我正在google app engine java上创建一个应用程序,我必须阅读静态文件的内容。在war目录中有一个名为myrsakey11.pk8的文件。
我读取文件的代码段是
public static PrivateKey getPrivateKey(String privKeyFileName) throws IOException {
File privKeyFile = new File(privKeyFileName);
FileInputStream fis = new FileInputStream(privKeyFile);
DataInputStream dis = new DataInputStream(fis);
byte[] privKeyBytes = new byte[(int) privKeyFile.length()];
try {
dis.read(privKeyBytes);
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
dis.close();
fis.close();
String BEGIN = "-----BEGIN PRIVATE KEY-----";
String END = "-----END PRIVATE KEY-----";
String str = new String(privKeyBytes);
if (str.contains(BEGIN) && str.contains(END)) {
str = str.substring(BEGIN.length(), str.lastIndexOf(END));
}
KeyFactory fac;
try {
fac = KeyFactory.getInstance("RSA");
EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(Base64.decode(str));
return fac.generatePrivate(privKeySpec);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Base64DecoderException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidKeySpecException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
在这个函数中我传递字符串“/myrsakey11.pk8”
我得到的完整错误日志是
java.security.AccessControlException: access denied (java.io.FilePermission /myrsakey11.pk8 read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:355)
at java.security.AccessController.checkPermission(AccessController.java:567)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at com.google.apphosting.runtime.security.CustomSecurityManager.checkPermission(CustomSecurityManager.java:56)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.FileInputStream.<init>(FileInputStream.java:133)
at org.ritesh.HelloWorldServlet.getPrivateKey(HelloWorldServlet.java:129)
at org.ritesh.HelloWorldServlet.doGet(HelloWorldServlet.java:110)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
at com.google.apphosting.utils.servlet.ParseBlobUploadFilter.doFilter(ParseBlobUploadFilter.java:102)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.runtime.jetty.SaveSessionFilter.doFilter(SaveSessionFilter.java:35)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.handle(AppVersionHandlerMap.java:266)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
at com.google.apphosting.runtime.jetty.RpcRequestParser.parseAvailable(RpcRequestParser.java:76)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:146)
at com.google.apphosting.runtime.JavaRuntime$RequestRunnable.run(JavaRuntime.java:447)
at com.google.tracing.TraceContext$TraceContextRunnable.runInContext(TraceContext.java:454)
at com.google.tracing.TraceContext$TraceContextRunnable$1.run(TraceContext.java:461)
at com.google.tracing.TraceContext.runInContext(TraceContext.java:703)
at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContextNoUnref(TraceContext.java:338)
at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContext(TraceContext.java:330)
at com.google.tracing.TraceContext$TraceContextRunnable.run(TraceContext.java:458)
at com.google.apphosting.runtime.ThreadGroupPool$PoolEntry.run(ThreadGroupPool.java:251)
at java.lang.Thread.run(Thread.java:679)
任何人都可以告诉我如何纠正这个错误??
答案 0 :(得分:2)
它也发生在我身上,并花了一些时间来弄明白:
如果您声明文件路径错误,Google AE不会抛出FileNotFoundException,而是抛出“AccessControlException:access denied(read)”。
确保您的路径有效!
答案 1 :(得分:0)
您是否按照[1]中的说明授予了对此静态文件的访问权限。 你如何获得静态文件的路径?也许您可以将此文件用作资源(将其放入WEB-INF文件夹中)并按以下方式访问它:
ServletContext context = getContext();
InputStream resourceContent = context.getResourceAsStream("/WEB-INF/testinger.txt");
[1] https://developers.google.com/appengine/docs/java/config/appconfig#include-exclude
答案 2 :(得分:0)
获取已部署的appengine应用程序以访问数据存储区很困难,this tutorial无法解释。我没有使用教程中描述的环境变量,而是在我的应用中使用了常量。 p12文件需要位于已部署应用程序可访问的位置 - 例如/ src / main / resources /。
我这样做是这样的:
datastore = DatastoreFactory.get()。create(DatastoreHelper.getOptionsfromEnv() .dataset(DATASET_ID).build());
根据教程的建议,我做了以下
Credential credential = getCredential();
DatastoreOptions.Builder options = DatastoreHelper.getOptionsFromEnv().credential(credential);
datastore = DatastoreFactory.get().create(options.dataset(DATASET_ID).build());
其中getCredential()的定义如下:
private Credential getCredential() throws GeneralSecurityException, IOException {
final String serviceAccount = "123-xxx@developer.gserviceaccount.com";
final String FILE_NAME = "/app-xxx.p12";
URL url = getClass().getResource(FILE_NAME);
String filename = url.getFile();
return DatastoreHelper.getServiceAccountCredential(serviceAccount, filename);
}