db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anurag Shekhar <Anurag.Shek...@Sun.COM>
Subject Re: QueryObjectGenerator & SecurityManager - bug or requirement?
Date Tue, 11 Apr 2006 10:42:48 GMT


Daniel John Debrunner wrote On 04/10/06 23:54,:

>In the properties file for the TestQueryObject JDBC 4.0 test we have:
>
>#this case tests QueryObject related methods which are present in jdk 1.6
>#default QueryObjectGenerator uses reflection to check the Data Object
>#before calling the methods to set the values. This is a privileged
>operation
>#and fails in the presence of security manager
>noSecurityManager=true
>
>Is this a bug in Mustang?
>  
>
No its not a bug. createQueryObject method needs to check of declared 
fields
to find mapping of fields and columns.

>Or in order to use this feature with Derby and a SecurityManager does
>the application has to grant some permissions to some code (Derby code
>or Java class libraries code)? If so, then some documentation will be
>needed around this, and the test should be changed to run under the
>Security Manager with the correct permissions so that we ensure
>applications can use this functionality.
>  
>
while runing QueryObject test with security manager I get this exception
java.sql.SQLRuntimeException: java.security.AccessControlException: 
access denied (java.lang.RuntimePermission accessDeclaredMembers)
        at 
com.sun.sql.QueryObjectGeneratorImpl.invoke(QueryObjectGeneratorImpl.java:219)
        at $Proxy0.getAllData(Unknown Source)
        at 
org.apache.derbyTesting.functionTests.tests.jdbc4.TestQueryObject.testConnectionQuery(TestQueryObject.java:61)

Granting accessDeclaredMembers to com.sun.sql.QueryObjectGeneratorImpl 
should fix this error. But com.sun.sql.QueryObjectGeneratorImpl
is internal class of sun's jdk, so this problem will exist on other jdk's.

anurag

Mime
View raw message