Hi everybody,
I have a db stored procedure that should send an e-mail on certain
events. This procedure should open a socket to an SMTP server.
But, when Derby runs under security manager (using Derby 10.5.1.1), the
default security policy does not allow that.
The obvious solution is to write a custom policy file having a rule like:
> grant codebase "file:///path/to/db/jar/APP/MailHelper.jar" {
> permission java.net.SocketPermission "*:25", "connect"
> }
/But/, db stored JAR a copied to the db/jar/APP folder with trailing
"magic number" (?) like: "MailHelper.jar.G1230379179336".
So here are my questions:
1) Should I use the full JAR name 'MailHelper.jar.G1230379179336' as
codebase in my "grant" rule?
2) Under which circumstances the trailing "G1230379179336" will change?
3) Is setting a security policy on per stored-db JAR basis a supported
feature or not?
Considering the later, all the docs I found on the internet regarding
this subject where a little bit "fuzzy" or out-dated. As an example,
http://db.apache.org/derby/binaries/jta-WE15.pdf expressively states
that "SQL Functions and Procedures must [...] have permission for action
granted to their code base - *Currently not possible for jar files
stored in db*". In the other hand the doc is 3 years old...
Thanks in advance for your time,
Sylvain Leroux
--
Website: http://www.chicoree.fr
