从 Web 应用程序运行小程序时的 java.lang.RuntimePermission
我正在尝试从小程序中读取环境变量,这是我的代码
I'm trying to read a envrionment varaible from a applet, here is my code
String env = System.getenv("TWS");
System.out.println(env);
Runtime rt = Runtime.getRuntime();
String s = env + "\\WebStart.bat " ;
System.out.println(s);
try {
Process p = rt.exec(s);
} catch (Exception e) {
}
当我通过右键单击并运行从 netbeans 运行代码时,它运行没有问题.
when i run the code from netbeans by right click and run, it is running without a problem.
但是当我将它放入 jar 文件时,将它添加到我的 Web 应用程序并尝试使用以下代码从 html 页面运行它
but when i put it to a jar file, add it to my web application and try to run it from a html page using the following code
<applet code="draw.class" archive='AppletTest.jar'>
<param name="shape" value="triangle"/>
</applet>
我收到一个错误消息,说访问被拒绝,java.lang.RuntimePermission
i'm getting a error saying access denied , java.lang.RuntimePermission
我正在使用 tomcat 6 运行此 Web 应用程序.
i am running this web application using tomcat 6.
我已经阅读了一些指南,并在 tomcat 6 的 catalina.policy 文件中添加了以下条目并重新启动了 tomcat
i have read some guides and added the following entry to catalina.policy file in tomcat 6 and restarted tomcat
permission java.lang.RuntimePermission "accessDeclaredMembers";
但仍然是同样的警告.有人可以为这个问题提出一个解决方案吗?
but still the same warning. can some one please suggest a solution for this problem?
--兰加纳
当您从 netbeans 运行小程序时,Java 虚拟机在与您通过浏览器运行时不同的安全机制下运行它.
When you run your applet from netbeans, Java virtual machines runs it under a different security regime than when you run it through browser.
通过浏览器下载的小应用程序未使用安全证书签名,被视为不受信任的小应用程序,称为未签名小应用程序.在客户端上运行时,未签名的小程序在仅允许一组安全操作的安全沙箱中运行.您可以使用 安全管理器.例如在你的情况下:
Applets, downloaded through browsers, that are not signed using a security certificate, are considered to be untrusted and referred to as unsigned applets. When running on a client, unsigned applets operate within a security sandbox that allows only a set of safe operations. You can check if a perticular permission is granted to you applet or not by using SecurityManager. For example in your case :
System.getSecurityManager().checkPermission(new RuntimePermission("accessDeclaredMembers"));
您可以在此处了解有关小程序安全性的更多信息> 和 此处.可以找到有关制作签名小程序的非常好的教程 此处.
You can know more about applet security here and here. A very nice tutorial on making signed applets can be found here.