You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by my...@apache.org on 2008/05/09 01:50:22 UTC
svn commit: r654656 - in
/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests:
master/xaJNDI.out tests/jdbcapi/XAJNDITest.java
tests/jdbcapi/XAJNDITest.policy tests/jdbcapi/xaJNDI.java
Author: myrnavl
Date: Thu May 8 16:50:22 2008
New Revision: 654656
URL: http://svn.apache.org/viewvc?rev=654656&view=rev
Log:
DERBY-3659 ; convert xaJNDI to junit test XAJNDITest.
Added:
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.java (with props)
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.policy (with props)
Removed:
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/xaJNDI.out
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/xaJNDI.java
Added: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.java?rev=654656&view=auto
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.java (added)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.java Thu May 8 16:50:22 2008
@@ -0,0 +1,232 @@
+package org.apache.derbyTesting.functionTests.tests.jdbcapi;
+
+import java.io.File;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.Hashtable;
+
+import javax.naming.Context;
+import javax.naming.NamingException;
+import javax.naming.directory.InitialDirContext;
+import javax.sql.XADataSource;
+
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.apache.derbyTesting.junit.BaseJDBCTestCase;
+import org.apache.derbyTesting.junit.J2EEDataSource;
+import org.apache.derbyTesting.junit.JDBC;
+import org.apache.derbyTesting.junit.JDBCDataSource;
+import org.apache.derbyTesting.junit.SecurityManagerSetup;
+import org.apache.derbyTesting.junit.SupportFilesSetup;
+import org.apache.derbyTesting.junit.TestConfiguration;
+
+public class XAJNDITest extends BaseJDBCTestCase {
+ private static String ldapServer;
+ private static String ldapPort;
+ private static String dnString;
+ private InitialDirContext ic = getInitialDirContext();
+
+
+ //to create own policy file
+ private static String POLICY_FILE_NAME =
+ "functionTests/tests/jdbcapi/XAJNDITest.policy";
+ private static String TARGET_POLICY_FILE_NAME = "derby_tests.policy";
+
+ public XAJNDITest(String name) {
+ super(name);
+ }
+
+ public static Test suite() {
+ // the test requires XADataSource to run, so check for JDBC3 support
+ if (JDBC.vmSupportsJDBC3()) {
+ ldapServer=getSystemProperty("derbyTesting.ldapServer");
+ if (ldapServer == null || ldapServer.length() < 1)
+ return new TestSuite("XAJNDITest requires property derbyTesting.ldapServer set, eg: -DderbyTesting.ldapServer=myldapserver.myorg.org");
+ ldapPort=getSystemProperty("derbyTesting.ldapPort");
+ if (ldapPort == null || ldapPort.length() < 1)
+ return new TestSuite("XAJNDITest requires property derbyTesting.ldapPort set, eg: -DderbyTesting.ldapPort=333");
+ dnString=getSystemProperty("derbyTesting.dnString");
+ if (dnString == null || dnString.length() < 1)
+ return new TestSuite("XAJNDITest requires property derbyTesting.dnString for setting o=, eg: -DderbyTesting.dnString=myJNDIstring");
+
+ Test test = decorateWithPolicy
+ (TestConfiguration.defaultSuite(XAJNDITest.class));
+ return test;
+ }
+ return new TestSuite("XAJNDITest cannot run without XA support");
+ }
+
+ // grant ALL FILES execute, and getPolicy permissions, as well
+ // as resolve/connect for the ldap server identified with the property
+ private static Test decorateWithPolicy(Test test) {
+ String ldapPolicyName = new XAJNDITest("test").makeServerPolicyName();
+ //
+ // Install a security manager using the initial policy file.
+ //
+ test = new SecurityManagerSetup(test,ldapPolicyName );
+ // Copy over the policy file we want to use.
+ //
+ test = new SupportFilesSetup(
+ test, null, new String[] {POLICY_FILE_NAME},
+ null, new String[] {TARGET_POLICY_FILE_NAME}
+ );
+ return test;
+ }
+
+
+ /**
+ * Construct the name of the server policy file.
+ */
+ private String makeServerPolicyName()
+ {
+ try {
+ String userDir = getSystemProperty( "user.dir" );
+ String fileName = userDir + File.separator + SupportFilesSetup.EXTINOUT + File.separator + TARGET_POLICY_FILE_NAME;
+ File file = new File( fileName );
+ String urlString = file.toURL().toExternalForm();
+
+ return urlString;
+ }
+ catch (Exception e)
+ {
+ System.out.println( "Unexpected exception caught by makeServerPolicyName(): " + e );
+
+ return null;
+ }
+ }
+
+ public void tearDown() throws Exception {
+ ldapServer=null;
+ ldapPort=null;
+ // need to hold on to dnString value and ic as the fixture runs
+ // twice (embedded & networkserver) and they're used inside it
+ POLICY_FILE_NAME=null;
+ TARGET_POLICY_FILE_NAME=null;
+ super.tearDown();
+ }
+
+ private InitialDirContext getInitialDirContext()
+ {
+ try {
+ Hashtable env = new Hashtable();
+ env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
+ // using a property - these will have to be passed in somehow.
+ env.put(Context.PROVIDER_URL, "ldap://" + ldapServer + ":" + ldapPort);
+ env.put(Context.SECURITY_AUTHENTICATION, "simple");
+ return new InitialDirContext(env);
+ } catch (NamingException ne) {
+ fail("naming exception ");
+ return null;
+ }
+ }
+
+ public void testCompareXADataSourcewithJNDIDataSource()
+ throws Exception
+ {
+ XADataSource xads = J2EEDataSource.getXADataSource();
+ String dbName = TestConfiguration.getCurrent().getDefaultDatabaseName();
+ JDBCDataSource.setBeanProperty(xads, "databaseName", dbName);
+ JDBCDataSource.setBeanProperty(xads, "createDatabase", "create");
+ JDBCDataSource.setBeanProperty(xads, "description", "XA DataSource");
+
+ ic.rebind("cn=compareDS, o=" + dnString, xads);
+ javax.sql.XADataSource ads =
+ (javax.sql.XADataSource)ic.lookup("cn=compareDS, o=" + dnString);
+ // At this point, the directly created xads should be matching the looked up one.
+ if (usingEmbedded())
+ {
+ assertEquals(xads, ads);
+ }
+ else
+ {
+ // DERBY-3669; with DerbyNetClient, the original and looked-up
+ // xadatasource are not the same...So, compare piece by piece:
+ // When fixed, rest of else can be replaced by uncommenting
+ // next line
+ //assertEquals(xads,ads);
+ String[] orgprops = getPropertyBeanList(xads);
+ String[] bindprops = getPropertyBeanList(ads);
+ assertEquals(orgprops.length, bindprops.length);
+ // following is actually checked in DataSourceReferenceTest
+ for (int i=0;i<orgprops.length;i++){
+ assertEquals(orgprops[i], bindprops[i]);
+ }
+ // We have the same properties, now compare the values
+ assertEqualPropValues(xads,ads, orgprops);
+ }
+
+ // modify something essential of the original XADataSource
+ JDBCDataSource.clearStringBeanProperty(xads, "createDatabase");
+
+ // Now the ads is no longer the same
+ assertFalse(xads.equals(ads));
+ }
+
+ public void assertEqualPropValues(
+ XADataSource orgds, XADataSource lookedupds, String[] props)
+ throws Exception {
+ for (int i=0;i<props.length;i++){
+ if (JDBCDataSource.getBeanProperty(orgds, props[i]) != null &&
+ JDBCDataSource.getBeanProperty(lookedupds, props[i]) != null)
+ {
+ assertEquals(
+ JDBCDataSource.getBeanProperty(orgds, props[i]),
+ JDBCDataSource.getBeanProperty(lookedupds, props[i])
+ );
+ }
+ else {
+ if (JDBCDataSource.getBeanProperty(lookedupds,props[i]) != null)
+ {
+ assertNull(JDBCDataSource.getBeanProperty(orgds,props[i]));
+ }
+ else
+ {
+ assertNull(JDBCDataSource.getBeanProperty(orgds,props[i]));
+ assertNull(JDBCDataSource.getBeanProperty(lookedupds,props[i]));
+ }
+ }
+ }
+ }
+
+ /**
+ * Obtains a list of bean properties through reflection.
+ *
+ *
+ * @param ds the data source to investigate
+ * @return A list of bean property names.
+ */
+ private static String[] getPropertyBeanList(Object ds) {
+ Method[] allMethods = ds.getClass().getMethods();
+ ArrayList properties = new ArrayList();
+
+ for (int i = 0; i < allMethods.length; i++) {
+ Method method = allMethods[i];
+ String methodName = method.getName();
+ // Need at least getXX
+ if (methodName.length() < 5 || !methodName.startsWith("get") ||
+ method.getParameterTypes().length != 0) {
+ continue;
+ }
+
+ Class rt = method.getReturnType();
+ if (rt.equals(Integer.TYPE) || rt.equals(String.class) ||
+ rt.equals(Boolean.TYPE) || rt.equals(Short.TYPE) ||
+ rt.equals(Long.TYPE)) {
+ // Valid Java Bean property.
+ // Convert name:
+ // getPassword -> password
+ // getRetrieveMessageText -> retrieveMessageText
+ String beanName = methodName.substring(3,4).toLowerCase()
+ + methodName.substring(4);
+
+ properties.add(beanName);
+ } else {
+ assertFalse("Method '" + methodName + "' with primitive " +
+ "return type not supported - update test!!",
+ rt.isPrimitive());
+ }
+ }
+ return (String[])properties.toArray(new String[properties.size()]);
+ }
+}
\ No newline at end of file
Propchange: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.policy?rev=654656&view=auto
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.policy (added)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.policy Thu May 8 16:50:22 2008
@@ -0,0 +1,363 @@
+//
+// * Derby - Class org.apache.derbyTesting.functionTests.tests.lang.SimpleTest
+// *
+// * Licensed to the Apache Software Foundation (ASF) under one
+// * or more contributor license agreements. See the NOTICE file
+// * distributed with this work for additional information
+// * regarding copyright ownership. The ASF licenses this file
+// * to you under the Apache License, Version 2.0 (the
+// * "License"); you may not use this file except in compliance
+// * with the License. You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing,
+// * software distributed under the License is distributed on an
+// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// * KIND, either express or implied. See the License for the
+// * specific language governing permissions and limitations
+// * under the License.
+// *
+
+//
+// Policy file with minimal set of permissions to run derby's
+// functional tests.
+//
+// The test harness sets up four variables used by this policy file
+//
+// derbyTesting.codejar - URL to the jar files when they are in the classpath
+// derbyTesting.codeclasses - URL to the classes directory when it is in the classpath
+//
+// Only one of derbyTesting.codejar and derbyTesting.codeclasses will be valid, the
+// other will be set to a bogus URL like file://unused
+//
+// derbyTesting.codedir - File location of either derbyTesting.codejar or derbyTesting.codeclasses.
+// Only required due to a BUG (see below for more info).
+//
+// derbyTesting.jaxpjar - URL to the jar file containing the JAXP implementation
+// for XML-based tests (ex. lang/XMLBindingTest.java).
+//
+// derbyTesting.serverhost - Host name or ip where network server is started
+// derbyTesting.clienthost - specifies the clients ip address/hostName.
+// when testing with networkserver on a remote host, this needs to be passed in
+// with the NetworkServerControl start command
+
+//
+// Permissions for the embedded engine (derby.jar)
+//
+grant codeBase "${derbyTesting.codejar}derby.jar" {
+ permission java.util.PropertyPermission "derby.*", "read";
+permission java.util.PropertyPermission "derby.storage.jvmInstanceId",
+ "write";
+ permission java.util.PropertyPermission "java.class.path", "read";//sysinfo
+
+ // unit tests (e.g. store/T_RecoverFullLog) set this property
+ // (called from derbyTesting.jar through code in derby.jar)
+ permission java.util.PropertyPermission "derbyTesting.unittest.*", "write";
+
+ permission java.lang.RuntimePermission "createClassLoader";
+ permission java.security.SecurityPermission "getPolicy";
+
+ permission java.io.FilePermission "${derby.system.home}${/}derby.properties", "read";
+ permission java.io.FilePermission "${derby.system.home}${/}derby.log", "read, write, delete";
+ // [DERBY-2000] The write permission was added to allow creation of the
+ // derby.system.home directory when running tests under a security manager.
+ permission java.io.FilePermission "${derby.system.home}", "read, write";
+
+ // all databases under derby.system.home
+ permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete";
+
+ // Import/export and other support files from these locations in tests
+ permission java.io.FilePermission "${user.dir}${/}extin${/}-", "read";
+ permission java.io.FilePermission "${user.dir}${/}extinout${/}-", "read, write, delete";
+ permission java.io.FilePermission "${user.dir}${/}extout${/}-", "read,write";
+ permission java.io.FilePermission "${user.dir}${/}extinout", "read,write";
+
+ // These permissions are needed to load the JCE for encryption with Sun and IBM JDK131.
+ // JDK14 has the JCE preloaded
+ permission java.security.SecurityPermission "insertProvider.SunJCE";
+ permission java.security.SecurityPermission "insertProvider.IBMJCE";
+
+//
+// Permissions needed for JMX based management and monitoring, which is only
+// available for JVMs supporting "platform management", that is J2SE 5.0 or better.
+//
+// Allows this code to create an MBeanServer:
+//
+ permission javax.management.MBeanServerPermission "createMBeanServer";
+//
+// Allows access to Derby's built-in MBeans, within the domain org.apache.derby.
+// Derby must be allowed to register and unregister these MBeans.
+// To fine tune this permission, see the javadoc of javax.management.MBeanPermission
+// or the JMX Instrumentation and Agent Specification.
+//
+ permission javax.management.MBeanPermission "org.apache.derby.*#[org.apache.derby:*]","registerMBean,unregisterMBean";
+//
+// Trusts Derby code to be a source of MBeans and to register these in the MBean server.
+//
+ permission javax.management.MBeanTrustPermission "register";
+
+ // Gives permission for jmx to be used against Derby but
+ // only if JMX authentication is not being used.
+ // In that case the application would need to create
+ // a whole set of fine-grained permissions to allow specific
+ // users access to MBeans and actions they perform.
+ permission org.apache.derby.security.SystemPermission "jmx", "control";
+ permission org.apache.derby.security.SystemPermission "engine", "monitor";
+ permission org.apache.derby.security.SystemPermission "server", "monitor";
+
+ // These permissions are needed when testing code instrumented with EMMA.
+ // They will only be used if the emma.active system property property is set,
+ // which should be set to "" for the permissions to be correct.
+ permission java.util.PropertyPermission "${emma.active}user.dir", "read";
+ permission java.io.FilePermission "${emma.active}${user.dir}${/}coverage.ec", "read, write";
+ permission java.lang.RuntimePermission "${emma.active}writeFileDescriptor";
+};
+
+//
+// Permissions for the network server (derbynet.jar)
+//
+grant codeBase "${derbyTesting.codejar}derbynet.jar" {
+ permission java.util.PropertyPermission "java.class.path", "read";//sysinfo
+
+ // accept is needed for the server accepting connections
+ // connect is needed for ping command (which is in the server jar)
+ permission java.net.SocketPermission "127.0.0.1", "accept,connect";
+ permission java.net.SocketPermission "localhost", "accept,connect";
+ permission java.net.SocketPermission "${derbyTesting.clienthost}", "accept,connect";
+ permission java.net.SocketPermission "${derbyTesting.serverhost}", "accept,connect";
+
+ // Needed for NetworkServerMBean access (see JMX section above)
+ permission org.apache.derby.security.SystemPermission "server", "control,monitor";
+
+};
+
+//
+// Permissions for the network client (derbyclient.jar)
+//
+grant codeBase "${derbyTesting.clientjar}derbyclient.jar" {
+ permission java.net.SocketPermission "127.0.0.1", "connect,resolve";
+ permission java.net.SocketPermission "localhost", "connect,resolve";
+ permission java.net.SocketPermission "${derbyTesting.serverhost}", "connect,resolve";
+
+ // DERBY-1883: Since some classes that are included in both derby.jar and
+ // derbyclient.jar read properties, derbyclient.jar needs permission to read
+ // derby.* properties to avoid failures when it is listed before derby.jar in
+ // the classpath.
+ permission java.util.PropertyPermission "derby.*", "read";
+
+ // DERBY-2302: derbyclient.jar needs to be able to read the user.dir property in order to
+ // do tracing in that directory. Also, it needs read/write permissions in user.dir in order
+ // to create the trace files in that directory.
+ permission java.util.PropertyPermission "user.dir", "read";
+ permission java.io.FilePermission "${user.dir}${/}-", "read, write";
+};
+
+//
+// Permissions for the tools (derbytools.jar)
+// Ideally this would be more secure, for now the
+// focus is on getting the engine & network server secure.
+//
+grant codeBase "${derbyTesting.codejar}derbytools.jar" {
+ // Access all properties using System.getProperties -
+ // ij enumerates the properties in order to open connections
+ // for any property set in ij.connection.* and set protocols
+ // for any property in ij.protocol.*
+ permission java.util.PropertyPermission "*", "read, write";
+
+ // Read all files under ${user.dir}
+ permission java.io.FilePermission "${user.dir}${/}-", "read";
+
+ // IjTestCases read, write, and delete ij's output in the extinout dir
+ permission java.io.FilePermission "${user.dir}${/}extinout${/}-", "read, write, delete";
+
+ // ij needs permission to read the sql files in this jar
+ permission java.io.FilePermission "${derbyTesting.testjarpath}", "read";
+};
+
+//
+// Permissions for the tests (derbyTesting.jar)
+// We are liberal here, it's not a goal to make the test harness
+// or tests secure.
+//
+grant codeBase "${derbyTesting.testjar}derbyTesting.jar" {
+ // Access all properties using System.getProperties
+ permission java.util.PropertyPermission "*", "read, write";
+
+ // Access all files under ${user.dir}to write the test directory structure
+ permission java.io.FilePermission "${user.dir}${/}-", "read,write,delete";
+
+ // When running with useprocess=false need to install and uninstall
+ // the security manager and allow setIO to change the system err and out
+ // streams. Currently the nist suite runs with useprocess=false.
+ permission java.lang.RuntimePermission "setSecurityManager";
+ permission java.security.SecurityPermission "getPolicy";
+ permission java.lang.RuntimePermission "setIO";
+
+ // These permissions are needed by stress.multi to dump the thread stack
+ // traces upon failure.
+ permission java.lang.RuntimePermission "getStackTrace";
+ permission java.lang.RuntimePermission "modifyThreadGroup";
+
+ // Allow MBeanTest to register the application management MBean.
+ permission javax.management.MBeanServerPermission "createMBeanServer";
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#[org.apache.derby:type=Management]","registerMBean,unregisterMBean";
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#-[-]", "instantiate";
+ permission javax.management.MBeanTrustPermission "register";
+
+ // And to find and use Derby's MBeans
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#[org.apache.derby:*]", "getAttribute,invoke";
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "getMBeanInfo";
+ permission javax.management.MBeanPermission "-#-[-]", "queryNames";
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "queryNames";
+
+ // Test code needs this as well for the platform MBeanServer
+ // tests where the testing code is in the stack frame.
+ permission org.apache.derby.security.SystemPermission "jmx", "control";
+ permission org.apache.derby.security.SystemPermission "engine", "monitor";
+ permission org.apache.derby.security.SystemPermission "server", "control,monitor";
+
+ // These permissions are needed when testing code instrumented with EMMA.
+ permission java.lang.RuntimePermission "${emma.active}writeFileDescriptor";
+
+ // resolve is needed to run ldap related tests
+ permission java.net.SocketPermission "${derbyTesting.ldapServer}", "connect, resolve";
+};
+
+//
+// super-set of the jar permissions for running out of the classes directory
+//
+grant codeBase "${derbyTesting.codeclasses}" {
+ // Access all properties using System.getProperties
+ permission java.util.PropertyPermission "*", "read, write";
+
+ permission java.util.PropertyPermission "derby.*", "read";
+ permission java.lang.RuntimePermission "createClassLoader";
+ permission java.security.SecurityPermission "getPolicy";
+
+ permission java.io.FilePermission "${derby.system.home}${/}derby.properties", "read";
+ permission java.io.FilePermission "${derby.system.home}${/}derby.log", "read, write, delete";
+ permission java.io.FilePermission "${derby.system.home}", "read";
+ permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete";
+
+ // combination of client and server side.
+ permission java.net.SocketPermission "127.0.0.1", "accept,connect,resolve";
+ permission java.net.SocketPermission "localhost", "accept,connect,resolve";
+ permission java.net.SocketPermission "${derbyTesting.clienthost}", "accept,connect";
+ permission java.net.SocketPermission "${derbyTesting.serverhost}", "connect,resolve";
+
+ // resolve is needed to run ldap related tests
+ permission java.net.SocketPermission "${derbyTesting.ldapServer}", "connect, resolve";
+
+ // Access all files under ${user.dir}to write the test directory structure
+ // Also covers extin, extout and extinout locations
+ permission java.io.FilePermission "${user.dir}${/}-", "read,write,delete";
+
+ // These permissions are needed to load the JCE for encryption with Sun and IBM JDK131.
+ // JDK14 has the JCE preloaded
+ permission java.security.SecurityPermission "insertProvider.SunJCE";
+ permission java.security.SecurityPermission "insertProvider.IBMJCE";
+
+ // When running with useprocess=false need to install and uninstall
+ // the security manager and allow setIO to change the system err and out
+ // streams. Currently the nist suite runs with useprocess=false.
+ permission java.lang.RuntimePermission "setSecurityManager";
+ permission java.lang.RuntimePermission "setIO";
+
+ // These permissions are needed by stress.multi to dump the thread stack
+ // traces upon failure.
+ permission java.lang.RuntimePermission "getStackTrace";
+ permission java.lang.RuntimePermission "modifyThreadGroup";
+
+ // Allow MBeanTest to register the application management MBean.
+ permission javax.management.MBeanServerPermission "createMBeanServer";
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#[org.apache.derby:type=Management]","registerMBean,unregisterMBean";
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#-[-]", "instantiate";
+ permission javax.management.MBeanTrustPermission "register";
+
+ // Allows access to Derby's built-in MBeans, within the domain org.apache.derby.
+ permission javax.management.MBeanPermission "org.apache.derby.*#[org.apache.derby:*]","registerMBean,unregisterMBean";
+
+
+ // And to find and use Derby's MBeans
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#[org.apache.derby:*]", "getAttribute,invoke";
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "getMBeanInfo";
+ permission javax.management.MBeanPermission "-#-[-]", "queryNames";
+ permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "queryNames";
+
+ // Test code needs this as well for the platform MBeanServer
+ // tests where the testing code is in the stack frame.
+ permission org.apache.derby.security.SystemPermission "jmx", "control";
+ permission org.apache.derby.security.SystemPermission "engine", "monitor";
+ permission org.apache.derby.security.SystemPermission "server", "control,monitor";
+};
+
+// JUnit jar file tries to read junit.properties in the user's
+// home directory and seems to require permission to read the
+// property user.home as well.
+// junit.swingui.TestRunner writes to .junitsession on exit.
+grant codeBase "${derbyTesting.junit}" {
+ permission java.util.PropertyPermission "user.home", "read";
+ permission java.io.FilePermission "${user.home}${/}junit.properties", "read";
+ permission java.io.FilePermission "${user.home}${/}.junitsession", "write";
+
+ // This permission is needed when running the tests using ant 1.7
+ permission java.io.FilePermission "${user.dir}${/}*", "write";
+
+ // These permissions are needed when testing code instrumented with EMMA.
+ permission java.util.PropertyPermission "${emma.active}user.dir", "read";
+ permission java.io.FilePermission "${emma.active}${user.dir}${/}coverage.ec", "read, write";
+ permission java.lang.RuntimePermission "${emma.active}writeFileDescriptor";
+
+ // resolve is needed to run ldap related tests
+ permission java.net.SocketPermission "${derbyTesting.ldapServer}", "connect, resolve";
+};
+
+// Due to a problem running tests/derbynet/CompatibilityTest in the old test
+// harness, permission to read junit.properties is granted to all. This can be
+// removed when CompatibilityTest is rewritten to conform to our current Junit
+// usage. See DERBY-2076.
+grant {
+ permission java.io.FilePermission "${user.home}${/}junit.properties", "read";
+};
+
+// Ant's junit runner requires setOut to redirect the System output streams
+// to the forked JVM used when running junit tests inside Ant. Ant requires
+// forking the JVM if you want to run tests in a different directory than the
+// current one.
+grant codeBase "${derbyTesting.antjunit}" {
+ permission java.lang.RuntimePermission "setIO";
+
+ // This permission is needed when running the tests using ant 1.7
+ permission java.io.FilePermission "${user.dir}${/}*", "write";
+
+ // These permissions are needed when testing code instrumented with EMMA.
+ permission java.util.PropertyPermission "${emma.active}user.dir", "read";
+ permission java.io.FilePermission "${emma.active}${user.dir}${/}coverage.ec", "read, write";
+ permission java.lang.RuntimePermission "${emma.active}writeFileDescriptor";
+};
+
+// functionTests.tests.lang.RoutineSecurityTest requires this grant
+// to check to see if permissions are granted through generated code
+// through this mechanism.
+grant {
+ permission java.util.PropertyPermission "derbyRoutineSecurityTest.yes", "read";
+};
+
+// When inserting XML values that use external DTD's, the JAXP parser
+// needs permission to read the DTD files. We assume that all DTD
+// files will be copied to extin/ by whichever tests need them. So
+// grant the JAXP parser permissions to read that directory.
+grant codeBase "${derbyTesting.jaxpjar}" {
+ permission java.io.FilePermission "${user.dir}${/}extin${/}-", "read";
+};
+
+
+// These permissions are needed when testing code instrumented with EMMA.
+// They are all related to writing coverage statistics to a file that by default
+// is named coverage.ec placed in the directory where the test is executed.
+grant codeBase "${derbyTesting.emma}" {
+ permission java.util.PropertyPermission "user.dir", "read";
+ permission java.io.FilePermission "${user.dir}${/}coverage.ec", "read, write";
+ permission java.lang.RuntimePermission "writeFileDescriptor";
+};
Propchange: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/XAJNDITest.policy
------------------------------------------------------------------------------
svn:eol-style = native