You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Martin Zaun (JIRA)" <ji...@apache.org> on 2008/05/29 09:00:45 UTC
[jira] Updated: (DERBY-3531) DatabasePermission uses a JDK 1.4
method that is not present in J2ME/CDC/Foundation.
[ https://issues.apache.org/jira/browse/DERBY-3531?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Zaun updated DERBY-3531:
-------------------------------
Attachment: DERBY-3531-0.diff
DERBY-3531-0.stat
The patch DERBY-3531-0 addresses the issue with DatabasePermission using
the JDK 1.4 method String.split(), which is not available under the JSR169.
Before committing, it would be good to have these changes tested against a
JSR169 platform to be sure they're effective and don't cause other issues.
I'm currently running derbyall and junit-all and will report back on the
results (looking good so far).
Summary of changes:
1) Added a method split(String, char) to iapi/util/StringUtil.java using
StringTokenizer for its implementation.
2) Changed security/DatabasePermission.java to use StringUtil.split()
instead of String.split().
3) Fixed and extended unitTests/junit/SystemPrivilegesPermissionTest.java:
- Reactivated the DatabasePermission API test testDatabasePermission();
this tests requires an all-files-read-permission for canonicalization
of diverse directory path names.
- Therefore, added a 2nd policy SystemPrivilegesPermissionTest1.policy,
granting the all-files-read-permission; please, note the duplication
of information between the unit tests two policy files (unfortunately,
there's no "include" mechanism for .policy files).
An alternative would have been to modify the global derby_tests.policy
for the extended FilePermission just for the purpose of this unit test.
- Changed TestSuite construction from using automated test extraction
to manually added tests and added testDatabasePermission() to run with
its own SystemPrivilegesPermissionTest1.policy.
- Added the authorization test policyTestDatabasePermissionGrants() to
the suite under condition that JVM_HAS_SUBJECT_AUTHORIZATION.
- Some cleanups in this test's .policy files, mainly moving all
permissions from a universal grant{} block to the individual codebase
sections.
- Some cleanups in this unit test's .java files.
With the above changes, we can unit-test DatabasePermission on the classes/
directory, but it won't be included in derby.jar and therefore not run on
jar files.
However, a prerequisite for DERBY-3495 (Enable System Privileges checks)
is to reactivate the use of DatabasePermission in EmbedConnection.java
anyway. This step will result in the inclusion of DatabasePermission in
derby.jar -- and with the above changes 1)-3) shouldn't disrupt the tests
on a JSR169 platform anymore.
Therefore:
4) Added the use of DatabasePermission to impl/jdbc/EmbedConnection.java:
- Added the authorization check method checkDatabaseCreatePrivileges()
(and helper stripSubSubProtocolPrefix()), left out when committing
the bulk of the System Privileges patch from DERBY-2109 due to the
String.split() problems on JSR169.
- Please, note that the invocation of checkDatabaseCreatePrivileges()
remains still commented out and has to be activated as part of
DERBY-3495.
- Note that checkDatabaseCreatePrivileges() needs to call the abstract
method InternalDriver.checkSystemPrivileges().
5) Hence, changed in jdbc/InternalDriver.java the access modifier of
the abstract method checkSystemPrivileges(String, Permission) from
package-local back to public (as it was suggested in DERBY-2109, but
didn't get committed this way).
6) Adjusted implementations in jdbc/Driver169.java and jdbc/Driver20.java
for the public access modifier of checkSystemPrivileges().
I'll add a note to DERBY-3495 about the changes 4)-6).
> DatabasePermission uses a JDK 1.4 method that is not present in J2ME/CDC/Foundation.
> ------------------------------------------------------------------------------------
>
> Key: DERBY-3531
> URL: https://issues.apache.org/jira/browse/DERBY-3531
> Project: Derby
> Issue Type: Sub-task
> Components: Security
> Reporter: Daniel John Debrunner
> Assignee: Martin Zaun
> Attachments: DERBY-3531-0.diff, DERBY-3531-0.stat
>
>
> causes abstract method errors once the class is used to check for database creation.
> From memory the method is String.split.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.