我想在点击applet上的特定按钮时加载jar。
我想避免在加载applet时提示用户对jar有安全警告,但单击按钮时应该出现警告。
我正在使用WebStart。
代码和错误如下。
Policy.setPolicy(new Policy() {
public PermissionCollection getPermissions(CodeSource codesource) {
Permissions perms = new Permissions();
perms.add(new AllPermission());
return (perms);
}
public void refresh() {
}
});
System.setSecurityManager(null);
ClassLoader wcl = MainApplet.class.getClassLoader();
URL[] urls = new URL[1];
String protocol="http";
String host="localhost";
int port = 8080;
String file = "MB/download/ubikey-1.0.2.5.jar";
// String url = URLEncoder("http://localhost:11090/MultiToolkitDemo/download/ubikey-1.0.2.5.jar");
urls[0] = new URL(protocol, host, port, file);
try {
ds = (DownloadService) ServiceManager
.lookup("javax.jnlp.DownloadService");
// determine if a particular resource is cached
URL url = new URL(
"http://localhost:8080/MB/download/ubikey-1.0.2.5.jar");
boolean cached = ds.isResourceCached(url, "1.0");
// remove the resource from the cache
if (cached) {
ds.removeResource(url, "1.0");
}
// reload the resource into the cache
DownloadServiceListener dsl = ds.getDefaultProgressWindow();
ds.loadResource(url, "1.0", dsl);
} catch (Exception e) {
e.printStackTrace();
}
URLClassLoader cl = new URLClassLoader(urls, wcl);
try {
cl.loadClass("kr.co.JUBIKey.JUBIKeyManager");
} catch (ClassNotFoundException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
错误如下。
cache: MemoryCache replacing http://localhost:8080/MB/download/ubikey-1.0.2.5.jar (refcnt=2). Was: URL: http://localhost:8080/MB/download/ubikey-1.0.2.5.jar | /Users/rnd/Library/Application Support/Oracle/Java/Deployment/cache/6.0/14/2e04ea0e-6e999798-1.0-.idx Now: URL: http://localhost:8080/MB/download/ubikey-1.0.2.5.jar.pack.gz | /Users/rnd/Library/Application Support/Oracle/Java/Deployment/cache/6.0/32/5c664da0-4e2b1d6e.idx
cache: Reading Signers from 3607 http://localhost:8080/MB/download/ubikey-1.0.2.5.jar.pack.gz | /Users/rnd/Library/Application Support/Oracle/Java/Deployment/cache/6.0/32/5c664da0-4e2b1d6e.idx
cache: Done readSigners(http://localhost:8080/MB/download/ubikey-1.0.2.5.jar.pack.gz)
cache: Read manifest for http://localhost:8080/MB/download/ubikey-1.0.2.5.jar.pack.gz: read=130 full=7460
basic: Plugin2ClassLoader.isTrustedByPolicy called
basic: Plugin2ClassLoader.isTrustedByPolicy returns false
security: resource name "kr/co/JUBIKey/JUBIKeyManager.class" in http://localhost:8080/MB/download/ubikey-1.0.2.5.jar.pack.gz : java.lang.SecurityException: attempted to open sandboxed jar http://localhost:8080/MB/download/ubikey-1.0.2.5.jar.pack.gz as a Trusted-Library
Exception in thread "AWT-EventQueue-2" java.lang.SecurityException: attempted to open sandboxed jar http://localhost:8080/MB/download/ubikey-1.0.2.5.jar.pack.gz as a Trusted-Library
at com.sun.deploy.security.CPCallbackHandler$ParentElement.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.checkResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getResource(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.JNLP2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(ClassLoader.java:411)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at com.ktnet.pki.multibrowser.util.JnlpUtil.loadJar(JnlpUtil.java:69)
at com.ktnet.pki.multibrowser.dialog.SelectCertificateDlg$10.run(SelectCertificateDlg.java:1945)
at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:251)
at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:733)
at java.awt.EventQueue.access$200(EventQueue.java:103)
at java.awt.EventQueue$3.run(EventQueue.java:694)
at java.awt.EventQueue$3.run(EventQueue.java:692)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:76)
at java.awt.EventQueue.dispatchEvent(EventQueue.java:703)
at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:242)
at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:161)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:150)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:146)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:138)
at java.awt.EventDispatchThread.run(EventDispatchThread.java:91)
答案 0 :(得分:1)
我想避免在加载applet时提示用户对jar有安全警告,但单击按钮时应该出现警告。
不。这不是一种选择。安全检查在应用程序之前执行。在屏幕上显示它。