这是我的错误:
java.security.AccessControlException:访问被拒绝(“java.io.FilePermission”“C:\Temp\SettingsApp.policy”“读取”)
这是我的政策(为每个应用程序动态制定)
grant signedBy "SmartMirror" {
permission java.lang.RuntimePermission "setSecurityManager";
permission java.lang.RuntimePermission "getSecurityManager";
permission java.lang.RuntimePermission "createSecurityManager";
permission java.lang.RuntimePermission "usePolicy";
};
grant signedBy "currentUser" codeBase "file:/C:/Temp/SettingsApp.jar" {
permission java.io.FilePermission "C:/Temp/SettingsApp.policy", "read";
};
这就是我设置策略和使用安全管理器的方式:
System.setSecurityManager(null); // reset so can reload new policy
System.setProperty("java.security.policy", "file:/C:/Temp/" + app.getName() + ".policy");
System.setSecurityManager(new SecurityManager()); // instance with new policy
JPanel panel = (JPanel) app.getObject().newInstance(); // instance Class <?>
jar 文件正在像这样加载并且工作正常:
try {
appLoader = URLClassLoader.newInstance(new URL[] { download }); // download is a URL of the C:/Temp/SettingsApp.jar
appBuilder = appLoader.loadClass("iezon.app." + name); // name is SettingsApp
} catch (ClassNotFoundException e) {
// TODO: Add class not found error for Application (App Developer issue)
}
首次运行时JPanel panel = (JPanel) app.getObject().newInstance();,它工作正常并返回 JPanel。但是,如果我再次尝试运行它,我会收到错误消息。
这是我收到错误的地方:
if (!app.policyIsAgreedTo()) {
if(readPolicy(app).get(0).equalsIgnoreCase("grant {")) {
app.setPolicy(true);
} else {
throw new Exception("App policy has not been agreed to.");
}
}
然后导致读取文件,因为默认情况下,此文件包含它想要请求的逐行策略,然后将其重写为真正的策略:
public ArrayList<String> readPolicy(App app) {
String line = null;
try {
ArrayList<String> builder = new ArrayList<String>();
FileReader fileReader = new FileReader("C:/Temp/" + app.getName() + ".policy");
BufferedReader bufferedReader = new BufferedReader(fileReader);
while ((line = bufferedReader.readLine()) != null) {
builder.add(line);
}
bufferedReader.close();
return builder;
} catch (IOException ex) {
ex.printStackTrace();
return new ArrayList<String>();
}
}
public static void createPolicy(ArrayList<String> policies, App app) {
try {
FileWriter fileWriter =
new FileWriter("C:/Temp/" + app.getName() + ".policy");
BufferedWriter bufferedWriter =
new BufferedWriter(fileWriter);
bufferedWriter.write("grant signedBy \"SmartMirror\" {");
bufferedWriter.newLine();
bufferedWriter.write(" permission java.lang.RuntimePermission \"setSecurityManager\";");
bufferedWriter.newLine();
bufferedWriter.write(" permission java.lang.RuntimePermission \"getSecurityManager\";");
bufferedWriter.newLine();
bufferedWriter.write(" permission java.lang.RuntimePermission \"createSecurityManager\";");
bufferedWriter.newLine();
bufferedWriter.write(" permission java.lang.RuntimePermission \"usePolicy\";");
bufferedWriter.newLine();
bufferedWriter.write("};");
bufferedWriter.newLine();
bufferedWriter.newLine();
bufferedWriter.write("grant signedBy \"" + Init.usrController.getCurrentUser().getFname() + Init.usrController.getCurrentUser().getLname() + "\" codeBase \"file:/C:/Temp/" + app.getName() + ".jar\" {");
bufferedWriter.newLine();
for(String policy : policies) {
bufferedWriter.write(" permission java.lang.RuntimePermission \"" + policy + "\";");
bufferedWriter.newLine();
}
bufferedWriter.write(" permission java.io.FilePermission \"C:/Temp/" + app.getName() + ".policy\", \"read\";");
bufferedWriter.newLine();
bufferedWriter.write("};");
bufferedWriter.close();
} catch(IOException ex) {
ex.printStackTrace();
}
}