy”文件,以便我可以访问这些属性(我让他们复制“java.policy”的开发版本并将其粘贴到“UAT “ 版本)。没运气!使用完全相同的策略文件在另一台服务器上复制的完全相同的代码有两种不同的行为方式......我明白了:
java.security.AccessControlException: access denied (java.util.PropertyPermission http.proxyHost write)
我们尝试反转权限授予,我们尝试将权限授予“http.proxyHost”和“proxyHost”。没有任何效果......所以,我让他们删除了“授予”部分中的所有权限(没有代码库)并只放置了 AllPermission。有效!我的猜测是我们的策略文件中有错误,因此权限没有得到处理。我想知道你是否可以帮我解决这个问题……这是政策文件:
//
// @(#)src/security/sov/config/java.policy, security, as142, 20070303 1.4.2.2
// ===========================================================================
// Licensed Materials - Property of IBM
// "Restricted Materials of IBM"
//
// IBM SDK, Java(tm) 2 Technology Edition, v1.4.2
// (C) Copyright IBM Corp. 1998, 2002. All Rights Reserved
// ===========================================================================
//
// Standard extensions get all permissions by default
grant codeBase "file:${java.home}/lib/ext/*" {
permission java.security.AllPermission;
};
// default permissions granted to all domains
grant {
// Allows any thread to stop itself using the java.lang.Thread.stop()
// method that takes no argument.
// Note that this permission is granted by default only to remain
// backwards compatible.
// It is strongly recommended that you either remove this permission
// from this policy file or further restrict it to code sources
// that you specify, because Thread.stop() is potentially unsafe.
// See "http://java.sun.com/notes" for more information.
permission java.lang.RuntimePermission "stopThread";
permission java.lang.RuntimePermission "setContextClassLoader"; // This was added
// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission "localhost:1024-", "listen";
permission java.net.NetPermission "setDefaultAuthenticator";
permission java.util.PropertyPermission "http.proxySet", "write";
permission java.util.PropertyPermission "http.proxyHost", "write";
permission java.util.PropertyPermission "http.proxyPort", "write";
// "standard" properies that can be read by anyone
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission "java.vm.specification.version", "read";
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
permission java.util.PropertyPermission "java.assistive", "read";
};
// Notes java code gets all permissions
grant codeBase "file:${notes.binary}/*" {
permission java.security.AllPermission;
};
grant codeBase "file:${notes.binary}/rjext/*" {
permission java.security.AllPermission;
};
任何线索将不胜感激......客户很累,这不起作用!