Kevin-
I don't think we've done extensive stand-alone testing with security
enabled, but we have people using OpenJPA in so many different exotic
containers with their attendant security settings, that I'd be a
little surprised if there were essential doPriv checks that were
missing.
The fact that it is an intermittent NPE from
"java.io.Win32CanonicalPathComponentRetriever" gives me a little
pause. Which JVM did you test on?
Also, it'd be nice to figure out what that file name being passed to
File.exists() is. A println on the file name in
URLMetaDataIterator.getFile() might show that it is a string with
such crazy characters that it triggers some other bug with Windows
file handing.
On Mar 13, 2007, at 5:55 AM, Kevin Sutter wrote:
Just curious,
Has there been any testing with Java 2 Security enabled and
OpenJPA? I'm
hitting a semi-intermittent problem (it doesn't seem to show up on all
machines) which results in an NPE coming out of the
javax.persistence.Persistence.createEntityManager method. I know
we have no
control over this specific piece of code, but I'm wondering whether
we need
some doPriv blocks elsewhere in the code path. I reviewed the JIRA
Issues
and didn't see anything related to this. Before I go further, I
thought I
would check to see if there's been any other experiences with Java 2
Security. Thanks.
Kevin
P.S. Here's the call stack if you are interested...
Caused by: java.lang.NullPointerException
at java.io.Win32CanonicalPathComponentRetriever.nextComponent(
Win32CanonicalPath.java:318)
at java.io.Win32CanonicalPath.equals(Win32CanonicalPath.java:117)
at java.io.FilePermission.impliesIgnoreMask(FilePermission.java:
373)
at java.io.FilePermissionCollection.implies(FilePermission.java:
763)
at
org.eclipse.osgi.framework.internal.core.ConditionalPermissionSet.impl
ies(
ConditionalPermissionSet.java:224)
at
org.eclipse.osgi.framework.internal.core.BundleCombinedPermissions.imp
lies(
BundleCombinedPermissions.java:124)
at java.security.ProtectionDomain.implies(ProtectionDomain.java:
225)
at java.security.AccessController.checkPermission
(AccessController.java
:94)
at java.lang.SecurityManager.checkPermission
(SecurityManager.java:547)
at com.ibm.ws.security.core.SecurityManager.checkPermission(
SecurityManager.java:189)
at java.lang.SecurityManager.checkRead(SecurityManager.java:886)
at java.io.File.exists(File.java:726)
at org.apache.openjpa.lib.meta.URLMetaDataIterator.getFile(
URLMetaDataIterator.java:68)
at org.apache.openjpa.lib.meta.XMLMetaDataParser.parse(
XMLMetaDataParser.java:311)
at org.apache.openjpa.lib.meta.XMLMetaDataParser.parse(
XMLMetaDataParser.java:289)
at org.apache.openjpa.lib.meta.XMLMetaDataParser.parse(
XMLMetaDataParser.java:263)
at
org.apache.openjpa.persistence.PersistenceProductDerivation
$ConfigurationParser.parse
(PersistenceProductDerivation.java:419)
at
org.apache.openjpa.persistence.PersistenceProductDerivation.parseResou
rces(
PersistenceProductDerivation.java:287)
at
org.apache.openjpa.persistence.PersistenceProductDerivation.load(
PersistenceProductDerivation.java:254)
at
org.apache.openjpa.persistence.PersistenceProductDerivation.load(
PersistenceProductDerivation.java:152)
at
org.apache.openjpa.persistence.PersistenceProviderImpl.createEntityMan
agerFactory
(PersistenceProviderImpl.java:66)
at
org.apache.openjpa.persistence.PersistenceProviderImpl.createEntityMan
agerFactory
(PersistenceProviderImpl.java:78)
at javax.persistence.Persistence.createEntityManagerFactory(
Persistence.java:83)
at javax.persistence.Persistence.createEntityManagerFactory(
Persistence.java:60)
