4

我正在尝试在由 maven 故障安全插件运行的测试套件的 @BeforeClass 内启动嵌入式 Google App Engine 开发服务器(sdk 1.7.3)。应该启动它的代码如下所示:

private static final String HOST = "0.0.0.0";
private static final int PORT = 8887;
private static DevAppServer devAppServer;


@BeforeClass
public static void setup() throws Exception {
    log.debug("Starting development server");
    File appRootDir = new File("target/visualize-1.0.war");
    DevAppServerFactory devAppServerFactory = new DevAppServerFactory();
    devAppServer = devAppServerFactory.createDevAppServer(appRootDir, HOST, PORT); 
    devAppServer.start();
}

然而,在调用 createDevAppServer 期间,我得到了一个安全异常:

java.security.AccessControlException: access denied (java.lang.RuntimePermission setContextClassLoader)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.Thread.setContextClassLoader(Thread.java:1394)
at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:366)
at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:1021)

使用 -Djava.security.debug=access,failure 调试安全异常我看到:

  access: access allowed (java.io.FilePermission    /home/me/.m2/repository/com/google/appengine/appengine-tools-sdk/1.7.3/appengine-tools-sdk-1.7.3.jar read)
 access: access denied (java.security.SecurityPermission getPolicy)
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Thread.java:1249)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:364)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.security.Policy.getPolicy(Policy.java:133)
at com.google.apphosting.utils.security.SecurityManagerInstaller.install(SecurityManagerInstaller.java:81)
at com.google.appengine.tools.development.DevAppServerFactory.createDevAppServer(DevAppServerFactory.java:152)
at com.google.appengine.tools.development.DevAppServerFactory.createDevAppServer(DevAppServerFactory.java:69)
at com.google.appengine.tools.development.DevAppServerFactory.createDevAppServer(DevAppServerFactory.java:53)

我究竟做错了什么?

4

1 回答 1

2

实际上,您不应该像以前那样称呼 GAE(提示:GAE 有这么多用于处理安全问题的补丁,根本不值得)

但是,maven-gae-plugin 确实有专门用于 IT 的 gae:start 和 gae:stop。

这就是我将它用于 IT 的方式:

<plugin>
    <groupId>net.kindleit</groupId>
    <artifactId>maven-gae-plugin</artifactId>
    <version>0.9.4</version>
    <dependencies>
        <dependency>
            <groupId>net.kindleit</groupId>
            <artifactId>gae-runtime</artifactId>
            <version>1.6.6</version>
            <type>pom</type>
        </dependency>
    </dependencies>
    <executions>
        <execution>
            <id>start-integration-test</id>
            <phase>pre-integration-test</phase>
            <goals>
                <goal>start</goal>
            </goals>
        </execution>
        <execution>
            <id>stop-integration-test</id>
            <phase>post-integration-test</phase>
            <goals>
                <goal>stop</goal>
            </goals>
        </execution>
    </executions>
</plugin>
<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-failsafe-plugin</artifactId>
    <version>2.12</version>
    <executions>
        <execution>
            <id>it</id>
            <phase>integration-test</phase>
            <goals>
                <goal>integration-test</goal>
            </goals>
        </execution>
    </executions>
</plugin>
于 2013-01-01T10:20:50.680 回答