Thinking about it a bit more, I wonder if you missed that this is using the embedded engine, not the network server. I know that the network server installs a security manager by default, and that there is a system property that can be set to disable that behavior. But that's not applicable in our situation.
On Mon, Jun 3, 2019 at 8:52 AM Besosa, Michael <michael.bes...@pearson.com> wrote: > I don't understand what you mean when you say, "Even if you don't install > a Java security manager...you get a security manager anyway." I don't have > (haven't installed) a security manager and System.getSecurityManager() > returns null. And if I "really, really" don't want a security manager, how > can I say so, other than executing System.setSecurityManager(null)? > > On Fri, May 31, 2019 at 9:03 PM Bryan Pendleton < > bpendleton.de...@gmail.com> wrote: > >> I feel like you're probably hitting DERBY-6648: >> >> https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_DERBY-2D6648&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=Hutrm_MTSwNDtab2E2bMNCxLo0eDRIZrB1B5x2AL-1k&e= >> >> Even if you don't install a Java security manager (perhaps especially >> if that is so), you get a security manager anyway. >> >> If you really, really don't want a security manager, you can say so. >> >> Or, bite the bullet and define a security manager, and start >> assembling the precise security policy that is right for your >> particular situation, as in: >> >> https://urldefense.proofpoint.com/v2/url?u=https-3A__stackoverflow.com_a_52392015_193453&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=uackNzNN36boV8-m6DGN7VJOPwN4tnfuUwgQBgOmv0I&e= >> , >> >> https://urldefense.proofpoint.com/v2/url?u=https-3A__db.apache.org_derby_docs_10.13_security_csecembeddedperms.html&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=53JhmaGEsK92jA_W0ofwQrvGLuaZ-TLXOiDawh9P3rQ&e= >> , etc. >> >> bryan >> >> On Fri, May 31, 2019 at 11:58 AM Besosa, Michael >> <michael.bes...@pearson.com> wrote: >> > >> > We have an application that is using the Derby 10.12.1.1 embedded >> engine and Java 8. When the app executes the SELECT shown below, we see an >> exception with the message 'access denied >> org.apache.derby.security.SystemPermission( "engine", "usederbyinternals" >> ): java.security.AccessControlException'. >> > >> > This application does not install a SecurityManager. I'm at a bit of a >> loss about how to fix this. >> > >> > The query: >> > >> > SELECT >> > DeliveryEvent.AppointmentStart, >> > DeliveryEvent.Attempt, >> > DeliveryEvent.BiometricCheckTypeCode, >> > DeliveryEvent.CandidateID, >> > DeliveryEvent.DeliveryStatus, >> > DeliveryEvent.ExamLanguageID, >> > DeliveryEvent.HasNoTestListBlock, >> > DeliveryEvent.IsDisconnectedIBTDelivery, >> > DeliveryEvent.NextAppointmentID, >> > DeliveryEvent.ProcessStateCode, >> > DeliveryEvent.ProctorID, >> > DeliveryEvent.RegisteredExamVersionID, >> > DeliveryEvent.RegistrationID, >> > DeliveryEvent.SelectedFormID, >> > DeliveryEvent.SelectedExamVersionID, >> > DeliveryEvent.TerminationDate, >> > DeliveryEvent.TimeLimit, >> > DeliveryEvent.TimeLimitAdjust, >> > Clients.Client_ID AS ClientID, >> > Clients.ClientName AS ClientName, >> > ExamSeries.Code AS ExamSeriesCode, >> > ExamVersion.DriverID AS DriverID, >> > ExamLanguage.Title AS TranslatedTitle, >> > (SELECT AppUser.FirstName || ' ' || AppUser.LastName FROM >> ((((((AssetAppUser INNER JOIN AppUser ON AssetAppUser.AppUserID = >> AppUser.ID) INNER JOIN AssetUsage ON AssetAppUser.AssetID = >> AssetUsage.AssetID) INNER JOIN Asset ON AssetUsage.AssetID = Asset.ID) >> INNER JOIN AssetType ON Asset.AssetTypeID = AssetType.ID) INNER JOIN >> AssetTypeProperty ON AssetType.ID = AssetTypeProperty.AssetTypeID AND >> AssetTypeProperty.AssetTypePropertyValue = 'Examiner') INNER JOIN >> AssetTypePropertyKey ON AssetTypeProperty.AssetTypePropertyKeyID = >> AssetTypePropertyKey.AssetTypePropertyKeyID AND >> AssetTypePropertyKey.AssetTypePropertyKeyName = 'AssetSubClass') WHERE >> (AssetUsage.OrderItemID = DeliveryEvent.RegistrationID) FETCH FIRST 1 ROWS >> ONLY) AS ExaminerName, >> > (SELECT Asset.Name FROM ((((Asset INNER JOIN AssetType ON >> Asset.AssetTypeID = AssetType.ID) INNER JOIN AssetUsage ON Asset.ID = >> AssetUsage.AssetID) INNER JOIN AssetTypeProperty ON AssetType.ID = >> AssetTypeProperty.AssetTypeID AND AssetTypeProperty.AssetTypePropertyValue >> = 'Vehicle') INNER JOIN AssetTypePropertyKey ON >> AssetTypeProperty.AssetTypePropertyKeyID = >> AssetTypePropertyKey.AssetTypePropertyKeyID AND >> AssetTypePropertyKey.AssetTypePropertyKeyName = 'AssetSubClass') WHERE >> (AssetUsage.OrderItemID = DeliveryEvent.RegistrationID) AND >> (AssetType.AssetClassCode IN >> ('Facility','Workstation','CiscoRack','TaskSchedule')) FETCH FIRST 1 ROWS >> ONLY) AS VehicleName, >> > (SELECT COUNT(*) FROM (Accommodation INNER JOIN >> AccommodationStatus ON Accommodation.AccommodationStatusID = >> AccommodationStatus.AccommodationStatusID AND >> AccommodationStatus.StatusCode = 'Granted') WHERE >> (Accommodation.OrderItemID = DeliveryEvent.RegistrationID)) AS >> AccommodationCount, >> > (SELECT COUNT(*) FROM DeliveryBlockedReason WHERE >> (DeliveryBlockedReason.DeliveryEventID = DeliveryEvent.RegistrationID)) AS >> ReasonsBlockedCount, >> > (SELECT DeliveryEventNext.RegistrationID FROM DeliveryEvent AS >> DeliveryEventNext WHERE (DeliveryEvent.RegistrationID = >> DeliveryEventNext.NextAppointmentID)) AS FirstDayRegistrationID >> > FROM (((( >> > DeliveryEvent >> > INNER JOIN ExamLanguage >> > ON DeliveryEvent.ExamLanguageID = ExamLanguage.ID) >> > INNER JOIN ExamSeriesON ExamLanguage.ExamSeriesID = >> ExamSeries.ID) >> > INNER JOIN Clients >> > ON ExamSeries.Client_ID = Clients.Client_ID) >> > LEFT JOIN ExamVersion >> > ON DeliveryEvent.RegisteredExamVersionID = ExamVersion.ID) >> > WHERE >> > (DeliveryEvent.RegistrationID = 5) >> >
