java.security.AccessControlException：访问被拒绝（“ java.security.SecurityPermission”“ authProvider.SunMSCA

Posted 2021-04-09

直到早上，我的applet一切正常。我进行了Java更新，一切都停止了。我正在使用小程序处理数字证书。这是我的堆栈跟踪。我关注了一些甲骨文文章，但没有用。

https://blogs.oracle.com/java-platform-group/entry/liveconnect_changes_in_7u45http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_libraryhttp://www.oracle.com/technetwork/java/javase/7u45-relnotes-2016950.html

Java Plug-in 10.45.2.18
Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM
User home directory = C:Usersvicky.thakor

---

java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI")
    at java.security.AccessControlContext.checkPermission(Unknown Source)
    at java.security.AccessController.checkPermission(Unknown Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at sun.plugin2.applet.AWTAppletSecurityManager.checkPermission(Unknown Source)
    at sun.security.mscapi.KeyStore.engineLoad(KeyStore.java:755)
    at sun.security.mscapi.KeyStore$MY.engineLoad(KeyStore.java:62)
    at java.security.KeyStore.load(Unknown Source)
    at SecurityApplet.initializeBrowserKeyStore(SecurityApplet.java:162)
    at SecurityApplet.isCertificateInstalled(SecurityApplet.java:268)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin.javascript.Trampoline.invoke(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass$MethodInfo.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass$MemberBundle.invoke(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass.invoke0(Unknown Source)
    at sun.plugin2.liveconnect.JavaClass.invoke(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$DefaultInvocationDelegate.invoke(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$3.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo.doObjectOp(Unknown Source)
    at sun.plugin2.main.client.LiveConnectSupport$PerAppletInfo$LiveConnectWorker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)

---

我正在用applet的.java.policy方法创建的[public void init()文件。在访问applet中的任何内容之前。

grant
{
permission java.security.AllPermission;
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.io.FilePermission "<<ALL FILES>>", "write";
permission java.util.PropertyPermission "*", "read, write";
permission java.util.PropertyPermission "user.home", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.lang.RuntimePermission "modifyThread";
permission java.lang.RuntimePermission "*";
};

---

更新：2013年11月18日

即使使用代码签名证书也不起作用

<< img src =“ https://image.soinside.com/eyJ1cmwiOiAiaHR0cHM6Ly9pLnN0YWNrLmltZ3VyLmNvbS9na1l2bi5wbmcifQ==” alt =“在此处输入图像描述”>

答案

我还不能发表评论，所以我将其作为答案。

1. 我相信在applet中创建.java.policy文件为时已晚-插件将已经启动并在运行任何代码之前读取策略文件。

2. 您可以签名小程序并使用jnlp文件在安全元素中分配权限

另一答案

我知道现在回答这个问题已经很晚了，但是添加我的解决方案是因为我在这方面遇到了困难：

我的问题：在部署依赖于Bouncy Castle库的应用程序（WAR文件）时，我遇到了这个问题：`

cannot create instance of
org.bouncycastle.jcajce.provider.digest.GOST3411$Mappings
 java.security.AccessControlException: access denied
("java.security.SecurityPermission"
"putProviderProperty.BC")

`

这是我所做的，对我有用：前往：{Installed JDK path}jrelibsecurity打开文件java.policy

添加权限：permission java.security.SecurityPermission "putProviderProperty.BC";

重新启动程序以加载更改。

我还不了解它到底是如何工作的，或者只是像这样更改java.policy文件是否安全（仍在寻找实现这种配置的其他方法）。

请务必谨慎进行此类更改。甲骨文doc的更多内容>