我有一个我创建的Java RMI程序。当且仅当我通过CGI隧道和浏览器进行连接时,我才遇到连接服务器的问题。
我遇到了不同的问题并纠正了大部分问题。 首先我的服务器是多宿主所以我必须设置java.rmi.server.hostname属性。 其次,我的主要用户的组织已阻止端口,因此我必须设置java的CGI隧道以通过端口80。
现在,我可以通过命令行通过隧道连接到服务器(java -Dserver="xxx.xxx.xxx.xxx" -DproxyHost="xxx.xxx.xxx.xxx" kb360.desktop.MainPanel
)
但是,当我从浏览器运行它时,连接拒绝托管。
此外,我可以在打开端口时从浏览器运行它。 (即没有隧道需要)
我尝试了各种各样的方法来找出解决方案。我使用以下属性值启动了服务器。
java -Djava.rmi.server.hostname=168.62.9.134 -Djava.rmi.server.logCalls=true -Djava.rmi.server.useCodebaseOnly=false -Djava.security.manager -Djava.security.policy=policy.txt kb360.service.Server
尝试在浏览器中连接到它时,隧道并未java.rmi.server.logCalls
记录任何内容。但是,在其他情况下确实如此。
这是policy.txt
grant {
permission java.security.AllPermission;
};
这是从java控制台
输出的Match: beginTraversal
Match: digest selected JREDesc: JREDesc[version 1.7+, heap=-1--1, args=null, href=http://java.sun.com/products/autodl/j2se, sel=false, null, null], JREInfo: JREInfo for index 0:
platform is: 1.7
product is: 1.7.0_21
location is: http://java.sun.com/products/autodl/j2se
path is: C:\Program Files\Java\jre7\bin\javaw.exe
args is:
native platform is: Windows, x86 [ x86, 32bit ]
JavaFX runtime is: JavaFX 2.2.21 found at C:\Program Files\Java\jre7\
enabled is: true
registered is: true
system is: true
Match: ignoring maxHeap: -1
Match: ignoring InitHeap: -1
Match: digesting vmargs: null
Match: digested vmargs: [JVMParameters: isSecure: true, args: ]
Match: JVM args after accumulation: [JVMParameters: isSecure: true, args: ]
Match: digest LaunchDesc: http://x.x.x.x/kb.jnlp
Match: digest properties: []
Match: JVM args: [JVMParameters: isSecure: true, args: ]
Match: endTraversal ..
Match: JVM args final:
Match: Running JREInfo Version match: 1.7.0.21 == 1.7.0.21
Match: Running JVM args match: have:<> satisfy want:<>
Registry RegistryImpl_Stub[UnicastRef [liveRef: [endpoint:[x.x.x.x:1099](remote),objID:[0:0:0, 0]]]]
java.rmi.ConnectException: Connection refused to host: x.x.x.x; nested exception is:
java.net.ConnectException: Connection timed out: connect
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(Unknown Source)
at sun.rmi.transport.tcp.TCPChannel.createConnection(Unknown Source)
at sun.rmi.transport.tcp.TCPChannel.newConnection(Unknown Source)
at sun.rmi.server.UnicastRef.newCall(Unknown Source)
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at kb360.desktop.Client.<init>(Client.java:27)
at kb360.desktop.MainPanel.initialize(MainPanel.java:94)
at kb360.desktop.MainPanel.start(MainPanel.java:140)
at com.sun.javafx.applet.FXApplet2$1.run(FXApplet2.java:132)
at com.sun.javafx.application.PlatformImpl$4$1.run(PlatformImpl.java:179)
at com.sun.javafx.application.PlatformImpl$4$1.run(PlatformImpl.java:176)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.javafx.application.PlatformImpl$4.run(PlatformImpl.java:176)
at com.sun.glass.ui.win.WinApplication._runLoop(Native Method)
at com.sun.glass.ui.win.WinApplication.access$100(WinApplication.java:29)
at com.sun.glass.ui.win.WinApplication$3$1.run(WinApplication.java:73)
at java.lang.Thread.run(Unknown Source)
Caused by: java.net.ConnectException: Connection timed out: connect
at sun.rmi.transport.proxy.RMIMasterSocketFactory.checkConnector(Unknown Source)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(Unknown Source)
... 17 more
这是相关的客户端代码
MainPanel.java片段(客户端的入口点)
//gets the proxyHost and my own server properties
findProperties();
System.setProperty("java.rmi.server.useCodebaseOnly","false");
//I don't know if I have this set right. But I guess it doesn't matter
// because of setting the SecurityManager below.
System.setProperty("java.security.debug","failure,access");
//I know I am going overboard. But I wanted to make sure
// security wasn't a problem
System.setSecurityManager(
new SecurityManager()
{
@Override
public void checkAccept(String host, int port)
{
}
@Override
public void checkAccess(Thread t)
{
}
@Override
public void checkAccess(ThreadGroup g)
{
}
@Override
public void checkConnect(String host, int port)
{
}
@Override
public void checkConnect(String host, int port, Object context)
{
}
public void checkPermission(Permission perm)
{
}
}
);
//This is set properly from the command line and from the browser
System.out.println("server " + System.getProperty("server") + " proxyHost " + System.getProperty("proxyHost") );
/*line 94*/ client = new Client(System.getProperty("server"));
Client.java代码段
try
{
//I changed the lookupName from "sever" to this.
//I don't think it made any difference
String lookupName = "rmi://x.x.x.x:1099/server";
Registry registry = LocateRegistry.getRegistry(serverName);
System.out.println("Registry " + registry);
/*line 27*/ mRemotes = (ServerRemotes) registry.lookup(lookupName);
boolean ready = true;
if (mRemotes == null)
{
ready = false;
System.out.println("remote is null");
}
if ( (mUploader = mRemotes.getUploadRemote()) == null)
{
ready = false;
System.out.println("upload is null");
}
if ( (mSearcher = mRemotes.getSearchRemote()) == null)
{
ready = false;
System.out.println("search is null");
}
System.out.println(mRemotes);
System.out.println(mUploader);
System.out.println(mSearcher);
System.setProperty("proxyHost","localhost");
}
catch (RemoteException re)
{
re.printStackTrace();
mRemotes = null;
}
catch (Exception e)
{
System.err.println("Client exception:");
e.printStackTrace();
}
Jar manifest亲自签名。
Manifest-Version: 1.0
Permissions: all-permissions
Created-By: 1.7.0_13 (Oracle Corporation)
Codebase: *
...
...
但是,jnlp没有签名。我不认为它有所作为。 javafx应用程序根据要求运行所有权限 jnlp文件。 我的程序能够启动而不是连接到服务器。
Jnlp设置了所有权限
<security>
<all-permissions/>
</security>
Html文件片段。是否应该有关于权限的内容
var parameters = {
id:"kb360",
width:screen.width,
url:"kb360.jnlp",
height:screen.height,
placeholder:"placeholder"
};
var app = new dtjava.App("www.myWebsite.com/kb.jnlp",parameters);
var platform = new dtjava.Platform({
javafx: "2+",
jvm:"1.7+"
});
alert (platform);
dtjava.embed(app,platform);
}
dtjava.addOnloadCallback(deployKB);