开发者

AccessControlException: access denied - caller function failed to load properties file

开发者 https://www.devze.com 2022-12-26 14:40 出处:网络
I am having a jar archive environment which is gonna call my class in a folder like this: java -jar \"emarket.jar\" ../tournament 100

I am having a jar archive environment which is gonna call my class in a folder like this:

java -jar "emarket.jar" ../tournament 100

My compiled class is deployed into the ../tournament folder, this command runs well.

After I changed my code to load a properties file, it gets the following exception message:

Exception in thread "main" java.security.AccessControlException: access denied (java.io.FilePermission agent.properties read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkRead(Unknown Source)
at java.io.FileInputStream.<init>(Unknown Source)
at java.io.FileInputStream.<init>(Unknown Source)
at Agent10479475.getPropertiesFromConfigFile(Agent10479475.java:110)
at Agent10479475.<init>(Agent10479475.java:100)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unkn开发者_如何转开发own Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at emarket.client.EmarketSandbox.instantiateClientObjects(EmarketSandbox.java:92)
at emarket.client.EmarketSandbox.<init>(EmarketSandbox.java:27)
at emarket.client.EmarketSandbox.main(EmarketSandbox.java:166)

I am wondering why this security checking will fail. I issue the getPropertitiesFromConfigFile() function inside my class's default constructor, like this:

public class Agent10479475 extends AbstractClientAgent
{
    //default constructor
    public Agent10479475()
    {
        //set all properties to their default values in constructor
        FT_THRESHOLD                        = 400;
        FT_THRESHOLD_MARGIN                 = 50;

        printOut("Now loading properties from a config file...", "");
        getPropertiesFromConfigFile();
        printOut("Finished loading","");
        }

    private void getPropertiesFromConfigFile()
    {
        Properties props = new Properties();

        try
        {
            props.load(new FileInputStream("agent.properties"));
            FT_THRESHOLD            = Long.parseLong(props.getProperty("FT_THRESHOLD"));
            FT_THRESHOLD_MARGIN         = Long.parseLong(props.getProperty("FT_THRESHOLD_MARGIN "));
        }
        catch(java.io.FileNotFoundException fnfex)
        {
            printOut("CANNOT FIND PROPERTIES FILE :", fnfex);
        }
        catch(java.io.IOException ioex)
        {
            printOut("IOEXCEPTION OCCURED :", ioex);
        }
    }

}

My class is loading its own .properties file under the same folder. why would the Java environment complains about such a denial of access? Must I config the emarket.client.EmarketSandbox class, which is not written by me and stored inside the emarket.jar, to access my agent.properties file?

Any hints or suggestions is much appreciated. Many thanks in advance.


Permissions are required to access the system properties files, and your code is clearly running in a sandbox that does not grant the permission. You either need to

  • modify the sandbox security rules to allow access to that file,

  • add a specific API you can call to pass the "agent.properties" file contents, or

  • find some other way to get the properties to your code that doesn't involve reading a file at all.

An example of the last might to pass the properties in the file as command line arguments, or put the file into your JAR file so that you can read it as a resource (modulo the security sandbox not blocking that as well.)

But it must be said that there is something weird about a JAR file that won't let you read files on your own machine. Why is it doing this? Is this a homework exercise ... about security managers, permissions, etc?


You can put the file "agent.properties" inside your jar and access it via getResourceAsStream. As I don't know your security policy in your sandbox in detail, that might work with the permissions or not.

0

精彩评论

暂无评论...
验证码 换一张
取 消