我正在尝试让现有的应用程序与Wildfly Security Manager一起使用。首先,我正在运行我的应用程序并添加我需要的standalone.xml配置,以响应应用程序日志文件中的异常:
<subsystem xmlns="urn:jboss:domain:security-manager:1.0">
<deployment-permissions>
<minimum-set>
<permission class="java.util.PropertyPermission" name="*" actions="read,write"/>
<permission .../>
</minimum-set>
</deployment-permissions>
</subsystem>
这样做没问题,直到我遇到以下异常:
2017-01-03 16:00:22,119 ERROR [com.myapp.ClusteredCache] (ServerService Thread Pool -- 68) Failed to bind to JNDI name: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.naming.java.permission.JndiPermission" "/AppCacheImpl" "bind")" in code source "(vfs:/content/myapp-wildfly.jar <no signer certificates>)" of "null")
at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:273) [wildfly-elytron-1.0.2.Final.jar:1.0.2.Final]
...
我添加了这样的权限:
<permission class="org.wildfly.naming.java.permission.JndiPermission" name="-" actions="all"/>
或:
<permission class="org.wildfly.naming.java.permission.JndiPermission" name="<<ALL BINDINGS>>" actions="all"/>
甚至具体:
<permission class="org.wildfly.naming.java.permission.JndiPermission" name="/AppCacheImpl" actions="bind"/>
但WildFly仍会抛出异常。知道我做错了吗?
答案 0 :(得分:0)
这是一个类加载错误。由于在wildfly命名模块中如何指定JndiPermission,您需要指定一个模块属性,如下所示:
<permission
module="org.jboss.as.naming"
class="org.wildfly.naming.java.permission.JndiPermission"
name="-"
actions="all"/>