Hi Daniel,
Feel free to file a feature-request JIRA, describing the behavior you
need. Then people will have an issue which they can vote for--and that
will help concentrate our attention.
Thanks,
-Rick
Daniel Noll wrote:
Kristian Waagan wrote:
Hi Daniel,
Have you considered using symbolic links?
(btw, something to check out here is how Java security interacts with
symlinks)
It seems to canonicalise the path excessively, so it would probably do
the right thing and make sure you have permission to both locations.
I have noticed Java even checks this even if you have a FilePermission
for all files. :rollseyes:
On UNIX this would have been a fairly sensible option... Windows does
have symlinks now, but not *every* version of the OS we support. On a
related note I have noticed Java has issues with my second hard disk
which is mounted at C:\Data, so it may not be great for symlinks either.
Regarding disallowing access for selected databases, is using the
access rights mechanisms provided by the OS/file system an option?
I do realize there are limitations and challenges with the
approach(es)...
Using the filesystem for access control works but puts the burden on
the sysadmin to get it right (and it's something which is hard to
check from Java land, "are the permissions on this entire hard disk
correct?"
Hiding the entire thing behind a REST or similar API would be another
solution to the problem, but it's a pretty steep hill. I just thought
I would throw the question out there because a simple API which takes
a path and returns a path would have been an elegant solution, even if
it were buried deep in the server code.
Daniel
