db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <derby-...@db.apache.org>
Subject [jira] Updated: (DERBY-1540) JDBC 4 EoD with default QueryObjectGenerator fails with SecurityManager
Date Wed, 26 Jul 2006 16:27:15 GMT
     [ http://issues.apache.org/jira/browse/DERBY-1540?page=all ]

Rick Hillegas updated DERBY-1540:

    Attachment: derby-1540_v01.diff

This was a bug in the Mustang beta, which has been fixed. The attached patch (derby-1540_v01.diff)
causes this test to run under the SecurityManager. I ran the jdbc40 suite against jar files.
It passes cleanly under the embedded framework. In the DerbyNetClient framework the suite
has the same errors which appear in the mainline. Touches the following file:

M      java\testing\org\apache\derbyTesting\functionTests\tests\jdbc4\TestQueryObject_app.properties

Committed at subversion revision 425772.

> JDBC 4 EoD with default QueryObjectGenerator  fails with SecurityManager
> ------------------------------------------------------------------------
>                 Key: DERBY-1540
>                 URL: http://issues.apache.org/jira/browse/DERBY-1540
>             Project: Derby
>          Issue Type: Bug
>          Components: JDBC
>    Affects Versions:
>            Reporter: Daniel John Debrunner
>         Assigned To: Rick Hillegas
>         Attachments: derby-1540_v01.diff
> The test jdbc4/TestQueryObject runs without the security manager because the default
QueryObjectGenerator uses reflection.
> See  trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbc4/TestQueryObject_app.properties
> Seems like a bug, but not sure of its cause or solution: Could be one (or none) of:
> - Make changes in Derby code, e.g. add privilege blocks but don't see how this will solve
anything as it's not Derby code that's calling the reflection and I don't see any javadoc
comments in JDBC 4.0 about methods throwing SecurityExceptions.
> - document the privileges required to use the EoD features, though not sure how we would
document the ability to grant a privilege to system (JDK) code. Are these privileges documented
in the JDBC spec?
> - a bug in the Mustang beta, default query object not being treated as system code, no
priv blocks in it?
> - a limitation of the default  QueryObjectGenerator , cannot use with a security manager?
> - a Derby test problem?
> This is more of a tracking issue, with a dump of my thoughts.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message