使用来自Applet的JSch连接到SFTP服务器时的AccessControlException

时间:2009-10-12 15:47:55

标签: java applet sftp accesscontrolexception

小程序将从SFTP服务器下载文件。 JSch库用于创建会话,使用它连接到SFTP服务器,创建SFTP通道并在该服务器上执行该文件的GET命令。小程序已签名。

下载文件的代码段:

    public static void prepareSession() throws JSchException {

  try {
   session = jsch.getSession(user,host,port);
   session.setConfig("StrictHostKeyChecking", "no");        
      session.setPassword(password);
  } catch (JSchException e) {
   e.printStackTrace();
   throw new JSchException(e.getLocalizedMessage(),e);
  }
 }

 public synchronized static void downloadFile() throws Exception {
  ChannelSftp channelSFTP = null;
  try {
   if (!session.isConnected()) {
    session.connect();
   }
   Channel channel=session.openChannel("sftp");
      channel.connect();
      channelSFTP=(ChannelSftp)channel;

      String destFile = SFTPImpl.destFolder + "/" + SFTPImpl.sourceFile + ".part";

      log.info("Downloading file: " + SFTPImpl.sourceFile + " -- START");
      channelSFTP.get(SFTPImpl.sourceFile,destFile,SFTPImpl.monitor,ChannelSftp.OVERWRITE);      

  } catch (JSchException e) {
   log.error("Error occurred within library", e);
   throw new JSchException(e.getMessage(),e);
  } catch (SftpException e) {
   log.error("Error occurred in SFTP communication. Error ID: " + e.id, e);
   throw new SftpException(e.id,e.getMessage(),e);
  } catch (Exception e) {
   throw new Exception(e.getMessage(),e);
  }finally {
   if (channelSFTP != null && channelSFTP.isConnected()) {
    channelSFTP.quit();
       channelSFTP.disconnect();
       session.disconnect();
   }
  }
 }

使用Java Deployment Toolkit部署Applet。 applet部署的HTML页面代码段是:

<script src="http://www.java.com/js/deployJava.js"></script>
  <script>
   var attributes = {code:'com.sftptest.applet.SFTPApplet', archive:'signedsftp.jar,jsch.jar,log4j-1.2.15.jar', width:400, height:400} ; 
         var parameters = {jnlp_href: 'sftpdownload-applet.jnlp'} ; 
         deployJava.runApplet(attributes, parameters, '1.6');
  </script> 

sftpdownload-applet.jnlp文件:

<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="" href="">
    <information>
        <title>SFTP Downloader</title>
        <vendor>local</vendor>
    </information>
    <resources>
        <!-- Application Resources -->
        <j2se version="1.6+"
              href="http://java.sun.com/products/autodl/j2se" />
        <jar href="signedsftpsftp.jar" main="true" />
        <jar href="jsch.jar" />
        <jar href="log4j-1.2.15.jar" />
    </resources>
    <applet-desc 
         name="SFTP Downloader Applet"
         main-class="com.sftptest.applet.SFTPApplet"
         width="400"
         height="400">
     </applet-desc>
     <update check="background"/>
</jnlp>

applet包含一个文件选择器,用于选择下载位置。选择下载位置后,applet应立即开始下载文件。但是一段时间后,控制台出现了错误:

[Oct 12 20:39:16] ERROR (SFTPImpl.java:130) - Error occurred within library
com.jcraft.jsch.JSchException: java.security.AccessControlException: access denied (java.net.SocketPermission sftpcal.cognizant.com resolve)
 at com.jcraft.jsch.Util.createSocket(Util.java:341)
 at com.jcraft.jsch.Session.connect(Session.java:182)
 at com.jcraft.jsch.Session.connect(Session.java:150)
 at com.sftptest.SFTPImpl.downloadFile(SFTPImpl.java:111)
 at com.sftptest.ui.DownloadPanel$DownloadTask.doInBackground(DownloadPanel.java:316)
 at com.sftptest.ui.DownloadPanel$DownloadTask.doInBackground(DownloadPanel.java:1)
 at javax.swing.SwingWorker$1.call(SwingWorker.java:278)
 at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
 at java.util.concurrent.FutureTask.run(FutureTask.java:138)
 at javax.swing.SwingWorker.run(SwingWorker.java:317)
 at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 at java.lang.Thread.run(Thread.java:637)

从异常日志中我看到异常来自JSch框架的Util.createSocket()方法:

  static Socket createSocket(String host, int port, int timeout) throws JSchException{
    Socket socket=null;
    if(timeout==0){
      try{
        socket=new Socket(host, port);
        return socket;
      }
      catch(Exception e){
        String message=e.toString();
        if(e instanceof Throwable)
          throw new JSchException(message, (Throwable)e);
        throw new JSchException(message);
      }
    }

请帮助&amp;如果需要更多信息,请与我们联系。

1 个答案:

答案 0 :(得分:2)

您已经签署了applet,是的,但是您忘记在jnlp中请求套接字创建权限。

<security>
  <j2ee-application-client-permissions/>
</security>