实战[jnlp]权限
上一篇 / 下一篇 2009-05-21 14:54:47 / 个人分类:java知识
<all-permissions/>
</security>
接下来它会问一些问题包括keystore的密码,key的密码等,如下所示:
输入keystore密码: 123456
您的名字与姓氏是什么?
[Unknown]: jingle
您的组织单位名称是什么?
[Unknown]: nankai
您的组织名称是什么?
[Unknown]: c2
您所在的城市或区域名称是什么?
[Unknown]: tj
您所在的州或省份名称是什么?
[Unknown]: tj
该单位的两字母国家代码是什么
[Unknown]: CN
CN=jingle, U=nankai, O=c2, L=tj, ST=tj, C=CN 正确吗?
[否]: y
输入<mykey>的主密码
(如果和 keystore 密码相同,按回车): keypass
执行:
keytool -export -keystore fox.report -alias fox -file fox.cer
接下来它会要求你输入keystore密码:,如下所示:
输入keystore密码: 123456
保存在文件中的认证<fox.cer>
执行:
jarsigner -keystore fox.report myreport.jar fox
跟着提示你输入密码:
Enter Passphrase for keystore: 123456
Warning: The signer certificate will expire within six months.
/***** 签证完成 *****/
运行上面程序所生成的文件都放到和jar的同一级目录里面,我做的时候多点击了那个fox.cer签证,把签证加入了系统.
(2)修改客户端 policy文件,开方权限.
更改${JAVA_HOME}/jre1.5.0/lib/security/java.policy
和${JAVA_HOME}/jdk1.5.0/jre/lib/security/java.policy
(至于是不是两个文件都得改,我就不试了)
在
grant {
}
代码里面加入需要的权限代码,
对应我所做的jar需要提供如下的权限,
// MODIFY fox add
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.util.PropertyPermission "user.dir","read,write";
permission java.util.PropertyPermission "user.home","read,write";
permission java.util.PropertyPermission "mrj.version","read";
具体要提供什么权限,可以根据所保的access denied来加.
permission java.io.FilePermission "<<ALL FILES>>", "read";
话应该都需要.
(3)修改*.jnlp文件.
这次就得加上权限了,三句话:
<security>
<all-permissions/>
</security>
over,这样就ok了.
/************ 记录下这次的文件 **************/
my.jnlp
<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="http://localhost:8081/upload" href="my.jnlp">
<information>
<title>Fox jnlp</title>
<vendor>XXX Corporation</vendor>
<description>MyIE just demo how to program with jnlp.</description>
<homepage href="http://localhost:8081" />
<icon href="./../images/rookie.gif"/>
<icon kind="splash" href="./../images/logo.gif"/>
<offline-allowed/>
<security>
<all-permissions/>
</security>
</information>
<resources>
<j2se version="1.3+"/>
<jar href="finerreport.jar"/>
</resources>
<application-desc main-class="com.vanda.report.ZDesigner"/>
</jnlp>
java.policy
// Standard extensions get all permissions by default
grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
// default permissions granted to all domains
grant {
// Allows any thread to stop itself using the java.lang.Thread.stop()
// method that takes no argument.
// Note that this permission is granted by default only to remain
// backwards compatible.
// It is strongly recommended that you either remove this permission
// from this policy file or further restrict it to code sources
// that you specify, because Thread.stop() is potentially unsafe.
// See "http://java.sun.com/notes" for more information.
permission java.lang.RuntimePermission "stopThread";
// allows anyone to listen on un-privileged ports
permission java.net.SocketPermission "localhost:1024-", "listen";
// "standard" properies that can be read by anyone
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
// MODIFY fox add
permission java.io.FilePermission "<<ALL FILES>>", "read";
permission java.util.PropertyPermission "user.dir","read,write";
permission java.util.PropertyPermission "user.home","read,write";
permission java.util.PropertyPermission "mrj.version","read";
permission java.util.PropertyPermission "java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
};
在动态生成jnlp的问题上.要是用struts框架,需要在action上这样处理:
(如果tomcat版本老还得去配置conf/web.xml,加上
<mime-mapping>
<extension>jnlp</extension>
<mime-type>application/x-java-jnlp-file</mime-type>
</mime-mapping>)
PrintWriter ut = response.getWriter();
response.setContentType("application/x-java-jnlp-file");
out.println("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
out.println("<jnlp spec=\"1.0+\" codebase=\"http://localhost\" href=\"report/jnlp/openFile.do\">");
out.println("<information>");
out.println("<title>JNLP</title>");
out.println("<vendor>Hust</vendor>");
out.println("<homepage href=\"\"/>");
out.println("<description>Web Start</description>");
out.println("</information>");
out.println("<security>");
out.println("</security>");
out.println("<resources>");
out.println("<j2se version=\"1.3+\"/>");
out.println("<jar href=\"finereport.jar\"/>");
out.println("</resources>");
out.println("<application-desc main-class=\"com.vanda.report.ZDesigner\">");
out.println("</application-desc>");
out.println("</jnlp>");
out.flush();
TAG:
标题搜索
日历
|
|||||||||
| 日 | 一 | 二 | 三 | 四 | 五 | 六 | |||
| 1 | |||||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 | |||
| 9 | 10 | 11 | 12 | 13 | 14 | 15 | |||
| 16 | 17 | 18 | 19 | 20 | 21 | 22 | |||
| 23 | 24 | 25 | 26 | 27 | 28 | 29 | |||
| 30 | |||||||||
我的存档
数据统计
- 访问量: 58884
- 日志数: 89
- 建立时间: 2008-12-13
- 更新时间: 2010-01-13
