openjpa-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Albert Lee (JIRA)" <>
Subject [jira] Commented: (OPENJPA-244) Java 2 Security enablement
Date Tue, 05 Jun 2007 17:09:27 GMT


Albert Lee commented on OPENJPA-244:

I noticed that there are many openjpa classes have a static final caching the line.separator
(or something similiar) from the system properties. This kind of general resource that required
doPriv can be customized in the helper without any security exposure and still make the code

private static final String SEP = J2DoPrivHelper.getLineSeparator();

public static final String J2DoPrivHelper.getLineSeparator()
        if (System.getSecurityManager() != null)
            return (Properties) AccessController
                    .doPrivileged(new PrivilegedAction()
                        public Object run ()
                            return System.getProperty("line.separator");
        } else
            return System.getProperty("line.separator");

These type of functions can also be cached in the helper for performance too.

Albert Lee.

> Java 2 Security enablement
> --------------------------
>                 Key: OPENJPA-244
>                 URL:
>             Project: OpenJPA
>          Issue Type: Bug
>    Affects Versions: 0.9.8
>            Reporter: Kevin Sutter
>         Attachments:
> Via some testing with the WebSphere Application Server, it's been discovered that we're
missing some doPriv blocks through out the OpenJPA code base.  This JIRA report will be used
to resolve these issues.  More specific examples will be posted later.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message