1. 首頁
  2. 問答
  3. 如何從未簽名的小程序使用JAXB(無需簽名)?

如何從未簽名的小程序使用JAXB(無需簽名)?

2010-01-18 66 views
2

我想從未簽名的Applet中將Java對象編組爲XML,反之亦然,並且我無法更改任何安全權限/策略文件或簽名應用程序。如何從未簽名的小程序使用JAXB(無需簽名)?

我似乎得到一個安全異常,因爲JAXB嘗試訪問字段或構造,它不能在applet沙箱。

運行瀏覽器的JRE 1.6.0_17

我也開到基於其他一些XML(或JSON)庫解決方案,但曾嘗試以下和幾乎碰到了類似的問題; - XStream的 - GSON

鑑於(類似)的下列對象:

@XmlType 
@XmlRootElement 
public class SimpleObject { 

    public String sampleText; 

    public SimpleObject() { 
    } 

    public String getSampleText() { 
     return sampleText; 
    } 

    public void setSampleText(String sampleText) { 
     this.sampleText = sampleText; 
    } 
}

而下面這個簡單的JAXB代碼:

public void actionPerformed(ActionEvent e) { 
    try { 
     JAXBContext jc = JAXBContext.newInstance(SimpleObject.class); 
     Marshaller marshaller = jc.createMarshaller(); 
     marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); 

     SimpleObject object = new SimpleObject(); 
     object.setSampleText("Hello"); 

     marshaller.marshal(object, System.out); 
    } 
    catch (JAXBException e1) { 
     throw new RuntimeException(e1); 
    } 
}

我得到以下異常:

Exception in thread "AWT-EventQueue-2" java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers) 
    at java.security.AccessControlContext.checkPermission(Unknown Source) 
    at java.security.AccessController.checkPermission(Unknown Source) 
    at java.lang.SecurityManager.checkPermission(Unknown Source) 
    at java.lang.SecurityManager.checkMemberAccess(Unknown Source) 
    at java.lang.Class.checkMemberAccess(Unknown Source) 
    at java.lang.Class.getDeclaredConstructor(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator.hasDefaultConstructor(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.nav.ReflectionNavigator.hasDefaultConstructor(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.ClassInfoImpl.<init>(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.RuntimeClassInfoImpl.<init>(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder.createClassInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder.createClassInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.ModelBuilder.getClassInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.ModelBuilder.getClassInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.RuntimeModelBuilder.getClassInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.ModelBuilder.getTypeInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.model.impl.ModelBuilder.getTypeInfo(Unknown Source) 
    at com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl.getTypeInfoSet(Unknown Source) 
    at com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl.<init>(Unknown Source) 
    at com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$JAXBContextBuilder.build(Unknown Source) 
    at com.sun.xml.internal.bind.v2.ContextFactory.createContext(Unknown Source) 
    at com.sun.xml.internal.bind.v2.ContextFactory.createContext(Unknown Source) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) 
    at java.lang.reflect.Method.invoke(Unknown Source) 
    at javax.xml.bind.ContextFinder.newInstance(Unknown Source) 
    at javax.xml.bind.ContextFinder.find(Unknown Source) 
    at javax.xml.bind.JAXBContext.newInstance(Unknown Source) 
    at javax.xml.bind.JAXBContext.newInstance(Unknown Source) 
    at nz.co.zeal.maker.application.actions.build.JAXBTestAction.actionPerformed(JAXBTestAction.java:24) 
    at javax.swing.AbstractButton.fireActionPerformed(Unknown Source) 
    at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source) 
    at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source) 
    at javax.swing.DefaultButtonModel.setPressed(Unknown Source) 
    at javax.swing.AbstractButton.doClick(Unknown Source) 
    at javax.swing.plaf.basic.BasicMenuItemUI.doClick(Unknown Source) 
    at javax.swing.plaf.basic.BasicMenuItemUI$Handler.mouseReleased(Unknown Source) 
    at java.awt.Component.processMouseEvent(Unknown Source) 
    at javax.swing.JComponent.processMouseEvent(Unknown Source) 
    at java.awt.Component.processEvent(Unknown Source) 
    at java.awt.Container.processEvent(Unknown Source) 
    at java.awt.Component.dispatchEventImpl(Unknown Source) 
    at java.awt.Container.dispatchEventImpl(Unknown Source) 
    at java.awt.Component.dispatchEvent(Unknown Source) 
    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source) 
    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source) 
    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source) 
    at java.awt.Container.dispatchEventImpl(Unknown Source) 
    at java.awt.Component.dispatchEvent(Unknown Source) 
    at java.awt.EventQueue.dispatchEvent(Unknown Source) 
    at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) 
    at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) 
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source) 
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source) 
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source) 
    at java.awt.EventDispatchThread.run(Unknown Source)

來源

2010-01-18 Richard Perfect

回答

2

我從來沒有完全想到這一點。我所做的是獲取一個名爲Flexjson的相當簡單的JSON庫。它也拋出了類似的安全異常,但該庫足夠簡單,因此我能夠關閉導致Applet中的異常的庫代碼並帶有布爾標誌。

來源

2010-01-23 19:41:42

0

我也嘗試用JAXB找到一個沒有任何成功的解決方案。

我使用ADB綁定切換到Axis2(1.5.4),但它也嘗試訪問系統屬性,這些屬性在安全管理器檢查時失敗。

最後,我用AspectJ和使用重寫System.getProperty()調用時,他們無法返回空的方面有一個可行的解決方案一起。由於Axis2所需的所有屬性都是非關鍵的,所以這種方法很有效。我還需要申請在org.apache.axiom.util.stax.dialect.StAXDialectDetector.getRootUrlForResource一個方面()始終返回null,因爲它試圖讓這也是一個安全管理器下失敗ClassLoader.getSystemClassLoader()調用。這又是一次非關鍵性的呼叫。得到AspectJ在構建時重寫Axis2類,它作爲未簽名的applet運行。

這是一個非常混亂的解決方案,但至少它工作。

我無法得到相同的AspectJ hack與JAXB一起工作,因爲如果JAXB與applet捆綁在一起,我們需要做的事情是JAXB需要直接訪問不在安全管理器下運行的類的私有字段AspectJ用於重寫類)。

來源

2011-05-01 23:10:35 prunge

0

這可能會解決您的問題。我知道它解決我的:)

public void actionPerformed(ActionEvent e) { 
    try { 
    JAXBContext jc = AccessController.doPrivileged(new PrivilegedExceptionAction<JAXBContext>() { 

     public JAXBContext run() throws JAXBException { 

      // needs to run here otherwise throws AccessControlException 
      return JAXBContext.newInstance(SimpleObject.class); 
     } 
    });   
     Marshaller marshaller = jc.createMarshaller(); 
     marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); 

     SimpleObject object = new SimpleObject(); 
     object.setSampleText("Hello"); 

     marshaller.marshal(object, System.out); 
    } 
    catch (JAXBException e1) { 
     throw new RuntimeException(e1); 
    } 
    } catch (PrivilegedActionException e2) { 
    throw new RuntimeException(e2); 
    } 
}

希望它可以幫助

來源

2014-07-25 15:53:35 Martins

相關問題

 相關問題