0

这是我的错误:

java.security.AccessControlException:访问被拒绝(“java.io.FilePermission”“C:\Temp\SettingsApp.policy”“读取”)

这是我的政策(为每个应用程序动态制定)

grant signedBy "SmartMirror" {
    permission java.lang.RuntimePermission "setSecurityManager";
    permission java.lang.RuntimePermission "getSecurityManager";
    permission java.lang.RuntimePermission "createSecurityManager";
    permission java.lang.RuntimePermission "usePolicy";
};

grant signedBy "currentUser" codeBase "file:/C:/Temp/SettingsApp.jar" {
    permission java.io.FilePermission "C:/Temp/SettingsApp.policy", "read";
};

这就是我设置策略和使用安全管理器的方式:

System.setSecurityManager(null); // reset so can reload new policy
System.setProperty("java.security.policy", "file:/C:/Temp/" + app.getName() + ".policy");
System.setSecurityManager(new SecurityManager()); // instance with new policy
JPanel panel = (JPanel) app.getObject().newInstance(); // instance Class <?>

jar 文件正在像这样加载并且工作正常:

try {
    appLoader = URLClassLoader.newInstance(new URL[] { download }); // download is a URL of the C:/Temp/SettingsApp.jar
    appBuilder = appLoader.loadClass("iezon.app." + name); // name is SettingsApp
} catch (ClassNotFoundException e) {
    // TODO: Add class not found error for Application (App Developer issue)
}

首次运行时JPanel panel = (JPanel) app.getObject().newInstance();,它工作正常并返回 JPanel。但是,如果我再次尝试运行它,我会收到错误消息。

这是我收到错误的地方:

if (!app.policyIsAgreedTo()) {
    if(readPolicy(app).get(0).equalsIgnoreCase("grant {")) {
        app.setPolicy(true);
    } else {
        throw new Exception("App policy has not been agreed to.");
    }
}

然后导致读取文件,因为默认情况下,此文件包含它想要请求的逐行策略,然后将其重写为真正的策略:

public ArrayList<String> readPolicy(App app) {

    String line = null;
    try {
        ArrayList<String> builder = new ArrayList<String>();
        FileReader fileReader = new FileReader("C:/Temp/" + app.getName() + ".policy");
        BufferedReader bufferedReader = new BufferedReader(fileReader);
        while ((line = bufferedReader.readLine()) != null) {
            builder.add(line);
        }
        bufferedReader.close(); 
        return builder;
    } catch (IOException ex) {
        ex.printStackTrace();
        return new ArrayList<String>();
    }
}

public static void createPolicy(ArrayList<String> policies, App app) {

    try {
        FileWriter fileWriter =
                new FileWriter("C:/Temp/" + app.getName() + ".policy");
        BufferedWriter bufferedWriter =
                new BufferedWriter(fileWriter);

        bufferedWriter.write("grant signedBy \"SmartMirror\" {");
        bufferedWriter.newLine();
        bufferedWriter.write("    permission java.lang.RuntimePermission \"setSecurityManager\";");
        bufferedWriter.newLine();
        bufferedWriter.write("    permission java.lang.RuntimePermission \"getSecurityManager\";");
        bufferedWriter.newLine();
        bufferedWriter.write("    permission java.lang.RuntimePermission \"createSecurityManager\";");
        bufferedWriter.newLine();
        bufferedWriter.write("    permission java.lang.RuntimePermission \"usePolicy\";");
        bufferedWriter.newLine();
        bufferedWriter.write("};");

        bufferedWriter.newLine();
        bufferedWriter.newLine();
        bufferedWriter.write("grant signedBy \"" + Init.usrController.getCurrentUser().getFname() + Init.usrController.getCurrentUser().getLname() + "\" codeBase \"file:/C:/Temp/" + app.getName() + ".jar\" {");
        bufferedWriter.newLine();

        for(String policy : policies) {
            bufferedWriter.write("    permission java.lang.RuntimePermission \"" + policy + "\";");
            bufferedWriter.newLine();
        }


        bufferedWriter.write("    permission java.io.FilePermission \"C:/Temp/" + app.getName() + ".policy\", \"read\";");
        bufferedWriter.newLine();

        bufferedWriter.write("};");
        bufferedWriter.close();

    } catch(IOException ex) {
        ex.printStackTrace();
    }
}
4

0 回答 0