我正在尝试重新创建Will的blog post中描述的行为,但是在尝试通过以下方式运行它时遇到以下异常:
$ java -javaagent:agent/target/securityfixer-agent-1.0-SNAPSHOT.jar=bootstrap/target/securityfixer-bootstrap-1.0-SNAPSHOT.jar -jar example/target/securi
tyfixer-example-1.0-SNAPSHOT.jar
Exception in thread "main" java.lang.NoClassDefFoundError: net/bytebuddy/implementation/Implementation$Context$Factory
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Unknown Source)
at java.lang.Class.getDeclaredMethod(Unknown Source)
at sun.instrument.InstrumentationImpl.loadClassAndStartAgent(Unknown Source)
at sun.instrument.InstrumentationImpl.loadClassAndCallPremain(Unknown Source)
Caused by: java.lang.ClassNotFoundException: net.bytebuddy.implementation.Implementation$Context$Factory
at java.net.URLClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
... 5 more
FATAL ERROR in native method: processing of -javaagent failed
structure如Will的博客所述-3个单独的jar,一个带有代理,一个带有拦截器,一个带有Main类。
我还尝试通过将mainClass节添加到securityfixer-example的清单中来将其作为可执行jar运行,但这似乎完全绕过了检测:
$ java -jar example/target/securityfixer-example-1.0-SNAPSHOT.jar -javaagent:agent/target/securityfixer-agent-1.0-SNAPSHOT.jar=bootstrap/target/securityfixer-bootstrap-1.0-SNAPSHOT.jar
Security manager is set!
ATTACK SUCCEEDED: Security manager was reset!
我在这里可能想念什么?提前致谢。
最佳答案
以下设置似乎正在起作用:byte-buddy-1.0.0.jar必须与一般的java-agents-experiments\securityfixer\agent\target一起位于securityfixer-agent-1.0-SNAPSHOT.jar内,因为后者取决于前者。这是通过在securityfixer-agent/pom.xml中包含以下执行复制的插件来实现的:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.8</version>
<executions>
<execution>
<id>copy-dependencies</id>
<phase>prepare-package</phase>
<goals>
<goal>copy-dependencies</goal>
</goals>
<configuration>
<outputDirectory>${project.build.directory}</outputDirectory>
<includeScope>runtime</includeScope>
</configuration>
</execution>
</executions>
</plugin>
以及
<Boot-Class-Path>中以下由上述节产生的工件的引用: <plugin>
<artifactId>maven-jar-plugin</artifactId>
<version>2.4</version>
<configuration>
<archive>
<manifestEntries>
<Can-Redefine-Classes>true</Can-Redefine-Classes>
<Can-Retransform-Classes>true</Can-Retransform-Classes>
<Agent-Class>com.excelsiorsoft.securityfixer.agent.SecurityFixerAgent</Agent-Class>
<Premain-Class>com.excelsiorsoft.securityfixer.agent.SecurityFixerAgent</Premain-Class>
<Boot-Class-Path>byte-buddy-1.0.0.jar</Boot-Class-Path>
</manifestEntries>
</archive>
</configuration>
</plugin>
因此,上述插件不会将不需要的依赖项(例如
securityfixer-bootstrap)与byte-buddy-1.0.0.jar一起复制,而我需要将其范围更改为provided。 maven-dependency-plugin似乎跳过了将具有该作用域的依赖项复制到其目标文件夹的操作。为了能够将其作为可执行jar运行,我们需要在
<mainClass>中添加securityfixer-example/pom.xml节: <plugin>
<artifactId>maven-jar-plugin</artifactId>
<version>2.4</version>
<configuration>
<archive>
<manifest>
<mainClass>securityfixer.Main</mainClass>
</manifest>
</archive>
</configuration>
</plugin>
。
$ java -javaagent:agent/target/securityfixer-agent-1.0-SNAPSHOT.jar=bootstrap/target/securityfixer-bootstrap-1.0-SNAPSHOT.jar -jar example/target/securit yfixer-example-1.0-SNAPSHOT.jar
Security manager is set!
ATTACK FAILED: SecurityManager cannot be reset!
随时发表评论-也许有一个更优雅的解决方案。谢谢!