You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by Rick Hillegas <Ri...@Sun.COM> on 2007/02/12 16:55:13 UTC
running junit tests with and without a security manager
I would like to test out some combinations of running the network server
with and without a security manager and with and without certain system
properties set. Ideally, it would be nice to run all of these
combinations in a single master run of all of our JUnit tests.
Unfortunately, this would involve installing and uninstalling the
security manager several times during the run of the master suite. Right
now, our JUnit tests don't seem to allow the security manager to be
uninstalled. That's my reading of the SecurityManagerSetup decorator.
The javadoc for SecurityManagerSetup.noSecurityManager() says that we're
missing some context which we would need to re-install the security
manager at decorator teardown.
I would appreciate the community's advice on the following points:
1) What is the missing context which prevents us from uninstalling and
re-installing the security manager?
2) How can I test all of the combinations I need? Should I:
2a) Put some effort into saving that missing context so that the
security manager can be bounced?
2b) Should a master run of the JUnit tests actually turn into 2 runs,
one with and one without a security manager?
2c) Other suggestions?
Thanks,
-Rick
Re: running junit tests with and without a security manager
Posted by Daniel John Debrunner <dj...@apache.org>.
Rick Hillegas wrote:
> I would like to test out some combinations of running the network server
> with and without a security manager and with and without certain system
> properties set. Ideally, it would be nice to run all of these
> combinations in a single master run of all of our JUnit tests.
>
> Unfortunately, this would involve installing and uninstalling the
> security manager several times during the run of the master suite. Right
> now, our JUnit tests don't seem to allow the security manager to be
> uninstalled. That's my reading of the SecurityManagerSetup decorator.
> The javadoc for SecurityManagerSetup.noSecurityManager() says that we're
> missing some context which we would need to re-install the security
> manager at decorator teardown.
>
> I would appreciate the community's advice on the following points:
>
> 1) What is the missing context which prevents us from uninstalling and
> re-installing the security manager?
Lack of itch to scratch more than anything. Note that issues only exists
with an external security manager, i.e. the noSecurityManager()
decorator does work and is used today in the tests.
Some issues exist but they may be edge cases:
a) may not have permission to uninstall the security manager
b) may not have permission to get the location of the old policy file
c) may not have the ability to create an instance of the old security
manager (though possibly could just use the old reference?) if not using
the standard one.
> 2) How can I test all of the combinations I need? Should I:
>
> 2a) Put some effort into saving that missing context so that the
> security manager can be bounced?
I have run the tests with an external security manager with a simpler
policy. see http://wiki.apache.org/db-derby/JunitVmIssues
I've modified noSecurityManager() before that it does not return an
empty suite if an external security manger is installed. It works with
the simpler policy file.
> 2b) Should a master run of the JUnit tests actually turn into 2 runs,
> one with and one without a security manager?
I don't believe so. Having the ability to run without the security
manager is fine, but I don't believe it should be "forced" on anyone as
a standard recommended run. I don't see how not installing a security
manager changes the code path for Derby in such a way that it would
expose bugs in Derby.
Dan.