美文网首页
java.security.AccessControlExcep

java.security.AccessControlExcep

作者: 运维狗Bazinga | 来源:发表于2018-12-17 21:29 被阅读0次

    在帮开发同事调试es远程词典的时候出现这个问题,elasticsearch 版本 6.2.3,jdk版本 1.8.0_102

      java.security.AccessControlException: access denied ("java.net.SocketPermission" "x.x.x.x:80" "connect,resolve")
        at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472) ~[?:1.8.0_102]
        at java.security.AccessController.checkPermission(AccessController.java:884) ~[?:1.8.0_102]
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) ~[?:1.8.0_102]
        at java.lang.SecurityManager.checkConnect(SecurityManager.java:1051) ~[?:1.8.0_102]
        at java.net.Socket.connect(Socket.java:584) ~[?:1.8.0_102]
        at org.apache.http.conn.socket.PlainConnectionSocketFactory.connectSocket(PlainConnectionSocketFactory.java:74) ~[?:?]
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141) ~[?:?]
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353) ~[?:?]
        at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380) ~[?:?]
        at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) ~[?:?]
        at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184) ~[?:?]
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88) ~[?:?]
        at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) ~[?:?]
        at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) ~[?:?]
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) ~[?:?]
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) ~[?:?]
        at org.wltea.analyzer.dic.Dictionary.getRemoteWords(Dictionary.java:498) ~[?:?]
        at org.wltea.analyzer.dic.Dictionary.loadRemoteExtDict(Dictionary.java:467) ~[?:?]
        at org.wltea.analyzer.dic.Dictionary.loadMainDict(Dictionary.java:408) ~[?:?]
        at org.wltea.analyzer.dic.Dictionary.initial(Dictionary.java:155) ~[?:?]
        at org.wltea.analyzer.cfg.Configuration.<init>(Configuration.java:40) ~[?:?]
        at org.elasticsearch.index.analysis.IkTokenizerFactory.<init>(IkTokenizerFactory.java:15) ~[?:?]
        at org.elasticsearch.index.analysis.IkTokenizerFactory.getIkSmartTokenizerFactory(IkTokenizerFactory.java:23) ~[?:?]
        at org.elasticsearch.index.analysis.AnalysisRegistry.buildMapping(AnalysisRegistry.java:364) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.index.analysis.AnalysisRegistry.buildTokenizerFactories(AnalysisRegistry.java:178) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.index.analysis.AnalysisRegistry.build(AnalysisRegistry.java:156) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.index.IndexService.<init>(IndexService.java:162) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.index.IndexModule.newIndexService(IndexModule.java:361) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.indices.IndicesService.createIndexService(IndicesService.java:452) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.indices.IndicesService.createIndex(IndicesService.java:406) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.indices.IndicesService.createIndex(IndicesService.java:143) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.indices.cluster.IndicesClusterStateService.createIndices(IndicesClusterStateService.java:454) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.indices.cluster.IndicesClusterStateService.applyClusterState(IndicesClusterStateService.java:229) ~[elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.cluster.service.ClusterApplierService.lambda$callClusterStateAppliers$6(ClusterApplierService.java:498) ~[elasticsearch-6.2.3.jar:6.2.3]
        at java.lang.Iterable.forEach(Iterable.java:75) [?:1.8.0_102]
        at org.elasticsearch.cluster.service.ClusterApplierService.callClusterStateAppliers(ClusterApplierService.java:495) [elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.cluster.service.ClusterApplierService.applyChanges(ClusterApplierService.java:482) [elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.cluster.service.ClusterApplierService.runTask(ClusterApplierService.java:432) [elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.cluster.service.ClusterApplierService$UpdateTask.run(ClusterApplierService.java:161) [elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingRunnable.run(ThreadContext.java:573) [elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.common.util.concurrent.PrioritizedEsThreadPoolExecutor$TieBreakingPrioritizedRunnable.runAndClean(PrioritizedEsThreadPoolExecutor.java:244) [elasticsearch-6.2.3.jar:6.2.3]
        at org.elasticsearch.common.util.concurrent.PrioritizedEsThreadPoolExecutor$TieBreakingPrioritizedRunnable.run(PrioritizedEsThreadPoolExecutor.java:207) [elasticsearch-6.2.3.jar:6.2.3]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_102]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_102]
        at java.lang.Thread.run(Thread.java:745) [?:1.8.0_102]
    

    解决办法:
    vi /data/soft/jdk1.8.0_102/jre/lib/security/java.policy

    
    // Standard extensions get all permissions by default
    
    grant codeBase "file:${{java.ext.dirs}}/*" {
            permission java.security.AllPermission;
    };
    
    // default permissions granted to all domains
    
    grant {
            // Allows any thread to stop itself using the java.lang.Thread.stop()
            // method that takes no argument.
            // Note that this permission is granted by default only to remain
            // backwards compatible.
            // It is strongly recommended that you either remove this permission
            // from this policy file or further restrict it to code sources
            // that you specify, because Thread.stop() is potentially unsafe.
            // See the API specification of java.lang.Thread.stop() for more
            // information.
            permission java.lang.RuntimePermission "stopThread";
    
            // allows anyone to listen on dynamic ports
            permission java.net.SocketPermission "localhost:0", "listen";
    
            // "standard" properies that can be read by anyone
    
            permission java.util.PropertyPermission "java.version", "read";
            permission java.util.PropertyPermission "java.vendor", "read";
            permission java.util.PropertyPermission "java.vendor.url", "read";
            permission java.util.PropertyPermission "java.class.version", "read";
            permission java.util.PropertyPermission "os.name", "read";
            permission java.util.PropertyPermission "os.version", "read";
            permission java.util.PropertyPermission "os.arch", "read";
            permission java.util.PropertyPermission "file.separator", "read";
            permission java.util.PropertyPermission "path.separator", "read";
            permission java.util.PropertyPermission "line.separator", "read";
    
            permission java.util.PropertyPermission "java.specification.version", "read";
            permission java.util.PropertyPermission "java.specification.vendor", "read";
            permission java.util.PropertyPermission "java.specification.name", "read";
    
            permission java.util.PropertyPermission "java.vm.specification.version", "read";
            permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
            permission java.util.PropertyPermission "java.vm.specification.name", "read";
            permission java.util.PropertyPermission "java.vm.version", "read";
            permission java.util.PropertyPermission "java.vm.vendor", "read";
            permission java.util.PropertyPermission "java.vm.name", "read";
            permission java.net.SocketPermission "*:*", "accept,connect,resolve"; //增加这一行内容
    };
    

    重启es之后解决

    相关文章

      网友评论

          本文标题:java.security.AccessControlExcep

          本文链接:https://www.haomeiwen.com/subject/zahhkqtx.html