db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rick Hillegas (JIRA)" <derby-...@db.apache.org>
Subject [jira] Assigned: (DERBY-1540) JDBC 4 EoD with default QueryObjectGenerator fails with SecurityManager
Date Wed, 26 Jul 2006 16:20:16 GMT
     [ http://issues.apache.org/jira/browse/DERBY-1540?page=all ]

Rick Hillegas reassigned DERBY-1540:
------------------------------------

    Assignee: Rick Hillegas

> JDBC 4 EoD with default QueryObjectGenerator  fails with SecurityManager
> ------------------------------------------------------------------------
>
>                 Key: DERBY-1540
>                 URL: http://issues.apache.org/jira/browse/DERBY-1540
>             Project: Derby
>          Issue Type: Bug
>          Components: JDBC
>    Affects Versions: 10.2.0.0
>            Reporter: Daniel John Debrunner
>         Assigned To: Rick Hillegas
>
> The test jdbc4/TestQueryObject runs without the security manager because the default
QueryObjectGenerator uses reflection.
> See  trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbc4/TestQueryObject_app.properties
> Seems like a bug, but not sure of its cause or solution: Could be one (or none) of:
> - Make changes in Derby code, e.g. add privilege blocks but don't see how this will solve
anything as it's not Derby code that's calling the reflection and I don't see any javadoc
comments in JDBC 4.0 about methods throwing SecurityExceptions.
> - document the privileges required to use the EoD features, though not sure how we would
document the ability to grant a privilege to system (JDK) code. Are these privileges documented
in the JDBC spec?
> - a bug in the Mustang beta, default query object not being treated as system code, no
priv blocks in it?
> - a limitation of the default  QueryObjectGenerator , cannot use with a security manager?
> - a Derby test problem?
> This is more of a tracking issue, with a dump of my thoughts.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message