Exception java.lang.SecurityException: class "javax.servlet.FilterRegistration"

本文介绍了解决Spark应用程序中遇到的Java.lang.SecurityException错误的方法,该错误源于不同版本的servlet-api之间的冲突。通过调整pom.xml文件排除特定版本的servlet-api,可以有效避免此类问题。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Java.lang.SecurityException: class “javax.servlet.FilterRegistration“‘s signer information does not match signer information of other classes in the same package

at java.lang.ClassLoader.checkCerts(ClassLoader.java:898)
at java.lang.ClassLoader.preDefineClass(ClassLoader.java:668)
at java.lang.ClassLoader.defineClass(ClassLoader.java:761)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:467)
at java.net.URLClassLoader.access$100(URLClassLoader.java:73)
at java.net.URLClassLoader$1.run(URLClassLoader.java:368)
at java.net.URLClassLoader$1.run(URLClassLoader.java:362)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:361)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at org.spark-project.jetty.servlet.ServletContextHandler.<init>(ServletContextHandler.java:136)
at org.spark-project.jetty.servlet.ServletContextHandler.<init>(ServletContextHandler.java:129)
at org.spark-project.jetty.servlet.ServletContextHandler.<init>(ServletContextHandler.java:98)
at org.apache.spark.ui.JettyUtils$.createServletHandler(JettyUtils.scala:126)
at org.apache.spark.ui.JettyUtils$.createServletHandler(JettyUtils.scala:113)
at org.apache.spark.ui.WebUI.attachPage(WebUI.scala:78)
at org.apache.spark.ui.WebUI$$anonfun$attachTab$1.apply(WebUI.scala:62)
	at org.apache.spark.ui.WebUI$$anonfun$attachTab$1.apply(WebUI.scala:62)
at scala.collection.mutable.ResizableArray$class.foreach(ResizableArray.scala:59)
at scala.collection.mutable.ArrayBuffer.foreach(ArrayBuffer.scala:47)
at org.apache.spark.ui.WebUI.attachTab(WebUI.scala:62)
at org.apache.spark.ui.SparkUI.initialize(SparkUI.scala:63)
at org.apache.spark.ui.SparkUI.<init>(SparkUI.scala:76)
at org.apache.spark.ui.SparkUI$.create(SparkUI.scala:195)
at org.apache.spark.ui.SparkUI$.createLiveUI(SparkUI.scala:146)
at org.apache.spark.SparkContext.<init>(SparkContext.scala:473)
at org.apache.spark.api.java.JavaSparkContext.<init>(JavaSparkContext.scala:59)
at WordCount.main(WordCount.java:28)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:140)

这里写图片描述
在idea中运行本地Spark出现class “Java.servlet.FilterRegistrantion”不匹配,在网上查了很多:
1.有让删除javax.servlet开头的库的
2.有让参考https://stackoverflow.com/questions/28086520/spark-application-throws-javax-servlet-filterregistration
3.有让
这里写图片描述

==================== 以下正确解决 ====================
于是我们需要在pom.xml中,视情况把不同版本的servlet-api给除掉,这里我选择的是除掉Hadoop-commont中的旧版本servlet-api:

<dependency>
    <groupId>org.apache.hadoop</groupId>
    <artifactId>hadoop-common</artifactId>
    <exclusions>
        <exclusion>
            <groupId>javax.servlet</groupId>
            <artifactId>*</artifactId>
        </exclusion>
    </exclusions>
</dependency>

这里写图片描述
依次检查完所有的间接依赖,一个个处理好,再重新编译程序,测试,知道程序可以正常跑起来。这里需要特别注意,如果程序运行前export的CLASSPATH中的某个路径里有旧的jar包,一定要清理干净再测试,否则可能你已经在pom.xml中解决了问题,但无论怎么测试都不行,仍然还是jar包冲突,结果发现是CLASSPATH中的某个路径的旧jar包没清理干净导致的,那就浪费时间了

执行 java -Djava.security.debug=provider -jar tks-shop-test.jar 报错[traceId:] 2025-06-03T09:48:27.798+08:00 WARN 311663 --- [ main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tokenAes' defined in class path resource [com/yami/shop/common/config/ShopBeanConfig.class]: Failed to instantiate [cn.hutool.crypto.symmetric.AES]: Factory method 'tokenAes' threw exception with message: SecurityException: JCE cannot authenticate the provider BC [traceId:] 2025-06-03T09:48:27.810+08:00 DEBUG 311663 --- [ main] c.y.s.c.t.TraceThreadPoolTaskExceutor : Shutting down ExecutorService 'taskExecutor' [traceId:] 2025-06-03T09:48:27.841+08:00 INFO 311663 --- [lientSelector_1] RocketmqRemoting : closeChannel: close the connection to remote address[47.115.51.7:10911] result: true [traceId:] 2025-06-03T09:48:27.845+08:00 INFO 311663 --- [lientSelector_1] RocketmqRemoting : closeChannel: close the connection to remote address[47.115.51.7:9876] result: true [traceId:] 2025-06-03T09:48:27.911+08:00 INFO 311663 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat] [traceId:] 2025-06-03T09:48:27.960+08:00 INFO 311663 --- [ main] .s.b.a.l.ConditionEvaluationReportLogger : Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled. [traceId:] 2025-06-03T09:48:28.016+08:00 ERROR 311663 --- [ main] o.s.boot.SpringApplication : Application run failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tokenAes' defined in class path resource [com/yami/shop/common/config/ShopBeanConfig.class]: Failed to instantiate [cn.hutool.crypto.symmetric.AES]: Factory method 'tokenAes' threw exception with message: SecurityException: JCE cannot authenticate the provider BC at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:659) at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:493) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1332) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1162) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:560) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:520) at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:326) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:324) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:200) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:973) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:941) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:608) at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146) at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:732) at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:434) at org.springframework.boot.SpringApplication.run(SpringApplication.java:310) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1304) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1293) at com.yami.shop.admin.WebApplication.main(WebApplication.java:25) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49) at org.springframework.boot.loader.Launcher.launch(Launcher.java:95) at org.springframework.boot.loader.Launcher.launch(Launcher.java:58) at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:65) Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [cn.hutool.crypto.symmetric.AES]: Factory method 'tokenAes' threw exception with message: SecurityException: JCE cannot authenticate the provider BC at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:171) at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:655) ... 27 common frames omitted Caused by: cn.hutool.crypto.CryptoException: SecurityException: JCE cannot authenticate the provider BC at cn.hutool.crypto.SecureUtil.createCipher(SecureUtil.java:1034) at cn.hutool.crypto.CipherWrapper.<init>(CipherWrapper.java:39) at cn.hutool.crypto.symmetric.SymmetricCrypto.init(SymmetricCrypto.java:150) at cn.hutool.crypto.symmetric.SymmetricCrypto.<init>(SymmetricCrypto.java:127) at cn.hutool.crypto.symmetric.SymmetricCrypto.<init>(SymmetricCrypto.java:115) at cn.hutool.crypto.symmetric.SymmetricCrypto.<init>(SymmetricCrypto.java:104) at cn.hutool.crypto.symmetric.SymmetricCrypto.<init>(SymmetricCrypto.java:83) at cn.hutool.crypto.symmetric.AES.<init>(AES.java:50) at com.yami.shop.common.config.ShopBeanConfig.tokenAes(ShopBeanConfig.java:27) at com.yami.shop.common.config.ShopBeanConfig$$SpringCGLIB$$0.CGLIB$tokenAes$3(<generated>) at com.yami.shop.common.config.ShopBeanConfig$$SpringCGLIB$$2.invoke(<generated>) at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:258) at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:331) at com.yami.shop.common.config.ShopBeanConfig$$SpringCGLIB$$0.tokenAes(<generated>) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:139) ... 28 common frames omitted Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC at java.base/javax.crypto.Cipher.getInstance(Cipher.java:722) at cn.hutool.crypto.SecureUtil.createCipher(SecureUtil.java:1032) ... 46 common frames omitted Caused by: java.lang.IllegalStateException: zip file closed at java.base/java.util.zip.ZipFile.ensureOpen(ZipFile.java:839) at java.base/java.util.zip.ZipFile.getManifestName(ZipFile.java:1065) at java.base/java.util.zip.ZipFile$1.getManifestName(ZipFile.java:1108) at java.base/javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:464) at java.base/javax.crypto.JarVerifier.verifyJars(JarVerifier.java:320) at java.base/javax.crypto.JarVerifier.verify(JarVerifier.java:263) at java.base/javax.crypto.ProviderVerifier.verify(ProviderVerifier.java:130) at java.base/javax.crypto.JceSecurity.verifyProvider(JceSecurity.java:190) at java.base/javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:218) at java.base/javax.crypto.Cipher.getInstance(Cipher.java:718) ... 47 common frames omitted
06-04
[root@VM-24-11-opencloudos application]# java -Dorg.bouncycastle.disable.jce.check=true -jar yami-shop.jar 11:31:34,663 |-INFO in ch.qos.logback.classic.LoggerContext[default] - This is logback-classic version 1.4.7 11:31:34,728 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback-test.xml] 11:31:34,729 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback.xml] 11:31:34,737 |-INFO in ch.qos.logback.classic.BasicConfigurator@169e6180 - Setting up default configuration. 11:31:35,817 |-INFO in ch.qos.logback.core.joran.spi.ConfigurationWatchList@35aea049 - URL [jar:file:/opt/application/yami-shop.jar!/BOOT-INF/classes!/logback/logback-dev.xml] is not of type file 11:31:35,923 |-INFO in ch.qos.logback.core.joran.util.ConfigurationWatchListUtil@7205765b - Adding [jar:file:/opt/application/yami-shop.jar!/BOOT-INF/lib/spring-boot-3.0.7.jar!/org/springframework/boot/logging/logback/defaults.xml] to configuration watch list. 11:31:35,923 |-INFO in ch.qos.logback.core.joran.spi.ConfigurationWatchList@35aea049 - URL [jar:file:/opt/application/yami-shop.jar!/BOOT-INF/lib/spring-boot-3.0.7.jar!/org/springframework/boot/logging/logback/defaults.xml] is not of type file 11:31:35,928 |-INFO in ch.qos.logback.core.joran.action.ConversionRuleAction - registering conversion word clr with class [org.springframework.boot.logging.logback.ColorConverter] 11:31:35,928 |-INFO in ch.qos.logback.core.joran.action.ConversionRuleAction - registering conversion word wex with class [org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter] 11:31:35,928 |-INFO in ch.qos.logback.core.joran.action.ConversionRuleAction - registering conversion word wEx with class [org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter] 11:31:35,932 |-INFO in ch.qos.logback.core.joran.util.ConfigurationWatchListUtil@7205765b - Adding [jar:file:/opt/application/yami-shop.jar!/BOOT-INF/lib/spring-boot-3.0.7.jar!/org/springframework/boot/logging/logback/console-appender.xml] to configuration watch list. 11:31:35,932 |-INFO in ch.qos.logback.core.joran.spi.ConfigurationWatchList@35aea049 - URL [jar:file:/opt/application/yami-shop.jar!/BOOT-INF/lib/spring-boot-3.0.7.jar!/org/springframework/boot/logging/logback/console-appender.xml] is not of type file 11:31:35,999 |-INFO in ch.qos.logback.classic.model.processor.ConfigurationModelHandler - Registering a new ReconfigureOnChangeTask ReconfigureOnChangeTask(born:1748921495996) 11:31:35,999 |-INFO in ch.qos.logback.classic.model.processor.ConfigurationModelHandler - Will scan for changes in [jar:file:/opt/application/yami-shop.jar!/BOOT-INF/classes!/logback/logback-dev.xml] 11:31:35,999 |-INFO in ch.qos.logback.classic.model.processor.ConfigurationModelHandler - Setting ReconfigureOnChangeTask scanning period to 1 minutes 11:31:36,005 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [org.apache.catalina.startup.DigesterFactory] to ERROR 11:31:36,005 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating ERROR level on Logger[org.apache.catalina.startup.DigesterFactory] onto the JUL framework 11:31:36,010 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [org.apache.catalina.util.LifecycleBase] to ERROR 11:31:36,011 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating ERROR level on Logger[org.apache.catalina.util.LifecycleBase] onto the JUL framework 11:31:36,011 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [org.apache.coyote.http11.Http11NioProtocol] to WARN 11:31:36,011 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating WARN level on Logger[org.apache.coyote.http11.Http11NioProtocol] onto the JUL framework 11:31:36,011 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [org.apache.sshd.common.util.SecurityUtils] to WARN 11:31:36,011 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating WARN level on Logger[org.apache.sshd.common.util.SecurityUtils] onto the JUL framework 11:31:36,011 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [org.apache.tomcat.util.net.NioSelectorPool] to WARN 11:31:36,011 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating WARN level on Logger[org.apache.tomcat.util.net.NioSelectorPool] onto the JUL framework 11:31:36,011 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [org.eclipse.jetty.util.component.AbstractLifeCycle] to ERROR 11:31:36,011 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating ERROR level on Logger[org.eclipse.jetty.util.component.AbstractLifeCycle] onto the JUL framework 11:31:36,011 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [org.hibernate.validator.internal.util.Version] to WARN 11:31:36,011 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating WARN level on Logger[org.hibernate.validator.internal.util.Version] onto the JUL framework 11:31:36,011 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [org.springframework.boot.actuate.endpoint.jmx] to WARN 11:31:36,011 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating WARN level on Logger[org.springframework.boot.actuate.endpoint.jmx] onto the JUL framework 11:31:36,011 |-INFO in ch.qos.logback.core.model.processor.AppenderModelHandler - Processing appender named [CONSOLE] 11:31:36,012 |-INFO in ch.qos.logback.core.model.processor.AppenderModelHandler - About to instantiate appender of type [ch.qos.logback.core.ConsoleAppender] 11:31:36,019 |-INFO in ch.qos.logback.core.model.processor.ImplicitModelHandler - Assuming default type [ch.qos.logback.classic.encoder.PatternLayoutEncoder] for [encoder] property 11:31:36,043 |-INFO in ch.qos.logback.core.model.processor.AppenderModelHandler - Processing appender named [DefaultFile] 11:31:36,043 |-INFO in ch.qos.logback.core.model.processor.AppenderModelHandler - About to instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender] 11:31:36,056 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@586127428 - No compression will be used 11:31:36,058 |-INFO in c.q.l.core.rolling.TimeBasedRollingPolicy@586127428 - Will use the pattern ./log/%d{yyyy-MM-dd}/admin-%d{yyyy-MM-dd}-%i.log for the active file 11:31:36,089 |-INFO in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@6283d8b8 - The date pattern is 'yyyy-MM-dd' from file name pattern './log/%d{yyyy-MM-dd}/admin-%d{yyyy-MM-dd}-%i.log'. 11:31:36,089 |-INFO in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@6283d8b8 - Roll-over at midnight. 11:31:36,099 |-INFO in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@6283d8b8 - Setting initial period to 2025-06-03T03:23:38.477Z 11:31:36,100 |-WARN in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@6283d8b8 - SizeAndTimeBasedFNATP is deprecated. Use SizeAndTimeBasedRollingPolicy instead 11:31:36,100 |-WARN in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@6283d8b8 - For more information see http://logback.qos.ch/manual/appenders.html#SizeAndTimeBasedRollingPolicy 11:31:36,110 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[DefaultFile] - Active log file name: ./log/admin.log 11:31:36,110 |-INFO in ch.qos.logback.core.rolling.RollingFileAppender[DefaultFile] - File property is set to [./log/admin.log] 11:31:36,118 |-INFO in ch.qos.logback.classic.model.processor.RootLoggerModelHandler - Setting level of ROOT logger to INFO 11:31:36,118 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating INFO level on Logger[ROOT] onto the JUL framework 11:31:36,119 |-INFO in ch.qos.logback.core.model.processor.AppenderRefModelHandler - Attaching appender named [CONSOLE] to Logger[ROOT] 11:31:36,119 |-INFO in ch.qos.logback.core.model.processor.AppenderRefModelHandler - Attaching appender named [DefaultFile] to Logger[ROOT] 11:31:36,119 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [com.yami.shop] to DEBUG 11:31:36,119 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating DEBUG level on Logger[com.yami.shop] onto the JUL framework 11:31:36,119 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [springfox.documentation.swagger2] to OFF 11:31:36,119 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating OFF level on Logger[springfox.documentation.swagger2] onto the JUL framework 11:31:36,119 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [io.swagger.models.parameters] to OFF 11:31:36,119 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating OFF level on Logger[io.swagger.models.parameters] onto the JUL framework 11:31:36,119 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [springfox.documentation.swagger.readers.operation.OperationImplicitParameterReader] to OFF 11:31:36,119 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating OFF level on Logger[springfox.documentation.swagger.readers.operation.OperationImplicitParameterReader] onto the JUL framework 11:31:36,119 |-INFO in ch.qos.logback.classic.model.processor.LoggerModelHandler - Setting level of logger [springfox.documentation.spring.web.readers.operation] to OFF 11:31:36,119 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@47987356 - Propagating OFF level on Logger[springfox.documentation.spring.web.readers.operation] onto the JUL framework 11:31:36,119 |-INFO in ch.qos.logback.core.model.processor.DefaultProcessor@3b6ddd1d - End of configuration. 11:31:36,120 |-INFO in org.springframework.boot.logging.logback.SpringBootJoranConfigurator@3f6b0be5 - Registering current configuration as safe fallback point .----------------. .----------------. .----------------. .----------------. .----------------. .----------------. | .--------------. || .--------------. || .--------------. || .--------------. || .--------------. || .--------------. | | | ____ ____ | || | __ | || | _____ | || | _____ | || | _ _ | || | _____ | | | ||_ \ / _|| || | / \ | || | |_ _| | || | |_ _| | || | | | | | | || | |_ _| | | | | | \/ | | || | / /\ \ | || | | | | || | | | | || | | |__| |_ | || | | | | | | | | |\ /| | | || | / ____ \ | || | | | _ | || | | | _ | || | |____ _| | || | _ | | | | | | _| |_\/_| |_ | || | _/ / \ \_ | || | _| |__/ | | || | _| |__/ | | || | _| |_ | || | | |_' | | | | ||_____||_____|| || ||____| |____|| || | |________| | || | |________| | || | |_____| | || | `.___.' | | | | | || | | || | | || | | || | | || | | | | '--------------' || '--------------' || '--------------' || '--------------' || '--------------' || '--------------' | '----------------' '----------------' '----------------' '----------------' '----------------' '----------------' [traceId:] 2025-06-03T11:31:36.454+08:00 INFO 335254 --- [ main] com.yami.shop.admin.WebApplication : Starting WebApplication using Java 17.0.8 with PID 335254 (/opt/application/yami-shop.jar started by root in /opt/application) [traceId:] 2025-06-03T11:31:36.466+08:00 DEBUG 335254 --- [ main] com.yami.shop.admin.WebApplication : Running with Spring Boot v3.0.7, Spring v6.0.9 [traceId:] 2025-06-03T11:31:36.467+08:00 INFO 335254 --- [ main] com.yami.shop.admin.WebApplication : The following 1 profile is active: "tks-test" [traceId:] 2025-06-03T11:31:40.140+08:00 INFO 335254 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode [traceId:] 2025-06-03T11:31:40.144+08:00 INFO 335254 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data Redis repositories in DEFAULT mode. [traceId:] 2025-06-03T11:31:40.193+08:00 INFO 335254 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 21 ms. Found 0 Redis repository interfaces. [traceId:] 2025-06-03T11:31:41.223+08:00 WARN 335254 --- [ main] ocalVariableTableParameterNameDiscoverer : Using deprecated '-debug' fallback for parameter name resolution. Compile the affected code with '-parameters' instead or avoid its introspection: com.yami.shop.common.aspect.RedisLockAspect [traceId:] 2025-06-03T11:31:41.225+08:00 WARN 335254 --- [ main] ocalVariableTableParameterNameDiscoverer : Using deprecated '-debug' fallback for parameter name resolution. Compile the affected code with '-parameters' instead or avoid its introspection: com.yami.shop.sys.aspect.SysLogAspect [traceId:] 2025-06-03T11:31:42.570+08:00 INFO 335254 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8085 (http) [traceId:] 2025-06-03T11:31:42.588+08:00 INFO 335254 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat] [traceId:] 2025-06-03T11:31:42.589+08:00 INFO 335254 --- [ main] o.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/10.1.8] [traceId:] 2025-06-03T11:31:42.734+08:00 INFO 335254 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext [traceId:] 2025-06-03T11:31:42.736+08:00 INFO 335254 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 5532 ms [traceId:] 2025-06-03T11:31:42.751+08:00 INFO 335254 --- [ main] c.y.s.s.c.a.DefaultAuthConfigAdapter : not implement other AuthConfigAdapter, use DefaultAuthConfigAdapter... all url need auth... [traceId:] 2025-06-03T11:31:43.284+08:00 INFO 335254 --- [ main] org.redisson.Version : Redisson 3.19.3 [traceId:] 2025-06-03T11:31:43.908+08:00 INFO 335254 --- [isson-netty-2-7] o.r.c.pool.MasterPubSubConnectionPool : 1 connections initialized for localhost/127.0.0.1:6379 [traceId:] 2025-06-03T11:31:43.971+08:00 INFO 335254 --- [sson-netty-2-20] o.r.c.pool.MasterConnectionPool : 24 connections initialized for localhost/127.0.0.1:6379 [traceId:] 2025-06-03T11:31:45.557+08:00 ERROR 335254 --- [ main] c.b.m.core.MybatisConfiguration : mapper[com.yami.shop.dao.BasketMapper.getShopCartItems] is ignored, because it exists, maybe from xml file [traceId:] 2025-06-03T11:31:46.202+08:00 WARN 335254 --- [ main] c.b.m.core.injector.AbstractMethod : [com.yami.shop.dao.DistributionProdMapper.selectPage] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectPage] [traceId:] 2025-06-03T11:31:48.093+08:00 WARN 335254 --- [ main] c.b.m.core.injector.AbstractMethod : [com.yami.shop.dao.UserMerchantMchMapper.selectPage] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectPage] [traceId:] 2025-06-03T11:31:50.519+08:00 DEBUG 335254 --- [ main] c.y.s.c.t.TraceThreadPoolTaskExceutor : Initializing ExecutorService [traceId:] 2025-06-03T11:31:50.521+08:00 DEBUG 335254 --- [ main] c.y.s.c.t.TraceThreadPoolTaskExceutor : Initializing ExecutorService 'taskExecutor' [traceId:] 2025-06-03T11:31:53.142+08:00 WARN 335254 --- [ main] c.b.m.core.metadata.TableInfoHelper : Can not find table primary key in Class: "com.yami.shop.bean.model.PayInfo". [traceId:] 2025-06-03T11:31:53.142+08:00 WARN 335254 --- [ main] c.b.m.core.injector.DefaultSqlInjector : class com.yami.shop.bean.model.PayInfo ,Not found @TableId annotation, Cannot use Mybatis-Plus 'xxById' Method. [traceId:] 2025-06-03T11:31:53.669+08:00 INFO 335254 --- [ main] c.yami.shop.common.util.sms.AliSmsUtils : 阿里短信平台初始化成功! [traceId:] 2025-06-03T11:31:53.876+08:00 INFO 335254 --- [ main] com.anji.captcha.util.ImageUtils : 自定义resource底图:[SLIDING_BLOCK=[Ljava.lang.String;@4b508371, ORIGINAL=[Ljava.lang.String;@41143873, PIC_CLICK=[Ljava.lang.String;@21f50d2c] [traceId:] 2025-06-03T11:31:53.881+08:00 INFO 335254 --- [ main] c.a.c.s.impl.CaptchaServiceFactory : supported-captchaCache-service:[redis, local] [traceId:] 2025-06-03T11:31:53.887+08:00 INFO 335254 --- [ main] c.a.c.s.impl.CaptchaServiceFactory : supported-captchaTypes-service:[clickWord, default, blockPuzzle] [traceId:] 2025-06-03T11:31:53.887+08:00 INFO 335254 --- [ main] c.a.c.s.i.BlockPuzzleCaptchaServiceImpl : --->>>初始化验证码底图<<<---blockPuzzle [traceId:] 2025-06-03T11:31:54.805+08:00 WARN 335254 --- [ main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tokenAes' defined in class path resource [com/yami/shop/common/config/ShopBeanConfig.class]: Failed to instantiate [cn.hutool.crypto.symmetric.AES]: Factory method 'tokenAes' threw exception with message: SecurityException: JCE cannot authenticate the provider BC [traceId:] 2025-06-03T11:31:54.814+08:00 DEBUG 335254 --- [ main] c.y.s.c.t.TraceThreadPoolTaskExceutor : Shutting down ExecutorService 'taskExecutor' [traceId:] 2025-06-03T11:31:54.858+08:00 INFO 335254 --- [lientSelector_1] RocketmqRemoting : closeChannel: close the connection to remote address[47.115.51.7:9876] result: true [traceId:] 2025-06-03T11:31:54.861+08:00 INFO 335254 --- [lientSelector_1] RocketmqRemoting : closeChannel: close the connection to remote address[47.115.51.7:10911] result: true [traceId:] 2025-06-03T11:31:54.907+08:00 INFO 335254 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat] [traceId:] 2025-06-03T11:31:54.946+08:00 INFO 335254 --- [ main] .s.b.a.l.ConditionEvaluationReportLogger : Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled. [traceId:] 2025-06-03T11:31:54.986+08:00 ERROR 335254 --- [ main] o.s.boot.SpringApplication : Application run failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tokenAes' defined in class path resource [com/yami/shop/common/config/ShopBeanConfig.class]: Failed to instantiate [cn.hutool.crypto.symmetric.AES]: Factory method 'tokenAes' threw exception with message: SecurityException: JCE cannot authenticate the provider BC at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:659) at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:493) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1332) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1162) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:560) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:520) at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:326) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:324) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:200) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:973) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:941) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:608) at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146) at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:732) at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:434) at org.springframework.boot.SpringApplication.run(SpringApplication.java:310) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1304) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1293) at com.yami.shop.admin.WebApplication.main(WebApplication.java:30) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49) at org.springframework.boot.loader.Launcher.launch(Launcher.java:95) at org.springframework.boot.loader.Launcher.launch(Launcher.java:58) at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:65) Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [cn.hutool.crypto.symmetric.AES]: Factory method 'tokenAes' threw exception with message: SecurityException: JCE cannot authenticate the provider BC at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:171) at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:655) ... 27 common frames omitted Caused by: cn.hutool.crypto.CryptoException: SecurityException: JCE cannot authenticate the provider BC at cn.hutool.crypto.SecureUtil.createCipher(SecureUtil.java:1034) at cn.hutool.crypto.CipherWrapper.<init>(CipherWrapper.java:39) at cn.hutool.crypto.symmetric.SymmetricCrypto.init(SymmetricCrypto.java:150) at cn.hutool.crypto.symmetric.SymmetricCrypto.<init>(SymmetricCrypto.java:127) at cn.hutool.crypto.symmetric.SymmetricCrypto.<init>(SymmetricCrypto.java:115) at cn.hutool.crypto.symmetric.SymmetricCrypto.<init>(SymmetricCrypto.java:104) at cn.hutool.crypto.symmetric.SymmetricCrypto.<init>(SymmetricCrypto.java:83) at cn.hutool.crypto.symmetric.AES.<init>(AES.java:50) at com.yami.shop.common.config.ShopBeanConfig.tokenAes(ShopBeanConfig.java:27) at com.yami.shop.common.config.ShopBeanConfig$$SpringCGLIB$$0.CGLIB$tokenAes$2(<generated>) at com.yami.shop.common.config.ShopBeanConfig$$SpringCGLIB$$2.invoke(<generated>) at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:258) at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:331) at com.yami.shop.common.config.ShopBeanConfig$$SpringCGLIB$$0.tokenAes(<generated>) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:139) ... 28 common frames omitted Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC at java.base/javax.crypto.Cipher.getInstance(Cipher.java:722) at cn.hutool.crypto.SecureUtil.createCipher(SecureUtil.java:1032) ... 46 common frames omitted Caused by: java.lang.IllegalStateException: zip file closed at java.base/java.util.zip.ZipFile.ensureOpen(ZipFile.java:839) at java.base/java.util.zip.ZipFile.getManifestName(ZipFile.java:1065) at java.base/java.util.zip.ZipFile$1.getManifestName(ZipFile.java:1108) at java.base/javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:464) at java.base/javax.crypto.JarVerifier.verifyJars(JarVerifier.java:320) at java.base/javax.crypto.JarVerifier.verify(JarVerifier.java:263) at java.base/javax.crypto.ProviderVerifier.verify(ProviderVerifier.java:130) at java.base/javax.crypto.JceSecurity.verifyProvider(JceSecurity.java:190) at java.base/javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:218) at java.base/javax.crypto.Cipher.getInstance(Cipher.java:718) ... 47 common frames omitted 以上方案都尝试过了还是报错
06-04
<think>嗯,用户遇到了一个JavaSecurityException异常,具体信息是"Package android does not belong to 2000"。这看起来是个Android系统级别的权限问题。用户可能正在开发需要系统权限的应用,或者尝试修改系统设置时遇到了这个错误。 让我仔细分析这个异常的含义。从字面看,系统在检查权限时发现当前进程的用户ID(UID)是2000,但"android"这个包名对应的预期UID不匹配。在Android系统中,每个应用都有唯一的UID,系统应用通常使用保留的UID(如1000对应system_server)。 参考用户提供的引用资料,有几个关键点值得注意: 引用[5]提到类似异常可以通过在AndroidManifest.xml中添加android:sharedUserId="android.uid.system"解决[^5]。但要注意这需要应用使用系统签名。 引用[3]解释了Android 4.3引入的Appops权限检查机制[^3],当进程UID与应用所属UID不匹配时会抛出此类异常。引用[4]则强调了Android 6.0后需要动态申请权限[^4]。 用户的具体场景可能是: - 正在开发需要系统权限的应用(如设备管理工具) - 尝试修改系统设置(如飞行模式状态) - 进程UID(2000)与目标包预期UID(可能是1000)不匹配 解决方法需要分情况讨论: 1 如果是普通应用:需要检查是否声明了正确的权限,特别是Android 6.0+需要动态申请 2 如果是系统应用:可能需要配置sharedUserId并使用平台签名 3 特殊场景下可能需要root权限 考虑到用户查询的异常信息明确提到UID 2000,这很可能是系统服务进程的UID(如shell用户)。这种情况下,最可行的解决方案可能是: - 使用系统签名重新编译应用 - 在Manifest声明android:sharedUserId - 通过adb授予root权限(仅限调试) 需要提醒用户注意,修改系统权限可能存在风险,普通应用应该避免请求系统级UID绑定。如果只是需要特定系统权限(如修改设置),应该优先使用标准的权限声明和动态申请流程。 最后生成的三个相关问题应该覆盖典型场景: 1 签名机制的具体操作步骤(用户可能是开发者) 2 权限申请的最佳实践(避免过度请求权限) 3 替代方案(避免触碰系统敏感API)</think>针对 `java.lang.SecurityException: Package android does not belong to 2000` 异常,以下是**根本原因分析和解决方案**,结合系统权限机制和引用资料: --- ### **根本原因** 此异常表明**当前进程的 UID(用户 ID)与目标系统包(`android`)的预期 UID 不匹配**: 1. **UID 冲突**: Android 系统为不同应用分配唯一 UID(如系统应用 UID=1000,普通应用 UID≥10000)。异常中的 `2000` 是当前进程的 UID,但系统要求操作 `android` 包需使用**特定系统级 UID**(如 `1000`)[^3][^5]。 2. **权限缺失**: 进程尝试访问系统级资源(如修改系统设置、调用系统 API),但未声明**系统级权限**或未使用**系统签名**。 --- ### **解决方案** #### **1. 声明系统级 UID(需系统签名)** 若你的应用需以系统身份运行(如预装系统应用): 1. 在 `AndroidManifest.xml` 中添加: ```xml <manifest xmlns:android="http://schemas.android.com/apk/res/android" android:sharedUserId="android.uid.system"> <!-- 声明系统级 UID --> ``` 2. **使用平台签名文件签名 APK**: - 获取设备的**平台签名密钥**(通常为 `platform.pk8` 和 `platform.x509.pem`)。 - 使用 `signapk.jar` 签名: ```bash java -jar signapk.jar platform.x509.pem platform.pk8 app-unsigned.apk app-signed.apk ``` > ✅ **适用场景**:预装系统应用或需操作系统底层功能。 #### **2. 动态申请权限(非系统应用)** 若应用无需系统身份,但需敏感权限(如修改设置): 1. 在 `AndroidManifest.xml` 声明权限: ```xml <uses-permission android:name="android.permission.WRITE_SETTINGS" /> ``` 2. 代码中动态请求权限(Android 6.0+): ```java if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) { if (!Settings.System.canWrite(context)) { Intent intent = new Intent(Settings.ACTION_MANAGE_WRITE_SETTINGS); intent.setData(Uri.parse("package:" + context.getPackageName())); startActivity(intent); } } ``` > ✅ **适用场景**:普通应用修改系统设置(如亮度、飞行模式)[^4]。 #### **3. 检查进程 UID 一致性** 若通过 `adb shell` 或跨进程调用触发异常: - **确保调用方 UID 与目标包一致**: 如通过 `am` 命令调用系统 API 时,确认执行命令的用户 ID(如 `su system` 切换至系统用户)[^3]。 - **避免跨 UID 访问系统资源**: 系统 API 通常禁止非系统 UID 直接操作。 --- ### **关键区别** | **方案** | 适用场景 | 必要条件 | |-------------------------|-----------------------------------|------------------------------| | 声明 `sharedUserId` | 预装系统应用,需操作系统底层功能 | 平台签名密钥、系统权限 | | 动态申请权限 | 普通应用修改系统设置 | 动态权限请求、用户授权 | | 切换进程 UID | Shell 命令或跨进程调用系统 API | Root 权限或系统用户身份 | --- ### **附加建议** 1. **签名失败处理**: 若未正确签名,日志会报 `INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES`,需确保签名密钥与设备系统一致。 2. **权限优先级**: `android:sharedUserId` 权限 > 动态权限申请,但前者需系统签名支持[^5]。 3. **系统 API 兼容性**: 部分系统 API 仅对 `android.uid.system` 开放,需优先查阅对应接口文档。 > 📌 **引用总结**: > - 系统 UID 不匹配需声明 `sharedUserId` 并系统签名 [^5] > - Android 6.0+ 敏感权限需动态申请 [^4] > - 跨 UID 访问系统资源需进程身份一致性 [^3] --- ### 相关问题 1. **如何为 Android 应用生成系统平台签名?** > 需设备厂商提供签名密钥(如 `platform.pk8`),普通开发者无法生成。 2. **没有系统签名时,如何安全调用系统级 API?** > 通过 `ContentProvider` 或系统服务(如 `Settings.Global`)封装接口,配合权限声明使用。 3. **Android 的 UID 机制如何防止权限滥用?** > 通过沙盒隔离(每个应用独立 UID)、SELinux 策略和 AppOps 动态权限控制实现 [^3][^4]。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值