Hi Janne, On Nov 21, 2007, at 12:46 PM, Janne Jalkanen wrote:
(Digression for Janne and the dev team: any time we do things like file access, we need to bracket the code with a doPrivileged() block so that we don't have to grant file I/O privileges to the container... this is one of the big complicating factors that is preventing a full enumeration of privileges at the moment...)This sounds insane to me. It complicates everything, and what would we gain by doing it?
What we gain is the ability to run the code inside a standard Java EE container. Instead of mucking around with container permissions or application permissions, you put the required privileges associated with the jspwiki jar file.
There are just a few things that need to be wrapped in a doPrivileged block, like i/o and reflection. It's not all i/o, just stuff like file.createNewFile() and FileInputStream(file). Once you have an InputStream the rest of the code is normal.
Craig
/Janne
Craig Russell Architect, Sun Java Enterprise System http://java.sun.com/products/jdo 408 276-5638 mailto:[EMAIL PROTECTED] P.S. A good JDO? O, Gasp!
smime.p7s
Description: S/MIME cryptographic signature
