Хорошо, поэтому я попытался найти это в Google и перепробовал миллион разных вещей, но ни одна из них не помогла.
В настоящее время я запускаю свой сервер с помощью следующей команды:
java -Djava.security.policy=rmi_generated.policy -Djava.security.debug=access,failure MainLauncher aiserver.AIServer
MainLauncher в основном просто загружает bin/ и lib/ в путь к классу + вызывает aiserver.AIServer.main, на самом деле это не должно влиять на что-либо, относящееся к этому.
Вот часть, которая запускает реальный сервер:
PolicyFileGenerator.generate();
if (System.getSecurityManager() == null)
System.setSecurityManager ( new RMISecurityManager() );
try {
Naming.bind("AIService",server);
} catch (MalformedURLException | RemoteException
| AlreadyBoundException ex) {
throw new RuntimeException("failed binding server",ex);
}
И вот исключение, которое я получаю:
Exception in thread "main" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at lib.ClassPathHack.launch(ClassPathHack.java:62)
at MainLauncher.main(MainLauncher.java:7)
Caused by: java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:457)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
at java.net.Socket.connect(Socket.java:584)
at java.net.Socket.connect(Socket.java:538)
at java.net.Socket.<init>(Socket.java:434)
at java.net.Socket.<init>(Socket.java:211)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:148)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:342)
at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
at java.rmi.Naming.bind(Naming.java:128)
at com.kt.commons.services.RMIServerHelper.register(RMIServerHelper.java:86)
at aiserver.AIServer.main(AIServer.java:13)
Вот текущее содержимое сгенерированного файла политики RMI. Он будет сгенерирован в ./rmi_generated.policy.
grant codeBase "file:/home/jp/projects/aiservice/bin" {
permission java.security.AllPermission;
permission java.net.SocketPermission "localhost:1099", "connect, resolve";
permission java.net.SocketPermission "127.0.0.1:1099", "connect, resolve";
permission java.net.SocketPermission "localhost:80", "connect, resolve";
};
А вот что выдает JVM, когда я даю флаг -Djava.security.debug=access,failure.
jp@jp-ThinkPad-Edge-E530 ~/projects/aiservice $ java -Djava.security.policy=rmi_generated.policy -Djava.security.debug=access,failure MainLauncher aiserver.AIServer
rmi_generated.policy
/home/jp/projects/aiservice
access: access allowed ("java.io.FilePermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read")
access: access denied ("java.net.SocketPermission" "jp-ThinkPad-Edge-E530" "resolve")
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Thread.java:1329)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:447)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1048)
at java.net.InetAddress.getLocalHost(InetAddress.java:1456)
at java.rmi.registry.LocateRegistry.getRegistry(LocateRegistry.java:158)
at java.rmi.registry.LocateRegistry.getRegistry(LocateRegistry.java:123)
at java.rmi.Naming.getRegistry(Naming.java:221)
at java.rmi.Naming.bind(Naming.java:123)
at com.kt.commons.services.RMIServerHelper.register(RMIServerHelper.java:86)
at aiserver.AIServer.main(AIServer.java:13)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at lib.ClassPathHack.launch(ClassPathHack.java:62)
at MainLauncher.main(MainLauncher.java:7)
access: access allowed ("java.security.SecurityPermission" "getPolicy")
access: access allowed ("java.io.FilePermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read")
access: domain that failed ProtectionDomain (file:/home/jp/projects/aiservice/lib/ktcommons.jar <no signer certificates>)
sun.misc.Launcher$AppClassLoader@73d16e93
<no principals>
java.security.Permissions@73035e27 (
("java.lang.RuntimePermission" "exitVM")
("java.lang.RuntimePermission" "stopThread")
("java.net.SocketPermission" "localhost:0" "listen,resolve")
("java.io.FilePermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read")
("java.util.PropertyPermission" "java.specification.version" "read")
("java.util.PropertyPermission" "java.version" "read")
("java.util.PropertyPermission" "os.arch" "read")
("java.util.PropertyPermission" "java.specification.vendor" "read")
("java.util.PropertyPermission" "java.vm.specification.name" "read")
("java.util.PropertyPermission" "java.vm.vendor" "read")
("java.util.PropertyPermission" "path.separator" "read")
("java.util.PropertyPermission" "os.version" "read")
("java.util.PropertyPermission" "file.separator" "read")
("java.util.PropertyPermission" "line.separator" "read")
("java.util.PropertyPermission" "java.vm.specification.vendor" "read")
("java.util.PropertyPermission" "java.specification.name" "read")
("java.util.PropertyPermission" "java.vendor.url" "read")
("java.util.PropertyPermission" "java.vendor" "read")
("java.util.PropertyPermission" "java.vm.version" "read")
("java.util.PropertyPermission" "java.vm.name" "read")
("java.util.PropertyPermission" "java.vm.specification.version" "read")
("java.util.PropertyPermission" "os.name" "read")
("java.util.PropertyPermission" "java.class.version" "read")
)
access: access allowed ("java.util.PropertyPermission" "java.rmi.server.hostname" "read")
access: access allowed ("java.util.PropertyPermission" "sun.rmi.transport.connectionTimeout" "read")
access: access allowed ("java.util.PropertyPermission" "sun.rmi.transport.tcp.handshakeTimeout" "read")
access: access allowed ("java.util.PropertyPermission" "sun.rmi.transport.tcp.responseTimeout" "read")
access: access allowed ("java.lang.RuntimePermission" "sun.rmi.runtime.RuntimeUtil.getInstance")
access: access allowed ("java.util.PropertyPermission" "jdk.net.ephemeralPortRange.low" "read")
access: access allowed ("java.lang.RuntimePermission" "loadLibrary.net")
access: access allowed ("java.io.FilePermission" "/usr/lib/jvm/java-8-oracle/jre/lib/amd64/libnet.so" "read")
access: access allowed ("java.util.PropertyPermission" "os.name" "read")
access: access allowed ("java.util.PropertyPermission" "jdk.net.ephemeralPortRange.high" "read")
access: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Thread.java:1329)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:447)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
at java.net.Socket.connect(Socket.java:584)
at java.net.Socket.connect(Socket.java:538)
at java.net.Socket.<init>(Socket.java:434)
at java.net.Socket.<init>(Socket.java:211)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:148)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:342)
at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
at java.rmi.Naming.bind(Naming.java:128)
at com.kt.commons.services.RMIServerHelper.register(RMIServerHelper.java:86)
at aiserver.AIServer.main(AIServer.java:13)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at lib.ClassPathHack.launch(ClassPathHack.java:62)
at MainLauncher.main(MainLauncher.java:7)
access: access allowed ("java.security.SecurityPermission" "getPolicy")
access: access allowed ("java.io.FilePermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read")
access: domain that failed ProtectionDomain (file:/home/jp/projects/aiservice/lib/ktcommons.jar <no signer certificates>)
sun.misc.Launcher$AppClassLoader@73d16e93
<no principals>
java.security.Permissions@483bf400 (
("java.lang.RuntimePermission" "exitVM")
("java.lang.RuntimePermission" "stopThread")
("java.net.SocketPermission" "localhost:0" "listen,resolve")
("java.io.FilePermission" "/home/jp/projects/aiservice/lib/ktcommons.jar" "read")
("java.util.PropertyPermission" "java.specification.version" "read")
("java.util.PropertyPermission" "java.version" "read")
("java.util.PropertyPermission" "os.arch" "read")
("java.util.PropertyPermission" "java.specification.vendor" "read")
("java.util.PropertyPermission" "java.vm.specification.name" "read")
("java.util.PropertyPermission" "java.vm.vendor" "read")
("java.util.PropertyPermission" "path.separator" "read")
("java.util.PropertyPermission" "os.version" "read")
("java.util.PropertyPermission" "file.separator" "read")
("java.util.PropertyPermission" "line.separator" "read")
("java.util.PropertyPermission" "java.vm.specification.vendor" "read")
("java.util.PropertyPermission" "java.specification.name" "read")
("java.util.PropertyPermission" "java.vendor.url" "read")
("java.util.PropertyPermission" "java.vendor" "read")
("java.util.PropertyPermission" "java.vm.version" "read")
("java.util.PropertyPermission" "java.vm.name" "read")
("java.util.PropertyPermission" "java.vm.specification.version" "read")
("java.util.PropertyPermission" "os.name" "read")
("java.util.PropertyPermission" "java.class.version" "read")
)
Exception in thread "main" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at lib.ClassPathHack.launch(ClassPathHack.java:62)
at MainLauncher.main(MainLauncher.java:7)
Caused by: java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:1099" "connect,resolve")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:457)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051)
at java.net.Socket.connect(Socket.java:584)
at java.net.Socket.connect(Socket.java:538)
at java.net.Socket.<init>(Socket.java:434)
at java.net.Socket.<init>(Socket.java:211)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:148)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:342)
at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
at java.rmi.Naming.bind(Naming.java:128)
at com.kt.commons.services.RMIServerHelper.register(RMIServerHelper.java:86)
at aiserver.AIServer.main(AIServer.java:13)
... 6 more
Основываясь на том, что я искал в Google, вероятной причиной этого является то, что JVM не находит мой файл .policy, но, похоже, это не так, поскольку я получаю разные сообщения об ошибках, если я вставляю некоторые синтаксические ошибки в файл политики.
Другой распространенной причиной может быть неправильный путь codeBase в файле политики. Чтобы исключить это, я попробовал следующие:
- файл:/home/jp/projects/aiservice/
- файл:/home/jp/projects/aiservice/
- файл:/home/jp/projects/aiservice/*
- файл:/home/jp/projects/aiservice/bin
- файл:/home/jp/projects/aiservice/bin/
- файл:/home/jp/projects/aiservice/bin/*
- файл:/home/jp/projects/aiservice/src
- файл:/home/jp/projects/aiservice/src/
- файл:/home/jp/projects/aiservice/src/*
Ничего из этого не помогло.
И да, у меня работает rmiregistry.
Я также пытался сделать все это с помощью sudo.
FWIW версия Java, которую я использую:
версия java "1.8.0_25" Java(TM) SE Runtime Environment (сборка 1.8.0_25-b17) Java HotSpot(TM) 64-битный сервер VM (сборка 25.25-b02, смешанный режим)
в Linux Mint 17.1
