db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David W. Van Couvering" <David.Vancouver...@Sun.COM>
Subject Re: Proposal for change in test harness & security manager
Date Wed, 19 Oct 2005 22:57:41 GMT
This is great!  Given our emphasis on security since Derby can be 
distributed all over the map, this is very important.

Did you update the test instructions to indicate how to turn off the 
security manager and what sorts of errors you might see that may 
motivate you to turn it off?

Thanks,

David

Daniel John Debrunner wrote:
> I just committed 326736 to the trunk which changes the test harness to
> install a security manager for the JVM running the client side of a test
> (embedded or network, sql or java test, unit tests as well).
> 
> Here's the commit comment.
> 
> -------------------------------
> DERBY-615 Change the test harness to run tests with a security manager
> by default, using the same mechanism as used to install a security manager
> for the separate network server process.
> The security manager is not installed when any of the following are true:
> 
>  noSecurityManager=true is in the <testname>_app.properties file
> 
>  JCC (DB2 Universal Driver) is the JDBC client - this is a short term
> restriction.
> 
>  Tests where useProcess=false, e.g. nist suite - this is a short term
> restriction.
> 
> Update the policy file to allow most remaining tests to run using a
> security manager.
> --------------------------------
> 
> If this causes too many issues then this (326736) is the fix to revert,
> other changes under DERBY-615 should be ok. I have tested with jars and
> non-jars, sane and insane but you never know. I'm in a training course
> the next couple of days so may not be able to address any issues. If the
> need to revert 326736 arises, then please go ahead and I will resolve
> any of the issues before trying again.
> 
> I think at least 50% of the tests run with a security manager with this
> change, I need to calculate the actual number.
> 
> To update Francois' concern about J2ME/CDC, currently the test suite
> does not install a security manager for j9_foundation, this was the
> existing behaviour. I've left this as-is in order to take a staged
> approach, get clean runs under J2SE before moving onto J2ME/CDC. I did,
> however, run J2ME/CDC with the security mananger enabled and most tests
> seemed to pass. There were some failures but they may have been the same
> as J2SE before I started disabling tests with noSecurityManager=true.
> 
> Dan.
> 

Mime
View raw message