1

Spring 和 Hibernate 4 应用程序已在 Tomcat 6 上成功部署并运行。但是,当通过以下命令使用安全管理器启动 Tomcat 6 时:

apache-tomcat-6.0.35\bin>catalina start -security

Tomcat 6 抛出 AccessControlException:访问被拒绝(java.lang.RuntimePermission createClassLoader)

一种解决方案可能是更改 catalina.policy 权限。但是我的应用程序部署在第 3 方 Tomcat 6 服务器上,并且无权更改 catalina.policy。

Spring-Hibernate 4 集成代码:

    <bean id="sessionFactory"
    class="org.springframework.orm.hibernate4.LocalSessionFactoryBean"
    p:dataSource-ref="dataSource" p:configLocation="${hibernate.config}"
    p:packagesToScan="com.vikas.domain" p:namingStrategy-ref="namingStrategy" />

<tx:annotation-driven transaction-manager="transactionManager" />

<bean id="transactionManager"
    class="org.springframework.orm.hibernate4.HibernateTransactionManager"
    p:sessionFactory-ref="sessionFactory" />

请在使用安全管理器运行时找到以下错误堆栈跟踪:

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionFactory' defined in ServletContext resource [/WEB-INF/spring/db-config.xml]: Invocation of init method failed; nested exception is java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1482)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:521)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:458)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:295)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:223)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:292)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.findAutowireCandidates(DefaultListableBeanFactory.java:912)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:855)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:770)
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:486)
... 42 more
Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission createClassLoader)
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
    at java.security.AccessController.checkPermission(AccessController.java:546)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
    at java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:594)
    at java.lang.ClassLoader.<init>(ClassLoader.java:202)
    at org.hibernate.service.classloading.internal.ClassLoaderServiceImpl$AggregatedClassLoader.<init>(ClassLoaderServiceImpl.java:246)
    at org.hibernate.service.classloading.internal.ClassLoaderServiceImpl$AggregatedClassLoader.<init>(ClassLoaderServiceImpl.java:242)
    at org.hibernate.service.classloading.internal.ClassLoaderServiceImpl.<init>(ClassLoaderServiceImpl.java:95)
    at org.hibernate.service.classloading.internal.ClassLoaderServiceImpl.<init>(ClassLoaderServiceImpl.java:61)
    at org.hibernate.service.classloading.internal.ClassLoaderServiceImpl.<init>(ClassLoaderServiceImpl.java:57)
    at org.hibernate.service.internal.BootstrapServiceRegistryImpl.<init>(BootstrapServiceRegistryImpl.java:57)
    at org.hibernate.service.ServiceRegistryBuilder.<init>(ServiceRegistryBuilder.java:76)
    at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:1846)
    at org.springframework.orm.hibernate4.LocalSessionFactoryBuilder.buildSessionFactory(LocalSessionFactoryBuilder.java:247)
    at org.springframework.orm.hibernate4.LocalSessionFactoryBean.buildSessionFactory(LocalSessionFactoryBean.java:373)
    at org.springframework.orm.hibernate4.LocalSessionFactoryBean.afterPropertiesSet(LocalSessionFactoryBean.java:358)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$6.run(AbstractAutowireCapableBeanFactory.java:1531)
    at java.security.AccessController.doPrivileged(Native Method)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1529)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1479)

如何在不更改 catalina.policy 或任何其他 Tomcat 服务器更改的情况下修复异常?

4

1 回答 1

0

使用安全管理器运行 Tomcat 的整个想法是为其提供一些安全性,而覆盖安全性的唯一方法是编辑安全策略以满足您的需求,或者让它在没有安全管理器的情况下运行。我的建议是请负责此第 3 方 Tomcat 服务器的相应客户支持团队代表您进行必要的更改。

于 2013-10-09T14:00:27.113 回答