[ https://issues.apache.org/jira/browse/DERBY-7138?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17522001#comment-17522001 ]
Richard N. Hillegas commented on DERBY-7138: -------------------------------------------- Attaching derby-7138-05-aa-removeSecurityManager.diff. This patch makes the following changes: 1) Make the network server no longer install a SecurityManager. 2) Adjust the JUnit tests so that they no longer install a SecurityManager. 3) Remove a couple, straggling permissions tests not included in the previous derby-7138-03-aa-removePermissionsTests.diff checkin. With this patch, tests passed cleanly with both the classpath and modulepath. Touches the following files: {noformat} M java/org.apache.derby.server/org/apache/derby/drda/NetworkServerControl.java Changes necessary for (1). M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/compatibility/_Suite.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/GetCurrentPropertiesTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlApiTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlClientCommandTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/ProtocolTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/RuntimeInfoTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/SSLTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/ServerPropertiesTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/SysinfoTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbc4/Driver40UnbootedTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/AutoloadTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/InvalidLDAPServerAuthenticationTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/LDAPAuthenticationTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/XATest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/AggregateClassLoadingTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/DBInJarTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/DatabaseClassLoadingTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/Derby5652.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/HalfCreatedDatabaseTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneBackupTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneCoarseAuthorizationTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneCollationTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneInMemoryTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneJarLoadingTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/LuceneSupportTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/NewOptimizerOverridesTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/RawDBReaderTest.java D java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/RoutineSecurityTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/SysDiagVTIMappingTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/TriggerGeneralTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/VetJigsawTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/XMLXXETest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/_Suite.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/management/CacheManagerMBeanTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/management/MBeanTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/Derby5937SlaveShutdownTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_CleanUp.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Distributed.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Full.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_1.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_1Indexing.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_3_p1.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_3_p2.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_3_p3.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_3_p4.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_3_p5.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_3_p6.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_Derby4910.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_Encrypted_1.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_StateTest_part1.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_StateTest_part1_1.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_StateTest_part1_2.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_StateTest_part1_3.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_StateTest_part2.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/ReplicationRun_Local_showStateChange.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/SimplePerfTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/SimplePerfTest_Verify.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/store/BootLockTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/store/ClassLoaderBootTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/store/Derby3980DeadlockTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/store/Derby5582AutomaticIndexStatisticsTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/tools/IjConnNameTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/tools/SysinfoLocaleTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/tools/Test_6661.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/tools/derbyrunjartest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeRun.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTrajectoryTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/junit/BaseTestCase.java M java/org.apache.derby.tests/org/apache/derbyTesting/junit/BaseTestSetup.java M java/org.apache.derby.tests/org/apache/derbyTesting/junit/TestConfiguration.java Changes necessary for (2). M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbc4/AbortTest.java M java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/XplainStatisticsTest.java Changes necessary for (3). {noformat > Remove references to the Java Security Manager > ---------------------------------------------- > > Key: DERBY-7138 > URL: https://issues.apache.org/jira/browse/DERBY-7138 > Project: Derby > Issue Type: Task > Components: Build tools, Documentation > Affects Versions: 10.16.0.0 > Reporter: Richard N. Hillegas > Assignee: Richard N. Hillegas > Priority: Major > Attachments: DerbyServerTest.java, Z.java, > derby-7138-01-aa-removeSecurityManagerFromOldHarnessTests.diff, > derby-7138-02-ab-moveMethodsToTestConfiguration.diff, > derby-7138-03-aa-removePermissionsTests.diff, > derby-7138-04-ab-hostChangeInNetworkServerControlApiTest.diff, > derby-7138-05-aa-removeSecurityManager.diff > > > The Open JDK team has deprecated the Java Security Manager and indicated that > it will be removed in a future release of Java. See > https://openjdk.java.net/jeps/411. In an email thread titled "protecting > security-sensitive operations on multi-tenant servers" on the > security-...@openjdk.java.net mailing list, Alan Bateman indicated that > developers should containerize their applications instead. > This issue tracks work needed to remove Derby's references to the Java > Security Manager. > At a minimum, the following work needs to be done: > o The tests should be adjusted so that they don't install a SecurityManager. > o References to the SecurityManager should be removed from product code. > o We should remove the SecurityManager section of the Derby Security Guide. > In its place, we should recommend that developers containerize their Derby > applications. -- This message was sent by Atlassian Jira (v8.20.1#820001)