You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by km...@apache.org on 2007/10/18 20:25:36 UTC
svn commit: r586052 -
/db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/LDAPAuthenticationSchemeImpl.java
Author: kmarsden
Date: Thu Oct 18 11:25:35 2007
New Revision: 586052
URL: http://svn.apache.org/viewvc?rev=586052&view=rev
Log:
DERBY-3126 Do not run negative scale test with jdk1.4.2
Modified:
db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/LDAPAuthenticationSchemeImpl.java
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/LDAPAuthenticationSchemeImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/LDAPAuthenticationSchemeImpl.java?rev=586052&r1=586051&r2=586052&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/LDAPAuthenticationSchemeImpl.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/LDAPAuthenticationSchemeImpl.java Thu Oct 18 11:25:35 2007
@@ -37,6 +37,11 @@
import java.util.Properties;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.sql.SQLException;
/**
@@ -170,7 +175,10 @@
// Connect & authenticate (bind) to the LDAP server now
// it is happening right here
- DirContext ctx = new InitialDirContext(env);
+
+ DirContext ctx = privInitialDirContext(env);
+
+
// if the above was successfull, then username and
// password must be correct
@@ -189,7 +197,33 @@
throw getLoginSQLException(e);
}
- /**
+
+
+ /**
+ * Call new InitialDirContext in a privilege block
+ * @param env environment used to create the initial DirContext. Null indicates an empty environment.
+ * @return an initial DirContext using the supplied environment.
+ */
+ private DirContext privInitialDirContext(final Properties env) throws NamingException {
+ try {
+ return ((InitialDirContext)AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws SecurityException, NamingException {
+ return new InitialDirContext(env);
+ }
+ }));
+ } catch (PrivilegedActionException pae) {
+ Exception e = pae.getException();
+
+ if (e instanceof NamingException)
+ throw (NamingException)e;
+ else
+ throw (SecurityException)e;
+ }
+
+ }
+
+ /**
* This method basically tests and sets default/expected JNDI properties
* for the JNDI provider scheme (here it is LDAP).
*
@@ -353,15 +387,51 @@
{
if (SanityManager.DEBUG_ON(
AuthenticationServiceBase.AuthenticationTrace)) {
- try {
- initDirContextEnv.put("com.sun.naming.ldap.trace.ber",
- new java.io.FileOutputStream("CloudLDAP.out"));
- } catch (java.io.IOException ie) {}
+
+ // This tracing needs some investigation and cleanup.
+ // 1) It creates the file in user.dir instead of derby.system.home
+ // 2) It doesn't seem to work. The file is empty after successful
+ // and unsuccessful ldap connects. Perhaps the fileOutputStream
+ // is never flushed and closed.
+ // I (Kathey Marsden) wrapped this in a priv block and kept the previous
+ // behaviour that it will not stop processing if file
+ // creation fails. Perhaps that should be investigated as well.
+ FileOutputStream fos = null;
+ try {
+ fos = privNewFileOutputStream("DerbyLDAP.out");
+ } catch (Exception e) {
+ // If file creation fails do not stop execution.
+ }
+ if (fos != null)
+ initDirContextEnv.put("com.sun.naming.ldap.trace.ber",fos);
+
+
}
}
}
/**
+ * Construct a new FileOutputStream in a privilege block.
+ *
+ * @param fileName Filename to create
+ * @return
+ * @throws IOException
+ */
+ private FileOutputStream privNewFileOutputStream(final String fileName) throws IOException{
+ try {
+ return ((FileOutputStream)AccessController.doPrivileged(
+ new PrivilegedExceptionAction() {
+ public Object run() throws SecurityException, java.io.IOException {
+ return new FileOutputStream(fileName);
+ }
+ }));
+ } catch (PrivilegedActionException pae) {
+ throw (SecurityException)pae.getException();
+ }
+ }
+
+
+ /**
* Search for the full user's DN in the LDAP server.
* LDAP server bind may or not be anonymous.
*
@@ -389,7 +459,7 @@
else
env = initDirContextEnv;
- DirContext ctx = new InitialDirContext(env);
+ DirContext ctx = privInitialDirContext(env);
// Construct Search Filter
SearchControls ctls = new SearchControls();