Flag to disable System property lookups by Ivy
----------------------------------------------
Key: IVY-1015
URL: https://issues.apache.org/jira/browse/IVY-1015
Project: Ivy
Issue Type: New Feature
Affects Versions: 2.0, 2.0-RC2, 2.0-RC1, 2.0.0-beta-2, 2.0.0-beta-1,
2.0.0-alpha-2, 2.0.0-alpha-1, 1.4.1, 1.4, 1.3.1, 1.3, 1.2, 1.1, 1.0
Reporter: Jeffrey Sinclair
Fix For: 2.0.x
When configuring Ivy through IvySettings, a call to System.getProperties() is
made.
System property calls are typically disabled through the security manager in
shared web containers which results in the following stack trace:
java.security.AccessControlException: access denied
(java.util.PropertyPermission * read,write)
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
java.security.AccessController.checkPermission(AccessController.java:546)
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
java.lang.System.getProperties(System.java:582)
org.apache.ivy.core.settings.IvySettings.addSystemProperties(IvySettings.java:294)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:290)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:212)
Since there is no out-of-the-box workaround, Ivy cannot be used in such an
environment.
Ivy could be made more web app friendly by providing a flag to disable System
property lookups.
It would be useful to configure this flag both through an ivy-settings xml file
as well as through programmatic API on the IvySettings class.
Any other usage of system properties outside of the IvySettings file should
also be controllable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
