java.security.AccessControlException:拒绝访问(“java.security.SecurityPermission”“authProvider.SunMSCAPI”)
直到早上我的小程序中的一切正常。 我接受了Java更新,一切都停止了。 我正在使用applet处理数字证书。 这是我的堆栈跟踪。 我跟着一些oracle文章,但没有奏效。
https://blogs.oracle.com/java-platform-group/entry/liveconnect_changes_in_7u45 http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_library http:// www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html
Java Plug-in 10.45.2.18 Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM User home directory = C:\Users\vicky.thakor java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source) at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755) at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62) at java.security.KeyStore.load(Unknown Source) at SecurityApplet.initializeBrowserKeyStore(SecurityApplet.java:162) at SecurityApplet.isCertificateInstalled(SecurityApplet.java:268) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at sun.plugin.javascript.Trampoline.invoke(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source) at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source) at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source) at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source) at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source) at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source) at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source) at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
.java.policy文件我在applet的public void init()方法中创建。 它在访问applet中的任何内容之前。
grant { permission java.security.AllPermission; permission java.io.FilePermission "<>", "read"; permission java.io.FilePermission "<>", "write"; permission java.util.PropertyPermission "*", "read, write"; permission java.util.PropertyPermission "user.home", "read"; permission java.util.PropertyPermission "user.dir", "read"; permission java.lang.RuntimePermission "modifyThread"; permission java.lang.RuntimePermission "*"; };
更新:2013年11月18日
即使使用代码签名证书也无法正常工作
我还不能评论,所以我把它作为一个答案。
-
我相信在applet中创建.java.policy文件太晚了 – 在运行任何代码之前,插件已经启动并读取策略文件。
-
您可以对applet进行签名并使用jnlp文件在security元素中分配权限