jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig L Russell <Craig.Russ...@Sun.COM>
Subject Re: auth problems with Oracle AS
Date Wed, 21 Nov 2007 21:03:55 GMT
Hi Janne,

On Nov 21, 2007, at 12:46 PM, Janne Jalkanen wrote:

>> (Digression for Janne and the dev team: any time we do things like  
>> file access, we need to bracket the code with a doPrivileged()  
>> block so that we don't have to grant file I/O privileges to the  
>> container... this is one of the big complicating factors that is  
>> preventing a full enumeration of privileges at the moment...)
> This sounds insane to me.  It complicates everything, and what  
> would we gain by doing it?

What we gain is the ability to run the code inside a standard Java EE  
container. Instead of mucking around with container permissions or  
application permissions, you put the required privileges associated  
with the jspwiki jar file.

There are just a few things that need to be wrapped in a doPrivileged  
block, like i/o and reflection. It's not all i/o, just stuff like  
file.createNewFile() and FileInputStream(file). Once you have an  
InputStream the rest of the code is normal.

> /Janne

Craig Russell
Architect, Sun Java Enterprise System http://java.sun.com/products/jdo
408 276-5638 mailto:Craig.Russell@sun.com
P.S. A good JDO? O, Gasp!

View raw message