有没有办法阻止Spring Boot在传统的Tomcat部署中设置Java System Properties?

时间:2016-02-09 16:44:48

标签: spring spring-boot

我想将Spring Boot应用程序部署到具有非常严格的安全策略(catalina.policy)的Tomcat 7服务器中,我无法更改。

我面临的问题是Spring Boot试图在启动时设置一堆非允许的系统属性。这会阻止Tomcat因安全策略错误而在安全模式下启动,因为write java.util.PropertyPermission的{​​{1}}权限不足。 catalina.out日志中显示的错误示例如下:

SEVERE: ContainerBase.addChild: start: 
org.apache.catalina.LifecycleException: Failed to start component     [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/kerberos- authenticator]]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:133)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:156)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:875)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:649)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1081)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1877)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.AccessControlException: access denied      ("java.util.PropertyPermission" "java.awt.headless" "write")
at     java.security.AccessControlContext.checkPermission(AccessControlContext.java:372  )
at java.security.AccessController.checkPermission(AccessController.java:559)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.System.setProperty(System.java:783)
at org.springframework.boot.SpringApplication.configureHeadlessProperty(SpringApplication.java:372)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:301)
at org.springframework.boot.context.web.SpringBootServletInitializer.run(SpringBootServletInitializer.java:149)
at org.springframework.boot.context.web.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:129)
at org.springframework.boot.context.web.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:85)
at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:175)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5481)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
... 14 more

我按照Spring Boot docs

中有关传统部署的说明进行操作

1 个答案:

答案 0 :(得分:2)

不幸的是,在撰写本文时,没有办法配置Spring Boot以阻止它尝试设置java.awt.headless。我打开了一个issue,以便我们可以在将来的版本中看到这一点。

相关问题
最新问题