参考:
1、自定义java.policy配置(如何让你的类禁止读写文件?禁止创建Socket对象?) - CSDN博客
一、java.security错误样例
完整的log如下
Problem instantiating package manager. Using DefaultPackageManager. mars 28, 2018 5:45:29 AM com.carrotsearch.randomizedtesting.RandomizedRunner$QueueUncaughtExceptionsHandler uncaughtException WARNING: Uncaught exception in thread: Thread[elasticsearch[node_s0][search][T#2],5,TGRP-TasteEventRestTest] java.lang.ExceptionInInitializerError at __randomizedtesting.SeedInfo.seed([236967CE41845721]:0) at weka.core.WekaPackageManager.establishWekaHome(WekaPackageManager.java:249) at weka.core.WekaPackageManager.<clinit>(WekaPackageManager.java:220) at weka.core.Utils.readProperties(Utils.java:214) at weka.core.Utils.readProperties(Utils.java:157) at weka.core.Capabilities.<init>(Capabilities.java:275) at weka.classifiers.AbstractClassifier.getCapabilities(AbstractClassifier.java:508) at weka.classifiers.trees.RandomTree.getCapabilities(RandomTree.java:692) at weka.classifiers.trees.RandomForest.getCapabilities(RandomForest.java:228) at weka.classifiers.meta.Bagging.buildClassifier(Bagging.java:706) at ding.util.WEKAUtil.WEKAop.trainThenTest(WEKAop.java:112) at ding.util.WEKAUtil.MeachineLearningBuilder.getOutput(MeachineLearningBuilder.java:45) at com.taste.elasticsearch_taste.rest.TasteEventRestAction$1.onResponse(TasteEventRestAction.java:88) at com.taste.elasticsearch_taste.rest.TasteEventRestAction$1.onResponse(TasteEventRestAction.java:1) at org.elasticsearch.action.support.TransportAction$1.onResponse(TransportAction.java:88) at org.elasticsearch.action.support.TransportAction$1.onResponse(TransportAction.java:84) at com.taste.elasticsearch_taste.action.TransportTasteEventAction$1.onResponse(TransportTasteEventAction.java:64) at com.taste.elasticsearch_taste.action.TransportTasteEventAction$1.onResponse(TransportTasteEventAction.java:1) at org.elasticsearch.action.support.TransportAction$1.onResponse(TransportAction.java:88) at org.elasticsearch.action.support.TransportAction$1.onResponse(TransportAction.java:84) at org.elasticsearch.action.search.AbstractSearchAsyncAction.onResponse(AbstractSearchAsyncAction.java:292) at org.elasticsearch.action.search.AbstractSearchAsyncAction.onResponse(AbstractSearchAsyncAction.java:50) at org.elasticsearch.action.search.FetchSearchPhase$3.run(FetchSearchPhase.java:214) at org.elasticsearch.action.search.AbstractSearchAsyncAction.executePhase(AbstractSearchAsyncAction.java:144) at org.elasticsearch.action.search.AbstractSearchAsyncAction.executeNextPhase(AbstractSearchAsyncAction.java:138) at org.elasticsearch.action.search.ExpandSearchPhase.run(ExpandSearchPhase.java:112) at org.elasticsearch.action.search.AbstractSearchAsyncAction.executePhase(AbstractSearchAsyncAction.java:144) at org.elasticsearch.action.search.AbstractSearchAsyncAction.executeNextPhase(AbstractSearchAsyncAction.java:138) at org.elasticsearch.action.search.FetchSearchPhase.moveToNextPhase(FetchSearchPhase.java:207) at org.elasticsearch.action.search.FetchSearchPhase.lambda$innerRun$2(FetchSearchPhase.java:105) at org.elasticsearch.action.search.FetchSearchPhase.innerRun(FetchSearchPhase.java:110) at org.elasticsearch.action.search.FetchSearchPhase.access$000(FetchSearchPhase.java:45) at org.elasticsearch.action.search.FetchSearchPhase$1.doRun(FetchSearchPhase.java:87) at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:638) at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write") at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPropertiesAccess(Unknown Source) at java.lang.System.getProperties(Unknown Source) at weka.core.Environment.<init>(Environment.java:64) at weka.core.Environment.<clinit>(Environment.java:43) ... 37 more
重点是下面这句话的提示:
Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write")
这一句说明是java的安全管理机制限制了程序的读写操作,出现类似这个错误可以新建一个在项目中间一个文件名为policy的文件夹,创建文件my.policy,复制下面的代码,粘贴进去。
grant { permission java.util.PropertyPermission "*", "read,write"; };然后在VM参数中写入下面这句话,制定程序的policy文件
-Djava.security.policy=policy/my.policy
运行即可。
二、类似错误
先贴出我的policy文件以及测试类的运行参数截图
如果还报类似错误,进行相应处理。下面给出我遇到的错误,以及policy文件中对应的授权。
==================================================================================== Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "java.net.useSystemProxies" "write") at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.System.setProperty(Unknown Source) at org.pentaho.packageManagement.PackageManager.establishProxy(PackageManager.java:123) at org.pentaho.packageManagement.PackageManager.create(PackageManager.java:49) at weka.core.WekaPackageManager.<clinit>(WekaPackageManager.java:99) ... 48 more ==================================================================================== Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write") ==================================================================================== Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write") ==================================================================================== Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Users\xiaochenchen\wekafiles" "read") ==================================================================================== Caused by: java.security.AccessControlException: access denied ("java.net.NetPermission" "getProxySelector") ==================================================================================== Caused by: java.security.AccessControlException: access denied ("java.net.NetPermission" "setDefaultAuthenticator")
对应my.policy文件
grant { permission javax.management.MBeanTrustPermission "register"; permission javax.management.MBeanServerPermission "createMBeanServer"; // 表示文件名的时候要用双反斜杠,用-表示该文件夹下所有子目录 permission java.io.FilePermission "Capabilities.props", "read"; permission java.io.FilePermission "C:\\Users\\xiaochenchen\\-", "read,write"; permission java.util.PropertyPermission "*", "read,write"; permission java.net.NetPermission "getProxySelector"; permission java.net.NetPermission "setDefaultAuthenticator"; permission java.lang.RuntimePermission "getClassLoader"; permission java.lang.RuntimePermission "accessDeclaredMembers"; };
PS:
VM参数的等号后面是文件在项目中的相对路径,也可以用绝对路径
-Djava.security.policy=E:\elasticsearch-5.4.1(1)\elasticsearch-5.4.1\core\src\main\resources\config\elasticsearch.policy
附上es源码运行参数
-Des.path.home=E:\elasticsearch-5.4.1(1)\elasticsearch-5.4.1\core\src\main -Djava.security.policy=E:\elasticsearch-5.4.1(1)\elasticsearch-5.4.1\core\src\main\resources\config\elasticsearch.policy -Xms4g -Xmx4g