我试图在Spring 4中使用Groovy DSL在Spring MVC应用程序中定义我们的bean . 一切都在当地的雄猫中游泳 .
当应用程序移动到测试区域时,也就是tomcat,它在启动时失败了 . 调用importBeans方法引入额外的groovy DSL脚本(按预期导入XML文件)时失败 .
当脚本尝试执行时,我们会看到如下所示的堆栈:
Caused by: java.security.AccessControlException: access denied ("groovy.security.GroovyCodeSourcePermission" "/groovy/shell")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:366) ~[na:1.7.0_11]
at java.security.AccessController.checkPermission(AccessController.java:560) [na:1.7.0_11]
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) ~[na:1.7.0_11]
at groovy.lang.GroovyCodeSource.createCodeSource(GroovyCodeSource.java:216) ~[groovy-2.3.4.jar:2.3.4]
at groovy.lang.GroovyCodeSource.<init>(GroovyCodeSource.java:93) ~[groovy-2.3.4.jar:2.3.4]
at groovy.lang.GroovyShell.parse(GroovyShell.java:666) ~[groovy-2.3.4.jar:2.3.4]
at groovy.lang.GroovyShell.evaluate(GroovyShell.java:647) ~[groovy-2.3.4.jar:2.3.4]
at org.springframework.beans.factory.groovy.GroovyBeanDefinitionReader.loadBeanDefinitions(GroovyBeanDefinitionReader.java:242) ~[spring-beans-4.1.0.RELEASE.jar:4.1.0.RELEASE]
进一步跟踪显示初始Groovy文件运行正常,使用importBeans加载XML文件,然后在Groovy脚本上失败 .
Tomcat版本是7 .
我已经尝试将策略添加到catalina.policy文件但没有运气 . 我不确定我是否理解政策档案:
grant codeBase "file:${catalina.home}/apps/myAwesomeApp/WEB-INF/classes/-" {
permission groovy.security.GroovyCodeSourcePermission "/groovy/script";
permission groovy.security.GroovyCodeSourcePermission "/groovy/shell";
permission java.io.FilePermission "/groovy/script", "read";
permission java.io.FilePermission "/groovy/shell", "read";
permission java.lang.RuntimePermission "accessClassInPackage.*";
permission java.lang.RuntimePermission "createClassLoader";
permission java.lang.RuntimePermission "defineClassInPackage.*";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.lang.RuntimePermission "setContextClassLoader";
permission java.lang.RuntimePermission "shutdownHooks";
permission java.util.PropertyPermission "*", "read,write";
};
grant codeBase "file:/groovy/shell" {
permission java.lang.RuntimePermission "accessDeclaredMembers";
};
grant codeBase "file:/groovy/script" {
permission java.lang.RuntimePermission "accessDeclaredMembers";
};
grant codeBase "file:/groovy/security/-" {
permission java.lang.RuntimePermission "accessDeclaredMembers";
};
对下一步的想法?