Spring 4 Groovy Bean DSL AccessControlException

Question

我试图在Spring 4中使用Groovy DSL在Spring MVC应用程序中定义我们的bean。一切都在当地的雄猫中游动。

当应用程序移动到测试区域时，也就是tomcat，它在启动时失败了。当调用importBeans方法引入额外的groovy DSL脚本（按预期导入XML文件）时，它会失败。

当脚本尝试执行时，我们会看到如下所示的堆栈：

Caused by: java.security.AccessControlException: access denied ("groovy.security.GroovyCodeSourcePermission" "/groovy/shell")
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:366) ~[na:1.7.0_11]
    at java.security.AccessController.checkPermission(AccessController.java:560) [na:1.7.0_11]
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) ~[na:1.7.0_11]
    at groovy.lang.GroovyCodeSource.createCodeSource(GroovyCodeSource.java:216) ~[groovy-2.3.4.jar:2.3.4]
    at groovy.lang.GroovyCodeSource.<init>(GroovyCodeSource.java:93) ~[groovy-2.3.4.jar:2.3.4]
    at groovy.lang.GroovyShell.parse(GroovyShell.java:666) ~[groovy-2.3.4.jar:2.3.4]
    at groovy.lang.GroovyShell.evaluate(GroovyShell.java:647) ~[groovy-2.3.4.jar:2.3.4]
    at org.springframework.beans.factory.groovy.GroovyBeanDefinitionReader.loadBeanDefinitions(GroovyBeanDefinitionReader.java:242) ~[spring-beans-4.1.0.RELEASE.jar:4.1.0.RELEASE]

进一步跟踪表明初始Groovy文件运行正常，使用importBeans加载XML文件，然后在Groovy脚本上失败。

Tomcat版本是7。

我已尝试将政策添加到catalina.policy文件但没有运气。我不确定我是否理解政策文件：

grant codeBase "file:${catalina.home}/apps/myAwesomeApp/WEB-INF/classes/-" {
  permission groovy.security.GroovyCodeSourcePermission "/groovy/script";
  permission groovy.security.GroovyCodeSourcePermission "/groovy/shell";
  permission java.io.FilePermission "/groovy/script", "read";
  permission java.io.FilePermission "/groovy/shell", "read";
  permission java.lang.RuntimePermission "accessClassInPackage.*";
  permission java.lang.RuntimePermission "createClassLoader";
  permission java.lang.RuntimePermission "defineClassInPackage.*";
  permission java.lang.RuntimePermission "getClassLoader";
  permission java.lang.RuntimePermission "getProtectionDomain";
  permission java.lang.RuntimePermission "setContextClassLoader";
  permission java.lang.RuntimePermission "shutdownHooks";
  permission java.util.PropertyPermission "*", "read,write";
};

grant codeBase "file:/groovy/shell" {
  permission java.lang.RuntimePermission "accessDeclaredMembers";
};

grant codeBase "file:/groovy/script" {
  permission java.lang.RuntimePermission "accessDeclaredMembers";
};

grant codeBase "file:/groovy/security/-" {
  permission java.lang.RuntimePermission "accessDeclaredMembers";
};

对下一步的想法？