Return-Path: Delivered-To: apmail-db-derby-user-archive@www.apache.org Received: (qmail 97318 invoked from network); 27 Feb 2008 23:06:18 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 27 Feb 2008 23:06:18 -0000 Received: (qmail 29245 invoked by uid 500); 27 Feb 2008 23:06:12 -0000 Delivered-To: apmail-db-derby-user-archive@db.apache.org Received: (qmail 29227 invoked by uid 500); 27 Feb 2008 23:06:12 -0000 Mailing-List: contact derby-user-help@db.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Reply-To: "Derby Discussion" Delivered-To: mailing list derby-user@db.apache.org Received: (qmail 29216 invoked by uid 99); 27 Feb 2008 23:06:12 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Feb 2008 15:06:12 -0800 X-ASF-Spam-Status: No, hits=3.7 required=10.0 tests=DNS_FROM_OPENWHOIS,FORGED_HOTMAIL_RCVD2,SPF_HELO_PASS,SPF_PASS,WHOIS_MYPRIVREG X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates 216.139.236.158 as permitted sender) Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Feb 2008 23:05:26 +0000 Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1JUVLO-00070m-ER for derby-user@db.apache.org; Wed, 27 Feb 2008 15:05:46 -0800 Message-ID: <15725696.post@talk.nabble.com> Date: Wed, 27 Feb 2008 15:05:46 -0800 (PST) From: bradm6406 To: derby-user@db.apache.org Subject: Signed jar file loaded in DB MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: bradm6406@hotmail.com X-Virus-Checked: Checked by ClamAV on apache.org Hi, I am having problems running code from within a signed jar file if the jar file has been loaded into the database using sqlj.install_jar. I have signed my jar file and if I add the jar file to my Java ClassPath then the policy file below works just fine and I can run the code in my jar file. If I remove the jar file from my Java ClassPath and install the jar into the database using sqlj.install_jar('my.jar', 'APP.myClass') and SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY('derby.database.classpath', 'APP.myClass') then I get the error "The exception 'java.security.AccessControlException: access denied (java.util.PropertyPermission derby.system.home read)' was thrown while evaluating an expression." when trying to read the derby.system.home property in code inside my jar file. I am using the default security manager (java.security.manager=""). Here are the relevant pieces of my policy file. ------------------------------------------------------------ keystore "my.keystore"; grant signedBy "myalias" { permission java.io.FilePermission "${derby.system.home}${/}-", "read,write,delete"; permission java.util.PropertyPermission "derby.*", "read"; permission java.lang.RuntimePermission "loadLibrary.*"; permission java.util.PropertyPermission "user.dir", "read"; }; ------------------------------------------------------------ I tried setting the keystore value to "${derby.system.home}${/}my.keystore"; in case the problem was that Derby was unable to find my.keystore without having the full path to it, but that didn't work. I am using Derby 10.3.2.1 on a Windows XP Pro machine. Any suggestions? Thanks, Brad -- View this message in context: http://www.nabble.com/Signed-jar-file-loaded-in-DB-tp15725696p15725696.html Sent from the Apache Derby Users mailing list archive at Nabble.com.