Java Web应用程序部署

时间:2014-05-18 16:08:19

标签: java security tomcat web deployment

我使用Vaadin框架编写了我的第一个Web应用程序,现在我正尝试在线部署它。我将它导出到.war文件并在此处上传:http://www.eatj.com/但是在尝试运行时我收到有关安全性的错误。 (项目名称 - JTPWebApp)

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: Servlet.init() for servlet com.example.jtpwebapp.JtpwebappUI$Servlet threw exception
    org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
    org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
    org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
    org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987)
    org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
    org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:307)
    java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
    java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
    java.lang.Thread.run(Thread.java:619)
root cause

java.security.AccessControlException: access denied (java.util.PropertyPermission com.example.jtpwebapp.disable-xsrf-protection read)
    java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
    java.security.AccessController.checkPermission(AccessController.java:546)
    java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
    java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
    java.lang.System.getProperty(System.java:652)
    com.vaadin.server.DefaultDeploymentConfiguration.getSystemProperty(DefaultDeploymentConfiguration.java:148)
    com.vaadin.server.DefaultDeploymentConfiguration.getApplicationOrSystemProperty(DefaultDeploymentConfiguration.java:121)
    com.vaadin.server.DefaultDeploymentConfiguration.checkXsrfProtection(DefaultDeploymentConfiguration.java:260)
    com.vaadin.server.DefaultDeploymentConfiguration.<init>(DefaultDeploymentConfiguration.java:80)
    com.vaadin.server.VaadinServlet.createDeploymentConfiguration(VaadinServlet.java:183)
    com.vaadin.server.VaadinServlet.init(VaadinServlet.java:95)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    java.lang.reflect.Method.invoke(Method.java:597)
    org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
    org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:271)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
    org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:306)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:166)
    org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:120)
    org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
    org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
    org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
    org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987)
    org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
    org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:307)
    java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
    java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
    java.lang.Thread.run(Thread.java:619)

离线工作正常。我使用此代码

创建了文件server.policy和client.policy
grant  
{  
    permission java.security.AllPermission;  
};

但是我不知道在将它们放到哪里之后,在导出到.war文件后我看不到它们。 对不起,如果这很简单,但我正在编写我的第一个网络应用程序而且我现在卡住了。

1 个答案:

答案 0 :(得分:1)

我强烈建议您尝试将第一个应用部署到OpenShift Redhat。这很简单,没有安全管理员也可以使用。