JDBC 4 EoD with default QueryObjectGenerator fails with SecurityManager
------------------------------------------------------------------------
Key: DERBY-1540
URL: http://issues.apache.org/jira/browse/DERBY-1540
Project: Derby
Issue Type: Bug
Components: JDBC
Affects Versions: 10.2.0.0
Reporter: Daniel John Debrunner
The test jdbc4/TestQueryObject runs without the security manager because the
default QueryObjectGenerator uses reflection.
See
trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbc4/TestQueryObject_app.properties
Seems like a bug, but not sure of its cause or solution: Could be one (or none)
of:
- Make changes in Derby code, e.g. add privilege blocks but don't see how this
will solve anything as it's not Derby code that's calling the reflection and I
don't see any javadoc comments in JDBC 4.0 about methods throwing
SecurityExceptions.
- document the privileges required to use the EoD features, though not sure how
we would document the ability to grant a privilege to system (JDK) code. Are
these privileges documented in the JDBC spec?
- a bug in the Mustang beta, default query object not being treated as system
code, no priv blocks in it?
- a limitation of the default QueryObjectGenerator , cannot use with a
security manager?
- a Derby test problem?
This is more of a tracking issue, with a dump of my thoughts.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
