Fatal编程技术网
  • java/
  • Java 通过applet访问LDAP

Java 通过applet访问LDAP

java security

Java 通过applet访问LDAP,java,security,applet,signed-applet,Java,Security,Applet,Signed Applet,我需要通过applet访问本地运行的LDAP,以便对来自其自身组织安全的用户进行身份验证 但是,当我单击登录按钮,小程序尝试连接到10.0.215.45服务器时,它会出现以下异常 network: Connecting http://qa.mycompany.com/loginldap/jndi.properties with proxy=DIRECT network: Connecting http://qa.mycompany.com/loginldap/jndi.prop

我需要通过applet访问本地运行的LDAP,以便对来自其自身组织安全的用户进行身份验证

但是,当我单击登录按钮,小程序尝试连接到
10.0.215.45
服务器时,它会出现以下异常

     network: Connecting http://qa.mycompany.com/loginldap/jndi.properties with proxy=DIRECT
    network: Connecting http://qa.mycompany.com/loginldap/jndi.properties with cookie "__utma=3105202.1962924881.1410333072.1410351890.1411365879.4; __utmz=3105202.1410333072.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _bcvm_vrid_3210241798524429162=9098969101660648460T0DA4F9342F9A96696C8032E97870412050BB1ADC5C79D4B5EAA03F617D96473191202EB66601664B00D33A3B14F5A765452D84B6F8C4149A8E9235E8EEFB41FE; inproducttranslatemode=false"
    network: Connecting http:// 10.0.215.45 :389/crossdomain.xml with proxy=DIRECT
    network: Connecting http:// 10.0.215.45 :389/ with proxy=DIRECT
    java.security.AccessControlException: access denied ("java.net.SocketPermission" "10.0.215.45:389" "connect,resolve")
        at java.security.AccessControlContext.checkPermission(Unknown Source)
        at java.security.AccessController.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkConnect(Unknown Source)
        at sun.plugin2.applet.SecurityManagerHelper.checkConnectHelper(Unknown Source)
        at sun.plugin2.applet.AWTAppletSecurityManager.checkConnect(Unknown Source)
我在构建过程中对applet jar进行了自签名

<target name="dist" depends="clean,compile" description="generate the distribution">
<mkdir dir="${dist}" />
<copy todir="${build}">
    <fileset file="${src}/conf.properties" />
</copy>
<jar jarfile="${dist}/${module-jar-file}" basedir="${build}">
    <manifest>
        <attribute name="Permissions" value="sandbox" />
        <attribute name="Codebase" value="*.mycompany.com" />
        <attribute name="Application-Library-Allowable-Codebase" value="*.mycompany.com" />
        <attribute name="Application-Name" value="Company - SSO" />
        <attribute name="Main-Class" value="com.mycompany.authentication.sso.Application"/>
        <attribute name="Entry-Point" value="com.mycompany.authentication.sso.applet.Applet" />
    </manifest>
</jar>
<signjar jar="${dist}/${module-jar-file}" alias="signalias" keystore="keystore" storepass="storepass">
</signjar>
<copy todir="${dist}">
    <fileset file="resources/index.html" />
</copy>

我的整体架构如下

>>>>>>>>>>>>>>互联网以下是我如何让它工作的


  • 我将清单行从
    更改为异常站点列表,因为
没有任何正确的SSL证书。从安全选项卡下的Java控制面板
    • 
这至少在浏览器中启动并运行了我的小程序。稍后,对于生产环境,我可以拥有适当的SSL证书,并根据需要分配适当的权限