参考:
1、自定义java.policy配置(如何让你的类禁止读写文件?禁止创建Socket对象?) - CSDN博客
一、java.security错误样例
完整的log如下
Problem instantiating package manager. Using DefaultPackageManager.
mars 28, 2018 5:45:29 AM com.carrotsearch.randomizedtesting.RandomizedRunner$QueueUncaughtExceptionsHandler uncaughtException
WARNING: Uncaught exception in thread: Thread[elasticsearch[node_s0][search][T#2],5,TGRP-TasteEventRestTest]
java.lang.ExceptionInInitializerError
at __randomizedtesting.SeedInfo.seed([236967CE41845721]:0)
at weka.core.WekaPackageManager.establishWekaHome(WekaPackageManager.java:249)
at weka.core.WekaPackageManager.<clinit>(WekaPackageManager.java:220)
at weka.core.Utils.readProperties(Utils.java:214)
at weka.core.Utils.readProperties(Utils.java:157)
at weka.core.Capabilities.<init>(Capabilities.java:275)
at weka.classifiers.AbstractClassifier.getCapabilities(AbstractClassifier.java:508)
at weka.classifiers.trees.RandomTree.getCapabilities(RandomTree.java:692)
at weka.classifiers.trees.RandomForest.getCapabilities(RandomForest.java:228)
at weka.classifiers.meta.Bagging.buildClassifier(Bagging.java:706)
at ding.util.WEKAUtil.WEKAop.trainThenTest(WEKAop.java:112)
at ding.util.WEKAUtil.MeachineLearningBuilder.getOutput(MeachineLearningBuilder.java:45)
at com.taste.elasticsearch_taste.rest.TasteEventRestAction$1.onResponse(TasteEventRestAction.java:88)
at com.taste.elasticsearch_taste.rest.TasteEventRestAction$1.onResponse(TasteEventRestAction.java:1)
at org.elasticsearch.action.support.TransportAction$1.onResponse(TransportAction.java:88)
at org.elasticsearch.action.support.TransportAction$1.onResponse(TransportAction.java:84)
at com.taste.elasticsearch_taste.action.TransportTasteEventAction$1.onResponse(TransportTasteEventAction.java:64)
at com.taste.elasticsearch_taste.action.TransportTasteEventAction$1.onResponse(TransportTasteEventAction.java:1)
at org.elasticsearch.action.support.TransportAction$1.onResponse(TransportAction.java:88)
at org.elasticsearch.action.support.TransportAction$1.onResponse(TransportAction.java:84)
at org.elasticsearch.action.search.AbstractSearchAsyncAction.onResponse(AbstractSearchAsyncAction.java:292)
at org.elasticsearch.action.search.AbstractSearchAsyncAction.onResponse(AbstractSearchAsyncAction.java:50)
at org.elasticsearch.action.search.FetchSearchPhase$3.run(FetchSearchPhase.java:214)
at org.elasticsearch.action.search.AbstractSearchAsyncAction.executePhase(AbstractSearchAsyncAction.java:144)
at org.elasticsearch.action.search.AbstractSearchAsyncAction.executeNextPhase(AbstractSearchAsyncAction.java:138)
at org.elasticsearch.action.search.ExpandSearchPhase.run(ExpandSearchPhase.java:112)
at org.elasticsearch.action.search.AbstractSearchAsyncAction.executePhase(AbstractSearchAsyncAction.java:144)
at org.elasticsearch.action.search.AbstractSearchAsyncAction.executeNextPhase(AbstractSearchAsyncAction.java:138)
at org.elasticsearch.action.search.FetchSearchPhase.moveToNextPhase(FetchSearchPhase.java:207)
at org.elasticsearch.action.search.FetchSearchPhase.lambda$innerRun$2(FetchSearchPhase.java:105)
at org.elasticsearch.action.search.FetchSearchPhase.innerRun(FetchSearchPhase.java:110)
at org.elasticsearch.action.search.FetchSearchPhase.access$000(FetchSearchPhase.java:45)
at org.elasticsearch.action.search.FetchSearchPhase$1.doRun(FetchSearchPhase.java:87)
at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:638)
at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertiesAccess(Unknown Source)
at java.lang.System.getProperties(Unknown Source)
at weka.core.Environment.<init>(Environment.java:64)
at weka.core.Environment.<clinit>(Environment.java:43)
... 37 more
重点是下面这句话的提示:
Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write")
这一句说明是java的安全管理机制限制了程序的读写操作,出现类似这个错误可以新建一个在项目中间一个文件名为policy的文件夹,创建文件my.policy,复制下面的代码,粘贴进去。
grant {
permission java.util.PropertyPermission "*", "read,write";
};然后在VM参数中写入下面这句话,制定程序的policy文件
-Djava.security.policy=policy/my.policy
运行即可。
二、类似错误
先贴出我的policy文件以及测试类的运行参数截图
如果还报类似错误,进行相应处理。下面给出我遇到的错误,以及policy文件中对应的授权。
====================================================================================
Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "java.net.useSystemProxies" "write")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.System.setProperty(Unknown Source)
at org.pentaho.packageManagement.PackageManager.establishProxy(PackageManager.java:123)
at org.pentaho.packageManagement.PackageManager.create(PackageManager.java:49)
at weka.core.WekaPackageManager.<clinit>(WekaPackageManager.java:99)
... 48 more
====================================================================================
Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write")
====================================================================================
Caused by: java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write")
====================================================================================
Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Users\xiaochenchen\wekafiles" "read")
====================================================================================
Caused by: java.security.AccessControlException: access denied ("java.net.NetPermission" "getProxySelector")
====================================================================================
Caused by: java.security.AccessControlException: access denied ("java.net.NetPermission" "setDefaultAuthenticator")
对应my.policy文件
grant {
permission javax.management.MBeanTrustPermission "register";
permission javax.management.MBeanServerPermission "createMBeanServer";
// 表示文件名的时候要用双反斜杠,用-表示该文件夹下所有子目录
permission java.io.FilePermission "Capabilities.props", "read";
permission java.io.FilePermission "C:\\Users\\xiaochenchen\\-", "read,write";
permission java.util.PropertyPermission "*", "read,write";
permission java.net.NetPermission "getProxySelector";
permission java.net.NetPermission "setDefaultAuthenticator";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "accessDeclaredMembers";
};
PS:
VM参数的等号后面是文件在项目中的相对路径,也可以用绝对路径
-Djava.security.policy=E:\elasticsearch-5.4.1(1)\elasticsearch-5.4.1\core\src\main\resources\config\elasticsearch.policy
附上es源码运行参数
-Des.path.home=E:\elasticsearch-5.4.1(1)\elasticsearch-5.4.1\core\src\main -Djava.security.policy=E:\elasticsearch-5.4.1(1)\elasticsearch-5.4.1\core\src\main\resources\config\elasticsearch.policy -Xms4g -Xmx4g