commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary D. Gregory (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (LANG-744) StringUtils throws java.security.AccessControlException on Google App Engine
Date Fri, 26 Aug 2011 14:03:29 GMT

    [ https://issues.apache.org/jira/browse/LANG-744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13091776#comment-13091776
] 

Gary D. Gregory commented on LANG-744:
--------------------------------------

That would be a minimum but I still do not like the design of {{catch (java.security.AccessControlException
e)}}. 

If we do that it means that we should go through all [lang] (and [commons]) static initializers
to possibly add this block. It is also inconsistent with methods that we do not even know
may throw ACE? In one place we catch it, in others we do not. Not great. I need to think about
this some more. Crazy day here...




> StringUtils throws java.security.AccessControlException on Google App Engine
> ----------------------------------------------------------------------------
>
>                 Key: LANG-744
>                 URL: https://issues.apache.org/jira/browse/LANG-744
>             Project: Commons Lang
>          Issue Type: Bug
>          Components: lang.*
>    Affects Versions: 3.0.1
>         Environment: Google App Engine
>            Reporter: Clément Denis
>             Fix For: 3.0.2
>
>
> In the static initializer of org.apache.commons.lang3.StringUtils, there is an attempt
to load the class sun.text.Normalizer.
> Such a class is prohibited on Google App Engine, and the static intializer throws a java.security.AccessControlException.
> {code}
> Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission
accessClassInPackage.sun.text)
> 	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374)
> 	at java.security.AccessController.checkPermission(AccessController.java:546)
> 	at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> 	at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:166)
> 	at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1512)
> 	at java.lang.Class.checkMemberAccess(Class.java:2164)
> 	at java.lang.Class.getMethod(Class.java:1602)
> 	at org.apache.commons.lang3.StringUtils.<clinit>(StringUtils.java:739)
> {code}
> The exception should be caught in the catch clauses around loadClass("sun.text.Normalizer").
> Commons lang 2 worked fine on GAE.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

Mime
View raw message