我有一个用openJDK(Amazon Correto 11)和openJFX编写的应用程序。
当我在本地运行该应用程序时-一切正常。 但是,当我从网络共享执行应用程序时,会出现异常:
java.lang.ExceptionInInitializerError
at java.base/javax.crypto.JceSecurityManager.<clinit>(JceSecurityManager.java:65)
at java.base/javax.crypto.Cipher.getConfiguredPermission(Cipher.java:2624)
at java.base/javax.crypto.Cipher.getMaxAllowedKeyLength(Cipher.java:2646)
at java.base/sun.security.ssl.SSLCipher.isUnlimited(SSLCipher.java:540)
at java.base/sun.security.ssl.SSLCipher.<init>(SSLCipher.java:472)
at java.base/sun.security.ssl.SSLCipher.<clinit>(SSLCipher.java:174)
at java.base/sun.security.ssl.CipherSuite.<clinit>(CipherSuite.java:67)
at java.base/sun.security.ssl.SSLContextImpl.getApplicableSupportedCipherSuites(SSLContextImpl.java:348)
at java.base/sun.security.ssl.SSLContextImpl$AbstractTLSContext.<clinit>(SSLContextImpl.java:579)
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Class.java:315)
at java.base/java.security.Provider$Service.getImplClass(Provider.java:1848)
at java.base/java.security.Provider$Service.newInstance(Provider.java:1824)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
at java.base/sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
at java.base/javax.net.ssl.SSLContext.getInstance(SSLContext.java:168)
at org.apache.http.ssl.SSLContexts.createDefault(SSLContexts.java:51)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.getSocketFactory(SSLConnectionSocketFactory.java:194)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.getDefaultRegistry(PoolingHttpClientConnectionManager.java:115)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.<init>(PoolingHttpClientConnectionManager.java:122)
at com.mashape.unirest.http.options.Options.refresh(Options.java:72)
at com.mashape.unirest.http.options.Options.<clinit>(Options.java:46)
at com.mashape.unirest.http.HttpClientHelper.prepareRequest(HttpClientHelper.java:151)
at com.mashape.unirest.http.HttpClientHelper.request(HttpClientHelper.java:131)
at com.mashape.unirest.request.BaseRequest.asString(BaseRequest.java:56)
at myapp.util.MyTaxNumberValidator$3.run(MyTaxNumberValidator.java:185)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism
at java.base/javax.crypto.JceSecurity.<clinit>(JceSecurity.java:120)
... 27 more
Caused by: java.lang.SecurityException: Can't read cryptographic policy directory: unlimited
at java.base/javax.crypto.JceSecurity.setupJurisdictionPolicies(JceSecurity.java:326)
at java.base/javax.crypto.JceSecurity$1.run(JceSecurity.java:111)
at java.base/javax.crypto.JceSecurity$1.run(JceSecurity.java:108)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/javax.crypto.JceSecurity.<clinit>(JceSecurity.java:107)
... 27 more
我使用以下命令运行应用程序:
\\\some-network-share\app\jre\bin\javaw.exe -jar myapp.jar
因为在此网络共享上,我已经复制了Amazon Correto 11 JDK文件和我用于该应用程序的其他库。
我在另一个线程中运行get请求,此线程引发异常。
我该如何克服这个问题?
请帮助。
我尝试了不同的库: 1. OkHttpClient 2. Java Unirest
,但两者都相同。
public class MyGetExecutor {
public static void main(String[] args) {
Thread getThread = new Thread( new Runnable() {
@Override
public void run() {
try {
logMessage.add( "Before request" );
com.mashape.unirest.http.HttpResponse<String> response = Unirest.get("https://myappserver.domain.com/api/v1/users/1")
.header("User-Agent", "PostmanRuntime/7.17.1")
.header("Accept", "*/*")
.header("Cache-Control", "no-cache")
.header("Postman-Token", "abf4b45d-a2c5-4f53-b4e3-1fa29643d616,e59130fc-5ce0-4b70-af48-ab3808362e36")
.header("Host", "wf01.cdprojektred.com")
.header("Accept-Encoding", "gzip, deflate")
.header("Cookie", "JSESSIONID=2C71F035C2EDFF145FED5C03C4887EF1")
.header("Connection", "keep-alive")
.header("cache-control", "no-cache")
.asString();
logMessage.add( "After request" );
} catch (Exception e) {
// TODO Auto-generated catch block
logMessage.add( "Exception in getThread: " + e.getMessage() );
}
}
}, "Get-thread");
getThread.setUncaughtExceptionHandler(
new Thread.UncaughtExceptionHandler() {
@Override
public void uncaughtException(Thread t, Throwable e) {
logMessage.add( "Error in thread: " + e );
logMessage.add( "Details: " + e.getCause().getMessage() );
}
}
);
getThread.start();
while( getThread.isAlive() ) {
try {
Thread.sleep(1000);
logMessage.add("Main thread sleeping...");
} catch (Exception e) {
logMessage.add("Exception in main thread...: " + e.getMessage());
}
}
}
}
编辑1 我添加了其他堆栈跟踪-请检查
答案 0 :(得分:4)
线索是您堆栈跟踪中的最后一个原因:
Caused by: java.lang.SecurityException: Can't read cryptographic policy directory: unlimited
通过在运行的JVM中检查java.security.properties来验证安全策略的来源:
System.getProperty("java.security.properties");
它应该存在并指向文件。检查该文件,并确保其具有以下属性crypto.policy=unlimited,并且策略文件所在的文件夹名为 unlimited 。策略文件本身应说明该文件夹的查找位置。
对于Coretto,它是<jre_home>/conf/security/policy/
您可以通过启动JVM并将其传递到策略文件的位置来修改安全策略的位置:
java -Djava.security.properties==/conf/security/java.security
OR
java -Djava.security.properties=/conf/security/java.security
在第一种情况下的其他=登录将导致Java仅使用您指向的文件中的属性。
第二个选项将添加/更新文件中定义的属性。