我目前正在运行我的 JNLP,在 Java 控制台中,我看到对于某些 jar 文件,它请求了两次权限。由于我的 jar 有一个受信任的证书,它会导致证书检查请求发送两次。以下是我在 Java 控制台中看到的
security: JAVAWS AppPolicy Permission requested for: http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar
ruleset: finding Deployment Rule Set for
title: Xpert.ivy Rich Internet Application
location: http://192.168.72.72:8061/ivy/pro/System/Administration/1419CBE3AAB8C361.jws.jnlp;jsessionid=EF178D8454450E00CC95762C3869DD3A
main location: http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
Missing Codebase manifest attribute for: http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar
security: Istrusted: http://192.168.72.72:8061/ivy/pro/System/Administration/1419CBE3AAB8C361.jws.jnlp;jsessionid=EF178D8454450E00CC95762C3869DD3A false
Missing Codebase manifest attribute for: http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: FCB73268A88D254A997683F535ACA1E3F05E8538B82FFE5F0E3F3E71E9EF81B6
security: SHA-256Certificate finger print: 235C96A2E2DA557B904E90F3A0CAA57EABB4BDB5F401969DA8C282F60839568F
security: SHA-256Certificate finger print: A45EDE3BBBF09C8AE15C72EFC07268D693A21C996FD51E67CA079460FD6D8873
security: The OCSP support is enabled
security: The CRL support is enabled
security: Skipping revocation check, not publisher cert
network: Connecting http://ocsp.quovadisglobal.com/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
security: Grant socket perm for http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar : java.security.Permissions@64424952 (
("java.net.SocketPermission" "192.168.72.72" "connect,accept,resolve")
)
security: JAVAWS AppPolicy Permission requested for: http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar
ruleset: finding Deployment Rule Set for
title: Xpert.ivy Rich Internet Application
location: http://192.168.72.72:8061/ivy/pro/System/Administration/1419CBE3AAB8C361.jws.jnlp;jsessionid=EF178D8454450E00CC95762C3869DD3A
main location: http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar
main version: null
isArtifact: true
ruleset: no rule applies, returning Default Rule
Missing Codebase manifest attribute for: http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar
security: Istrusted: http://192.168.72.72:8061/ivy/pro/System/Administration/1419CBE3AAB8C361.jws.jnlp;jsessionid=EF178D8454450E00CC95762C3869DD3A false
Missing Codebase manifest attribute for: http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar
security: Validate the certificate chain using CertPath API
security: SHA-256Certificate finger print: FCB73268A88D254A997683F535ACA1E3F05E8538B82FFE5F0E3F3E71E9EF81B6
security: SHA-256Certificate finger print: 235C96A2E2DA557B904E90F3A0CAA57EABB4BDB5F401969DA8C282F60839568F
security: SHA-256Certificate finger print: A45EDE3BBBF09C8AE15C72EFC07268D693A21C996FD51E67CA079460FD6D8873
security: The OCSP support is enabled
security: The CRL support is enabled
security: Skipping revocation check, not publisher cert
network: Connecting http://ocsp.quovadisglobal.com/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
您可以看到对 jar 文件的 JAVAWS AppPolicy Permission 请求两次(从第 26-45 行开始,它们与第 1-21 行相同)。
我自己的任务是导致问题的原因是这条线
security: Grant socket perm for http://192.168.72.72:8061/ivy/rdlib/syntheticaAddons-1.226.jar : java.security.Permissions@64424952 (
("java.net.SocketPermission" "192.168.72.72" "connect,accept,resolve")
)
对于其他一些 jar 文件,上面的行(对于 Grant socket perm)没有出现,所以这个文件只检查了一次。
在这种情况下,我现在更新到 JRE 7 更新 40,在 Java 控制面板中,我启用了“混合代码(沙盒与可信)安全验证”
然后我尝试禁用“混合代码(沙盒与可信)安全验证”,然后:
- 检查 1 次的 jar 文件(在上述情况下)不再检查权限。
- 检查了两次的jar文件(上述情况)还是检查了1次(而且“security:Grant socket perm...”依然出现)
这里可能是什么问题?这是一个安全错误还是我的 jars 或 JNLP 有问题?
请帮忙。非常感谢。