You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ant.apache.org by "Jeffrey Sinclair (JIRA)" <ji...@apache.org> on 2009/01/24 23:11:59 UTC
[jira] Created: (IVY-1015) Flag to disable System property lookups
by Ivy
Flag to disable System property lookups by Ivy
----------------------------------------------
Key: IVY-1015
URL: https://issues.apache.org/jira/browse/IVY-1015
Project: Ivy
Issue Type: New Feature
Affects Versions: 2.0, 2.0-RC2, 2.0-RC1, 2.0.0-beta-2, 2.0.0-beta-1, 2.0.0-alpha-2, 2.0.0-alpha-1, 1.4.1, 1.4, 1.3.1, 1.3, 1.2, 1.1, 1.0
Reporter: Jeffrey Sinclair
Fix For: 2.0.x
When configuring Ivy through IvySettings, a call to System.getProperties() is made.
System property calls are typically disabled through the security manager in shared web containers which results in the following stack trace:
java.security.AccessControlException: access denied
(java.util.PropertyPermission * read,write)
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
java.security.AccessController.checkPermission(AccessController.java:546)
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
java.lang.System.getProperties(System.java:582)
org.apache.ivy.core.settings.IvySettings.addSystemProperties(IvySettings.java:294)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:290)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:212)
Since there is no out-of-the-box workaround, Ivy cannot be used in such an environment.
Ivy could be made more web app friendly by providing a flag to disable System property lookups.
It would be useful to configure this flag both through an ivy-settings xml file as well as through programmatic API on the IvySettings class.
Any other usage of system properties outside of the IvySettings file should also be controllable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (IVY-1015) Flag to disable System property lookups
by Ivy
Posted by "Jeffrey Sinclair (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/IVY-1015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jeffrey Sinclair updated IVY-1015:
----------------------------------
Description:
When configuring Ivy through IvySettings, a call to System.getProperties() is made.
System property calls are typically disabled through the security manager in shared web containers which results in the following stack trace:
java.security.AccessControlException: access denied
(java.util.PropertyPermission * read,write)
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
java.security.AccessController.checkPermission(AccessController.java:546)
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
java.lang.System.getProperties(System.java:582)
org.apache.ivy.core.settings.IvySettings.addSystemProperties(IvySettings.java:294)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:290)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:212)
Since there is no out-of-the-box workaround, Ivy cannot be used in such an environment.
Ivy could be made more web app friendly by providing a flag to disable System property lookups.
It would be useful to configure this flag through API on the IvySettings class.
Any other usage of system properties outside of the IvySettings file should also be controllable.
was:
When configuring Ivy through IvySettings, a call to System.getProperties() is made.
System property calls are typically disabled through the security manager in shared web containers which results in the following stack trace:
java.security.AccessControlException: access denied
(java.util.PropertyPermission * read,write)
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
java.security.AccessController.checkPermission(AccessController.java:546)
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
java.lang.System.getProperties(System.java:582)
org.apache.ivy.core.settings.IvySettings.addSystemProperties(IvySettings.java:294)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:290)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:212)
Since there is no out-of-the-box workaround, Ivy cannot be used in such an environment.
Ivy could be made more web app friendly by providing a flag to disable System property lookups.
It would be useful to configure this flag both through an ivy-settings xml file as well as through programmatic API on the IvySettings class.
Any other usage of system properties outside of the IvySettings file should also be controllable.
> Flag to disable System property lookups by Ivy
> ----------------------------------------------
>
> Key: IVY-1015
> URL: https://issues.apache.org/jira/browse/IVY-1015
> Project: Ivy
> Issue Type: New Feature
> Affects Versions: 1.0, 1.1, 1.2, 1.3, 1.3.1, 1.4, 1.4.1, 2.0.0-alpha-1, 2.0.0-alpha-2, 2.0.0-beta-1, 2.0.0-beta-2, 2.0-RC1, 2.0-RC2, 2.0
> Reporter: Jeffrey Sinclair
> Fix For: 2.0.x
>
>
> When configuring Ivy through IvySettings, a call to System.getProperties() is made.
> System property calls are typically disabled through the security manager in shared web containers which results in the following stack trace:
> java.security.AccessControlException: access denied
> (java.util.PropertyPermission * read,write)
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
> java.security.AccessController.checkPermission(AccessController.java:546)
> java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
> java.lang.System.getProperties(System.java:582)
> org.apache.ivy.core.settings.IvySettings.addSystemProperties(IvySettings.java:294)
> org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:290)
> org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:212)
> Since there is no out-of-the-box workaround, Ivy cannot be used in such an environment.
> Ivy could be made more web app friendly by providing a flag to disable System property lookups.
> It would be useful to configure this flag through API on the IvySettings class.
> Any other usage of system properties outside of the IvySettings file should also be controllable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (IVY-1015) Flag to disable System property lookups
by Ivy
Posted by "Maarten Coene (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/IVY-1015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Maarten Coene updated IVY-1015:
-------------------------------
Fix Version/s: (was: trunk)
2.0.1
> Flag to disable System property lookups by Ivy
> ----------------------------------------------
>
> Key: IVY-1015
> URL: https://issues.apache.org/jira/browse/IVY-1015
> Project: Ivy
> Issue Type: New Feature
> Affects Versions: 1.0, 1.1, 1.2, 1.3, 1.3.1, 1.4, 1.4.1, 2.0.0-alpha-1, 2.0.0-alpha-2, 2.0.0-beta-1, 2.0.0-beta-2, 2.0-RC1, 2.0-RC2, 2.0
> Reporter: Jeffrey Sinclair
> Assignee: Xavier Hanin
> Fix For: 2.0.1
>
>
> When configuring Ivy through IvySettings, a call to System.getProperties() is made.
> System property calls are typically disabled through the security manager in shared web containers which results in the following stack trace:
> java.security.AccessControlException: access denied
> (java.util.PropertyPermission * read,write)
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
> java.security.AccessController.checkPermission(AccessController.java:546)
> java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
> java.lang.System.getProperties(System.java:582)
> org.apache.ivy.core.settings.IvySettings.addSystemProperties(IvySettings.java:294)
> org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:290)
> org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:212)
> Since there is no out-of-the-box workaround, Ivy cannot be used in such an environment.
> Ivy could be made more web app friendly by providing a flag to disable System property lookups.
> It would be useful to configure this flag through API on the IvySettings class.
> Any other usage of system properties outside of the IvySettings file should also be controllable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (IVY-1015) Flag to disable System property lookups
by Ivy
Posted by "Xavier Hanin (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/IVY-1015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Xavier Hanin resolved IVY-1015.
-------------------------------
Resolution: Fixed
Fix Version/s: (was: 2.0.x)
trunk
Assignee: Xavier Hanin
I've solved the problem without introducing a flag, by simply catching the exception and outputting a verbose message when you don't have access to all system properties. Please reopen if you think a flag would really be a better solution.
> Flag to disable System property lookups by Ivy
> ----------------------------------------------
>
> Key: IVY-1015
> URL: https://issues.apache.org/jira/browse/IVY-1015
> Project: Ivy
> Issue Type: New Feature
> Affects Versions: 1.0, 1.1, 1.2, 1.3, 1.3.1, 1.4, 1.4.1, 2.0.0-alpha-1, 2.0.0-alpha-2, 2.0.0-beta-1, 2.0.0-beta-2, 2.0-RC1, 2.0-RC2, 2.0
> Reporter: Jeffrey Sinclair
> Assignee: Xavier Hanin
> Fix For: trunk
>
>
> When configuring Ivy through IvySettings, a call to System.getProperties() is made.
> System property calls are typically disabled through the security manager in shared web containers which results in the following stack trace:
> java.security.AccessControlException: access denied
> (java.util.PropertyPermission * read,write)
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
> java.security.AccessController.checkPermission(AccessController.java:546)
> java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
> java.lang.System.getProperties(System.java:582)
> org.apache.ivy.core.settings.IvySettings.addSystemProperties(IvySettings.java:294)
> org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:290)
> org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:212)
> Since there is no out-of-the-box workaround, Ivy cannot be used in such an environment.
> Ivy could be made more web app friendly by providing a flag to disable System property lookups.
> It would be useful to configure this flag through API on the IvySettings class.
> Any other usage of system properties outside of the IvySettings file should also be controllable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.