我在eclipse中创建了一个GWT项目。现在我尝试使用openid4java库实现openId。
我通过属性导入.jar文件 - > java build path:
此外,我将.jar文件复制到war / WEB-INF / lib目录中。
当我调用authenticate()方法时,问题出现了。
然后我得到了一个:
访问/ openid / openid时遇到问题。原因:
access denied (java.lang.RuntimePermission modifyThreadGroup)
java.security.AccessControlException: access denied (java.lang.RuntimePermission modifyThreadGroup)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:166)
at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkAccess(DevAppServerFactory.java:191)
at java.lang.ThreadGroup.checkAccess(Unknown Source)
at java.lang.Thread.init(Unknown Source)
at java.lang.Thread.<init>(Unknown Source)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ReferenceQueueThread.<init>(MultiThreadedHttpConnectionManager.java:1039)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.storeReferenceToConnection(MultiThreadedHttpConnectionManager.java:164)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.access$900(MultiThreadedHttpConnectionManager.java:64)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:750)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:469)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:394)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:152)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
at org.openid4java.util.HttpCache.head(HttpCache.java:296)
at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179)
at org.openid4java.discovery.Discovery.discover(Discovery.java:134)
at org.openid4java.discovery.Discovery.discover(Discovery.java:114)
at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527)
at auth.openid.server.OpenIDServlet.authenticate(OpenIDServlet.java:138)
at auth.openid.server.OpenIDServlet.doGet(OpenIDServlet.java:101)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:693)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:51)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
这是我的servlet源:
import com.google.gwt.user.client.rpc.RemoteService;
import org.openid4java.OpenIDException;
import org.openid4java.consumer.ConsumerException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.ParameterList;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.List;
public final class OpenIDServlet extends HttpServlet implements RemoteService {
private final ConsumerManager manager;
public OpenIDServlet() {
try {
manager = new ConsumerManager();
} catch (ConsumerException e) {
throw new RuntimeException("Error creating consumer manager", e);
}
}
...
private void authenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
final String loginString = request.getParameter(nameParameter);
try {
// perform discovery on the user-supplied identifier
List discoveries = manager.discover(loginString);
// attempt to associate with the OpenID provider
// and retrieve one service endpoint for authentication
DiscoveryInformation discovered = manager.associate(discoveries);
// obtain a AuthRequest message to be sent to the OpenID provider
AuthRequest authReq = manager.authenticate(discovered, "openid", null);
// redirect to OpenID for authentication
response.sendRedirect(authReq.getDestinationUrl(true));
}
catch (OpenIDException e) {
throw new ServletException("Login string probably caused an error. loginString = " + loginString, e);
}
}
我现在的问题是: 可能是我的错?我在导入openid4java库时犯了什么错误吗? (哪一个?) servlet中不使用openid4java实现的所有其他方法都可以正常工作。
谢谢, 安德烈亚斯
答案 0 :(得分:2)
您正在使用Google App Engine。 GAE限制可以在应用程序中使用的库。特别是,禁止创建线程或访问网络。
您粘贴的堆栈跟踪显示openid创建java,GAE阻止它。
如果你不关心GAE,只需在eclipse设置中禁用它。一旦你这样做,你应该能够使用该库。
如果您还想使用GAE,那么您必须找到OpenId4Java的替代方案。其他人可能有其他选择。
答案 1 :(得分:1)
由于GAE的限制,您无法直接使用openid4java。 您可以尝试以下修改后的版本:http://github.com/WdWeaver/openid4java-gae-hacks
答案 2 :(得分:0)
我认为你错过了web.xml中的servlet条目
<servlet>
<servlet-name>OpenIdServlet</servlet-name>
<servlet-class>path.to.your.servlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>OpenIdServlet</servlet-name>
<url-pattern>/openid/openid</url-pattern>
</servlet-mapping>