Google App Engine servlet使用Eclipse插件抛出java.security.AccessControlException

时间:2017-05-02 23:12:28

标签: java eclipse google-app-engine servlets eclipse-plugin

我在Google App Engine上运行Java servlet,它使用kawa运行XQuery脚本,重定向到JSP并显示答案

<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css" rel="stylesheet"/>
<div class="wrapper">
<div class="container">
<section class="logo">
    <img class="img-fluid" src="" alt="Missing Image">
</section>

<section class="message">
    Some message here
</section>

<section class="user-input">
    <div class="row justify-content-sm-center">
        <div class="col-10">
            <div class="card card-inverse">
                <div class="card-block">
                    <div class="input-group input-group-lg">
                        <input id="name" type="text" class="form-control" placeholder="Some place holder" aria-describedby="">
                        <span class="input-group-btn">
                            <button class="btn btn-secondary btn-success" type="button">Button</button>
                        </span>
                    </div>
                </div>
            </div>
        </div>
    </div>
</section>

<section class="awards">
    <img class="img-fluid" src="" alt="Missing Image">
    <img class="img-fluid" src="" alt="Missing Image">
</section>
</div>
</div>

这在appspot.com上运行并且使用dev_appserver命令运行正常,但是使用插件在Eclipse中运行相同的servlet会抛出java.security.AccessControlException 

package com.myserver.servlet;

import gnu.xquery.lang.XQuery;
import java.io.FileReader;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class XQueryTest extends HttpServlet {
    public void doGet(HttpServletRequest request, HttpServletResponse response) 
        throws IOException, ServletException {
        XQuery xQuery = new XQuery();
        Object result = new String("");     
        try {
            String realPath = getServletContext().getRealPath("./XQueryTest.xquery");
            FileReader fileReader = new FileReader(realPath); 
            result = xQuery.eval(fileReader);
            request.setAttribute("xQueryTest", result.toString());              
        } catch (Throwable e) {
            e.printStackTrace();
        }
        RequestDispatcher requestDispatcher = request.getRequestDispatcher("/XQueryTest.jsp");
        requestDispatcher.forward(request, response);           
    }
}

我有一个理论认为运行eclipse的JRE的安全策略导致了问题,但是在eclipse.ini中为JRE添加java.policy和javaws.policy的权限没有任何区别。 

java.security.AccessControlException: access denied ("java.io.FilePermission" "/home/myuser/eclipse/jee-latest/eclipse" "read")
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
    at java.security.AccessController.checkPermission(AccessController.java:884)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
    at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:442)
    at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
    at java.io.File.isDirectory(File.java:844)
    at java.io.File.toURI(File.java:732)
    at gnu.text.FilePath.toUri(FilePath.java:245)
    at gnu.text.FilePath.toUri(FilePath.java:265)
    at gnu.text.Path.toURI(Path.java:279)
    at gnu.xquery.lang.XQParser.fixupStaticBaseUri(XQParser.java:99)
    at gnu.xquery.lang.XQParser.getStaticBaseUri(XQParser.java:132)
    at gnu.xquery.lang.XQParser.wrapWithBaseUri(XQParser.java:2722)
    at gnu.xquery.lang.XQParser.parseXMLConstructor(XQParser.java:2540)
    at gnu.xquery.lang.XQParser.parseMaybePrimaryExpr(XQParser.java:2954)
    at gnu.xquery.lang.XQParser.parsePrimaryExpr(XQParser.java:2181)
    at gnu.xquery.lang.XQParser.parseStepExpr(XQParser.java:2101)
    at gnu.xquery.lang.XQParser.parsePathExpr(XQParser.java:1816)
    at gnu.xquery.lang.XQParser.parseIntersectExceptExpr(XQParser.java:1779)
    at gnu.xquery.lang.XQParser.parseUnionExpr(XQParser.java:1763)
    at gnu.xquery.lang.XQParser.parseUnaryExpr(XQParser.java:1756)
    at gnu.xquery.lang.XQParser.parseBinaryExpr(XQParser.java:1671)
    at gnu.xquery.lang.XQParser.parseExprSingle(XQParser.java:1664)
    at gnu.xquery.lang.XQParser.parseExpr(XQParser.java:1636)
    at gnu.xquery.lang.XQParser.parseIfExpr(XQParser.java:3145)
    at gnu.xquery.lang.XQParser.parseExprSingle(XQParser.java:1652)
    at gnu.xquery.lang.XQParser.parseExpr(XQParser.java:1636)
    at gnu.xquery.lang.XQParser.parseEnclosedExpr(XQParser.java:2413)
    at gnu.xquery.lang.XQParser.parseFunctionDefinition(XQParser.java:3620)
    at gnu.xquery.lang.XQParser.parse(XQParser.java:3784)
    at gnu.xquery.lang.XQuery.parse(XQuery.java:147)
    at gnu.expr.Language.parse(Language.java:702)
    at gnu.expr.Language.parse(Language.java:656)
    at gnu.expr.Language.eval(Language.java:1122)
    at gnu.expr.Language.eval(Language.java:1063)
    at gnu.expr.Language.eval(Language.java:1053)
    at com.myserver.servlet.XQueryTest.doGet(XQueryTest.java:30)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
    at com.google.appengine.api.socket.dev.DevSocketFilter.doFilter(DevSocketFilter.java:74)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.ResponseRewriterFilter.doFilter(ResponseRewriterFilter.java:128)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.HeaderVerificationFilter.doFilter(HeaderVerificationFilter.java:34)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:63)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectRequest(DevAppServerModulesFilter.java:366)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectModuleRequest(DevAppServerModulesFilter.java:349)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doFilter(DevAppServerModulesFilter.java:116)
    at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
    at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
    at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
    at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
    at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
    at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
    at com.google.appengine.tools.development.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:95)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:508)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at org.mortbay.jetty.Server.handle(Server.java:326)
    at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
    at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
    at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
    at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)

我正在使用eclipse氧气和Google Cloud Platform插件版本1.0.3.201704111618 这在eclipse Mars和Java 1.7中运行良好

我应该做些什么来让servlet在Eclipse中正确运行?

1 个答案:

答案 0 :(得分:1)

/home/myuser/eclipse/jee-latest/eclipse看起来就像启动Eclipse IDE的地方一样。如果是这种情况,那么现在,该目录将成为Google Cloud Tools for Eclipse(CT4E)插件的本地开发服务器的工作目录。问题可能是XQuery内部尝试访问servlet上下文之外的文件,因为XQuery可能基于Eclipse工作目录。您是否可以尝试以下解决方法来设置正确的工作目录以查看它是否解决了问题?

Cannot access file using relative path in local test when developing Google App Engine applications

更新:我们修复CT4E以自动设置工作目录(除非您在单个本地服务器中运行多个项目),并且在修复版本推出后您不需要解决方法。

相关问题
最新问题