I have a Spring Webapp that throws some confusing errors on startup when I deploy it to my production server (they don't happen when I run it locally)- the errors don't seem to impact anything, so this question is more out of curiosity than a true need for help.

我有一个Spring Webapp,当我将它部署到我的生产服务器时会在启动时抛出一些令人困惑的错误(当我在本地运行时它们不会发生) - 这些错误似乎没有影响任何东西,所以这个问题更多的是好奇心比真正需要帮助。

Here is the stacktrace:

这是堆栈跟踪:

20-Apr-2016 17:31:31.711 INFO [localhost-startStop-1] org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security Violation, attempt to use Restricted Class: jdk.internal.dynalink.support.messages_en_US
 java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.jdk.internal.dynalink.support")
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
    at java.security.AccessController.checkPermission(AccessController.java:884)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
    at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
    at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1268)
    at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1167)
    at java.util.ResourceBundle$Control.newBundle(ResourceBundle.java:2640)
    at java.util.ResourceBundle.loadBundle(ResourceBundle.java:1501)
    at java.util.ResourceBundle.findBundle(ResourceBundle.java:1465)
    at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:1361)
    at java.util.ResourceBundle.getBundle(ResourceBundle.java:1082)
    at java.util.logging.Logger.findResourceBundle(Logger.java:1879)
    at java.util.logging.Logger.setupResourceInfo(Logger.java:1940)
    at java.util.logging.Logger.<init>(Logger.java:380)
    at java.util.logging.LogManager.demandLogger(LogManager.java:554)
    at java.util.logging.Logger.demandLogger(Logger.java:455)
    at java.util.logging.Logger.getLogger(Logger.java:553)
    at jdk.internal.dynalink.support.Guards.<clinit>(Guards.java:101)
    at jdk.nashorn.internal.runtime.Undefined.<clinit>(Undefined.java:51)
    at jdk.nashorn.internal.runtime.JSType.<clinit>(JSType.java:263)
    at jdk.nashorn.internal.runtime.AccessorProperty.<clinit>(AccessorProperty.java:60)
    at jdk.nashorn.internal.objects.Global.$clinit$(Global.java)
    at jdk.nashorn.internal.objects.Global.<clinit>(Global.java:919)
    at jdk.nashorn.internal.runtime.Context.newGlobal(Context.java:1102)
    at jdk.nashorn.api.scripting.NashornScriptEngine$2.run(NashornScriptEngine.java:347)
    at jdk.nashorn.api.scripting.NashornScriptEngine$2.run(NashornScriptEngine.java:343)
    at java.security.AccessController.doPrivileged(Native Method)
    at jdk.nashorn.api.scripting.NashornScriptEngine.createNashornGlobal(NashornScriptEngine.java:343)
    at jdk.nashorn.api.scripting.NashornScriptEngine.<init>(NashornScriptEngine.java:143)
    at jdk.nashorn.api.scripting.NashornScriptEngineFactory.getScriptEngine(NashornScriptEngineFactory.java:148)
    at javax.script.ScriptEngineManager.getEngineByName(ScriptEngineManager.java:238)
    at com.my.applicationlib.security.ScriptSandbox.<init>(ScriptSandbox.java:60)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
    at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:147)
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:89)
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$4.run(AbstractAutowireCapableBeanFactory.java:1089)
    at java.security.AccessController.doPrivileged(Native Method)
    ...

And the relevant code is as follows:

相关代码如下:

@Service
public class ScriptSandbox {
    ScriptEngine _scriptEngine;
    AccessControlContext _accessControlContext;

    public ScriptSandbox() throws InstantiationException{
        ScriptEngineManager sem = new ScriptEngineManager();
        _scriptEngine = sem.getEngineByName("nashorn");//This error happens on this line.
        if (_scriptEngine==null){
            throw new InstantiationException("Could not load script engine: "+
                    "nashorn");
        }
        setPermissions(null);
   }
}

I haven't been able to turn up much relevant information on google, the most I've seen is that I need it in my java security configuration. Mine looks like this so I think I have what I need:

我无法在谷歌上发现很多相关信息,我见过的最多是在我的java安全配置中需要它。我看起来像这样,所以我认为我有我需要的东西:

grant {permission java.security.AllPermission; permission java.lang.RuntimePermission;};

Any thoughts?

Edit: This question was marked as a duplicate of this question. I don't think it is for the following reasons:

编辑:此问题被标记为此问题的副本。我不认为这是由于以下原因:

it works just fine when I initialize nashorn later in the application it seems to work. I only get this error on bean definition from what I can tell. Don't think it's a signing issue as it only comes up on bean definition.

当我在应用程序中稍后初始化nashorn它似乎工作时,它工作得很好。我只能从我所知道的bean定义中得到这个错误。不要认为它是签名问题,因为它只出现在bean定义上。

Furthermore, that question has no accepted answers and few votes. Are any of those actually solutions to this problem?

此外,这个问题没有被接受的答案和很少的选票。这些问题中的任何一个都解决了这个问题吗?

1 个解决方案

@Service
public class MyServiceThatUsesScriptSandbox(){
    private ScriptSandbox sandbox;
    @PostConstruct
    public void initSandbox(){
        sandbox = new ScriptSandbox();
    }
}

#1

@Service
public class MyServiceThatUsesScriptSandbox(){
    private ScriptSandbox sandbox;
    @PostConstruct
    public void initSandbox(){
        sandbox = new ScriptSandbox();
    }
}