2. 질의 응답
  3. 5.1

5.1

2016-12-14 3 views
5

내가 JMX를 통해 제이 보스 EAP 5.1에 웹 애플리케이션 (전쟁을) 시작/중지 할 수있는 UI 도구를 만들기 위해 노력하고있어,하지만 보안과 문제가5.1

로컬 호스트 : 1099 jboss.web.deployment : 
public class jmx_console { 
    // 
    private static final Logger log = Logger.getLogger(jmx_console.class); 

    // 
    public static String startAndStopQueueManager(String jnpUrl, String qmUrl, String action, String username, String password) throws NamingException, MalformedObjectNameException, InstanceNotFoundException, MBeanException, ReflectionException, 
      IOException, AttributeNotFoundException { 
     // 
     log.debug("username: " + username); 
     log.debug("password: " + password); 
     log.debug("action: " + action); 
     log.debug("qmUrl: " + qmUrl); 
     log.debug("jnpUrl: " + jnpUrl); 
     // 
     System.setProperty("java.security.policy", "client.policy"); 
     if (System.getSecurityManager() == null) { 
      System.setSecurityManager(new RMISecurityManager()); 
     } 
     // 
     Properties ht = new Properties(); 
     ht.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory"); 
     ht.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces"); 
     ht.put(Context.PROVIDER_URL, jnpUrl); 
     ht.put(Context.SECURITY_PRINCIPAL, username); 
    ht.put(Context.SECURITY_CREDENTIALS, password); 
     Context ctx = new InitialContext(ht); 
     MBeanServerConnection mbeanConn = (MBeanServerConnection) ctx.lookup("jmx/invoker/RMIAdaptor"); 
     ObjectName queueManagerObjectManager = new ObjectName(qmUrl); 
     mbeanConn.invoke(queueManagerObjectManager, action, null, null); 
     return (String) mbeanConn.getAttribute(queueManagerObjectManager, "StateString"); 
    } 

    public static void main(String[] args) { 
     try { 
      startAndStopQueueManager(args[0], args[1], args[2], args[3], args[4]); 
     } catch (Exception e) { 
      log.debug(ExceptionUtils.getStackTrace(e)); 
     } 
    } 
}

인수 전쟁 =/여기서 queueManager, 시작 관리자, 관리자

을하고는 예외입니다 :

14 12 2016 11:56:00,372 DEBUG it.m2sc.utility.jmx_console: 31 - username: admin 
14 12 2016 11:56:00,373 DEBUG it.m2sc.utility.jmx_console: 32 - password: admin 
14 12 2016 11:56:00,373 DEBUG it.m2sc.utility.jmx_console: 33 - action: start 
14 12 2016 11:56:00,373 DEBUG it.m2sc.utility.jmx_console: 34 - qmUrl: jboss.web.deployment:war=/QueueManager 
14 12 2016 11:56:00,373 DEBUG it.m2sc.utility.jmx_console: 35 - jnpUrl: LCES4DISP:1099 
14 12 2016 11:56:00,411 DEBUG it.m2sc.utility.jmx_console: 59 - javax.naming.CommunicationException: Could not obtain connection to any of these urls: LCES4DISP:1099 and discovery failed with error: java.security.AccessControlException: access denied (java.net.SocketPermission 230.0.0.4 connect,accept,resolve) [Root exception is javax.naming.CommunicationException: Failed to connect to server LCES4DISP:1099 [Root exception is java.security.AccessControlException: access denied (java.net.SocketPermission LCES4DISP resolve)]] 
    at org.jnp.interfaces.NamingContext.checkRef(NamingContext.java:1727) 
    at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:680) 
    at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:673) 
    at javax.naming.InitialContext.lookup(InitialContext.java:392) 
    at it.m2sc.utility.jmx_console.startAndStopQueueManager(jmx_console.java:49) 
    at it.m2sc.utility.jmx_console.main(jmx_console.java:57) 
Caused by: javax.naming.CommunicationException: Failed to connect to server LCES4DISP:1099 [Root exception is java.security.AccessControlException: access denied (java.net.SocketPermission LCES4DISP resolve)] 
    at org.jnp.interfaces.NamingContext.getServer(NamingContext.java:311) 
    at org.jnp.interfaces.NamingContext.checkRef(NamingContext.java:1698) 
    ... 5 more 
Caused by: java.security.AccessControlException: access denied (java.net.SocketPermission LCES4DISP resolve) 
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374) 
    at java.security.AccessController.checkPermission(AccessController.java:549) 
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) 
    at java.lang.SecurityManager.checkConnect(SecurityManager.java:1031) 
    at java.net.InetAddress.getAllByName0(InetAddress.java:1172) 
    at java.net.InetAddress.getAllByName(InetAddress.java:1110) 
    at java.net.InetAddress.getAllByName(InetAddress.java:1046) 
    at java.net.InetAddress.getByName(InetAddress.java:996) 
    at org.jnp.interfaces.TimedSocketFactory.createSocket(TimedSocketFactory.java:81) 
    at org.jnp.interfaces.NamingContext.getServer(NamingContext.java:277) 
    ... 6 more

당신이 날이 문제를 toubleshooting 도와 드릴까요?

출처

2016-12-14 Stefano R.

+0

당신은 보안 관리자를 설정 함 예컨대 :? –

+0

예, 매개 변수를 로깅 한 후에 변경했습니다. –

+0

정책 파일의 절대 경로를 설정하려고 시도하십시오. System.setProperty ("java.security.policy", "file : //absolute/path/to/client.policy"); 또한 시스템 옵션 -Djava.security.debug = access를 추가 할 수 있습니다. 오류는 출력에서 ​​재미있는 것을 찾으십시오. –

답변

2

보안 정책에 문제가 있다고 생각합니다. 자세한 내용

1http://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html - 중 하나 명령 줄 플래그, 올바르게 정책 파일을 할당합니다

java -Djava.security.policy=/home/.../<filename>.policy ...

또는

System.setProperty("java.security.policy","file:///home/.../<filename>.policy");
당신은 또한 당신의 프로젝트와 같은 폴더에 넣을 수 있습니다

루트)를 사용하여 URI를 file:./<filename>.policy으로 줄입니다.

2 - 확인 정책 파일의 형식이 올바른지,

grant codeBase "file:<path>/bin/-" { 
    permission java.security.AllPermission; 
};

출처

2017-01-03 12:50:55

관련 문제

 관련 문제