Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
592 views
in Technique[技术] by (71.8m points)

New java.security.AccessControlException in Java 8

Previously working network code is throwing java.security.AccessControlException in a fully sandboxed Java applet.

Can't get socket 2255: java.security.AccessControlException: access denied ("java.net.SocketPermission" "50.31.1.13:2255" "connect,resolve")

What has Oracle changed - what new security hoop must be jumped to keep sockets to working?

This worked/works in Java 1.7.0_55 and all previous versions of java.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

This has indeed changed… From the documentation

http://docs.oracle.com/javase/8/docs/technotes/guides/jweb/enhancements-8.html

  • For sandbox RIAs, URLPermission is now used to allow connections back to the server from which they were started. URLPermissions is granted based on protocol, host and port of the code source. This change has the following implications:

    • For sandbox RIAs, SocketPermissions for the origin host is no longer granted. Calls from JavaScript code to the RIA are not granted SocketPermissions beginning with JDK 8.

In other words, you cannot create a new Socket in a sandbox anymore. You can only create a URL using the same host, same port, and same protocol as the codebase from a fully sandboxed applet then.

Unless Oracle changes its mind, there is no way for a sandboxed applet to get around this (otherwise it would render the entire security concept broken).


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...