[jira] Closed: (TUSCANY-2109) Conflicts between component reference interface and promoted composite reference interface are not detected
[ https://issues.apache.org/jira/browse/TUSCANY-2109?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker closed TUSCANY-2109. --- Resolution: Fixed Patch applied, immediate issue fixed. Any new findings or requests should require a new JIRA. http://www.mail-archive.com/tuscany-dev@ws.apache.org/msg30266.html Conflicts between component reference interface and promoted composite reference interface are not detected Key: TUSCANY-2109 URL: https://issues.apache.org/jira/browse/TUSCANY-2109 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: All Reporter: Simon Nash Assignee: Simon Laws Fix For: Java-SCA-Next Attachments: jira2109.patch, jira2109.zip See TUSCANY-2033 for the background to this problem. When a component reference defined with interface.java (either explicitly or implicitly by introspection) is promoted to a composite reference defined with interface.wsdl, and there is a namespace conflict between the component reference's interface.java and the composite reference's interface.wsdl. this conflict should be diagnosed as an error because it violates the spec rule that an interface specified on a composite reference must be a compatible superset of the interface of the promoted component reference. In this case, the composite interface is incompatible with the component reference because it has a different namespace. There is code in CompositeWireBuilderImpl.connectCompositeReferences() to handle connections between composite references and promoted compoennt references. The only interface processing performed in this method is to copy the component reference's interface contract to the composite reference's interface contract if the composite reference does not have an interface contract. Code should be added here to check for conflicts between the composite reference's interface and the component reference's interface if both interfaces are specified. Similar code should be added to CompositeWireBuilderImpl.connectCompositeServices() to check that the composite service interface is a compatible subset of the component service interface as required by the spec. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Branching for Release 1.3 was: Re: Release 1.3?
Simon Laws wrote: I'm just trying to finish up the changes required to unhook the old domain modules from the runtime, tests and samples. Then I'm pretty much done with things I want to do before cutting the R1.3 branch. I'm planning on doing this first thing tomorrow morning UK time. Can you let me know if there are changes you are working on that you want to finish before I cut the branch. Simon, I do not have a patch for the 1.3 branch, but I did run the Java 2 security tests on an update from this morning (revision 667520). All vtests run normally (with the usual skipped tests) The first 50 itests run, and then I get a java OutOfMemoryError: testStatefulStatelessConversationCallingEndedConversation(conversation.ConversationTestCase) Time elapsed: 19.063 sec ERROR! java.lang.OutOfMemoryError: Java heap space Unfortunately, I am running with set MAVEN_OPTS=-Xms1024m -Xmx1400m which is the largest memory setting I can use on my Windows XP system. So no security failures so far. I will try to knock this test out of the bucket, and I will report any security failures here. -- Thanks, Dan Becker
Re: Good practice for disabling/ignoring failing test cases
On Wed, Jun 11, 2008 at 11:02 PM, Raymond Feng [EMAIL PROTECTED] wrote: I see Vamsi uses the following strategy to disable failing unit test cases. @Test @Ignore(TUSCANY-) // Ignore the test case due to JIRA TUSCANY- public void testMySrtuff() { } +1 Very good practice. It documents the issue, it centralizes accountability, it is easy to scan for issues, ... -- Thanks, Dan Becker
Re: SVN build process.
Giorgio Zoppi wrote: i've a proposal for current svn. We could make most of our effort to make the svn compile. I suggest to trying a fresh build before committing meaniful things and after committing. It's matter of 20 minutes but it saves us more times. If doens't compile, you might fix or disable what it doens't compile. For example yesterday the corba tests module didn't work from a fresh build. Hi all, Just to be clear, can we have consensus on what is meant by fresh build? svn update mvn clean install test from java/sca level? other? -- Thanks, Dan Becker
Re: OSGi presentation
ant elder wrote: Timely post of a presentation on server side OSGi: http://www.infoq.com/presentations/colyer-server-side-osgi That was a good presentation. Content excellent. Delivery method, very good. My only nitpick was the lack of a topic/table of contents to jump around the video. -- Thanks, Dan Becker
[jira] Commented: (TUSCANY-2289) Java runtime should not inject property into an unannotated non-public field by protected setter
[ https://issues.apache.org/jira/browse/TUSCANY-2289?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12604607#action_12604607 ] Dan Becker commented on TUSCANY-2289: - The way I read these rules are: Proposition A: Properties may also be injected via public setter methods (The extra information clause even when the @Property annotation is not present is not needed, it is just amplifying that present or not present @Property annotation is OK.) Proposition B: The @Property annotation must be used in order to inject a property onto a non-public field. The rules use the word injection for both @Property annotation and public setter methods, so: Gilbert, there can be injection with a protected setter, if you use the @Property annotation. Vamsi, you are correct, you can use a protected setter, if you use the @Property annotation. The rules seem a little ambiguous because they don't distinguish the @Property annotation on the method versus on the instance variable. Given properties are injected into unannotated protected fields too , it sounds to me that this could be legal if you have had @Property(name=currency, required=true) protected void setCurrency( String theCurrency ); and protected String currency; An example on line 1376 shows how you can have an unannotated field and an annotated setter. Java runtime should not inject property into an unannotated non-public field by protected setter Key: TUSCANY-2289 URL: https://issues.apache.org/jira/browse/TUSCANY-2289 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-Next Reporter: Gilbert Kwan Assignee: Simon Laws Fix For: Java-SCA-Next Java Common Annotations and APIs v1.0 - Sec 1.8.13: 1349 Properties may also be injected via public setter methods even when the @Property annotation is not 1350 present. However, the @Property annotation must be used in order to inject a property onto a non-public 1351 field. In the case where there is no @Property annotation, the name of the property is the same as the 1352 name of the field or setter. Currently the properties are injected into unannotated protected fields too. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Running vtests with security on
ant elder wrote: In preparation for the 1.3 branch I've just had a try building trunk with security on and get a few failures: [INFO] Error for project: Apache Tuscany SCA Databinding Integration Tests - JAXB Bottom Up (during test) [INFO] [INFO] There are test failures. Please refer to C:\Tuscany\SVN\trunk\itest\databindings\jaxb-bottom-up\target\surefire-reports for the individual test results. Hi Ant, I am seeing these errors when running with security OFF as well (after having done an svn update). I am going to do a clean build and try again. -- Thanks, Dan Becker
[jira] Closed: (TUSCANY-2331) Got expection where the wsdl defines an operation without input
[ https://issues.apache.org/jira/browse/TUSCANY-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker closed TUSCANY-2331. --- Resolution: Invalid Got expection where the wsdl defines an operation without input --- Key: TUSCANY-2331 URL: https://issues.apache.org/jira/browse/TUSCANY-2331 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-Next Reporter: Gilbert Kwan Attachments: BService.wsdl, BServiceDan.wsdl Got following exception in running where the wsdl defines an operation without input parameter. java.lang.IllegalArgumentException: Pass-by-value is not supported for the given object at org.apache.tuscany.sca.databinding.javabeans.JavaBeansDataBinding.copy(JavaBeansDataBinding.java:102) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.copy(DefaultDataBindingExtensionPoint.java:171) at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.copy(PassByValueInterceptor.java:235) at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.copyFault(PassByValueInterceptor.java:130) at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.invoke(PassByValueInterceptor.java:115) at org.apache.tuscany.sca.binding.sca.impl.SCABindingInvoker.invoke(SCABindingInvoker.java:61) at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.invoke(PassByValueInterceptor.java:108) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:286) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:154) at $Proxy7.getB1Name(Unknown Source) at org.apache.tuscany.sca.vtest.wsbinding.nowsdl.NoWsdlTestCase.testNoWsdl(NoWsdlTestCase.java:62) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:618) at org.junit.internal.runners.TestMethodRunner.executeMethodBody(TestMethodRunner.java:99) at org.junit.internal.runners.TestMethodRunner.runUnprotected(TestMethodRunner.java:81) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:34) at org.junit.internal.runners.TestMethodRunner.runMethod(TestMethodRunner.java:75) at org.junit.internal.runners.TestMethodRunner.run(TestMethodRunner.java:45) at org.junit.internal.runners.TestClassMethodsRunner.invokeTestMethod(TestClassMethodsRunner.java:75) at org.junit.internal.runners.TestClassMethodsRunner.run(TestClassMethodsRunner.java:36) at org.junit.internal.runners.TestClassRunner$1.runUnprotected(TestClassRunner.java:42) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:34) at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196) Caused by: java.io.NotSerializableException: org.apache.axiom.om.impl.llom.OMElementImpl at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1113) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1467) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1439) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1382) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1467) at java.io.ObjectOutputStream.defaultWriteObject(ObjectOutputStream.java:414) at java.lang.Throwable.writeObject(Throwable.java:320) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79) at sun.reflect.DelegatingMethodAccessorImpl.invoke
[jira] Updated: (TUSCANY-2331) Got expection where the wsdl defines an operation without input
[ https://issues.apache.org/jira/browse/TUSCANY-2331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2331: Attachment: BServiceDan.wsdl I am no WSDL expert, but it seems to be a not valid WSDL file to me. It seems that the number of operations in the SOAP binding are not the same as the number of operations in the port type. I regenerated the WSDL SOAP bindings from Eclipse and came up with a different WSDL that seems to work. See the second attachment, BServiceDan.wsdl. If you disagree with this assessment, please reopen the the JIRA, and provide the test case and how you generated your WSDL. Thanks, Dan Got expection where the wsdl defines an operation without input --- Key: TUSCANY-2331 URL: https://issues.apache.org/jira/browse/TUSCANY-2331 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-Next Reporter: Gilbert Kwan Attachments: BService.wsdl, BServiceDan.wsdl Got following exception in running where the wsdl defines an operation without input parameter. java.lang.IllegalArgumentException: Pass-by-value is not supported for the given object at org.apache.tuscany.sca.databinding.javabeans.JavaBeansDataBinding.copy(JavaBeansDataBinding.java:102) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.copy(DefaultDataBindingExtensionPoint.java:171) at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.copy(PassByValueInterceptor.java:235) at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.copyFault(PassByValueInterceptor.java:130) at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.invoke(PassByValueInterceptor.java:115) at org.apache.tuscany.sca.binding.sca.impl.SCABindingInvoker.invoke(SCABindingInvoker.java:61) at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.invoke(PassByValueInterceptor.java:108) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:286) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:154) at $Proxy7.getB1Name(Unknown Source) at org.apache.tuscany.sca.vtest.wsbinding.nowsdl.NoWsdlTestCase.testNoWsdl(NoWsdlTestCase.java:62) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:618) at org.junit.internal.runners.TestMethodRunner.executeMethodBody(TestMethodRunner.java:99) at org.junit.internal.runners.TestMethodRunner.runUnprotected(TestMethodRunner.java:81) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:34) at org.junit.internal.runners.TestMethodRunner.runMethod(TestMethodRunner.java:75) at org.junit.internal.runners.TestMethodRunner.run(TestMethodRunner.java:45) at org.junit.internal.runners.TestClassMethodsRunner.invokeTestMethod(TestClassMethodsRunner.java:75) at org.junit.internal.runners.TestClassMethodsRunner.run(TestClassMethodsRunner.java:36) at org.junit.internal.runners.TestClassRunner$1.runUnprotected(TestClassRunner.java:42) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:34) at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196) Caused by: java.io.NotSerializableException: org.apache.axiom.om.impl.llom.OMElementImpl at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1113) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1467) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1439) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1382) at java.io.ObjectOutputStream.writeObject0
Re: [NOTICE] Scott Kurz voted as Tuscany committer
ant elder wrote: The Tuscany PMC has voted for Scott Kurz to become a Tuscany committer. Excellent job Scott, congratulations! -- Thanks, Dan Becker
Re: Tuscany support for Axis 1.4
+1.4 to move up to Axis 1.4. Raymond Feng wrote: +1 to move up. We can also start to take advantage of the latest versions of XmlSchema and AXIOM. -- From: ant elder [EMAIL PROTECTED] Sent: Monday, June 09, 2008 2:17 AM To: tuscany-dev@ws.apache.org Subject: Re: Tuscany support for Axis 1.4 On Wed, May 14, 2008 at 1:12 PM, Lou Amodeo [EMAIL PROTECTED] wrote: Is there a plan for Tuscany to support Axis2 1.4? -- Thanks, Dan Becker
Re: Release 1.3?
ant elder wrote: +1 from me. +1 from me also. Seems like a good time. -- Thanks, Dan Becker
Re: [Vote] Release Tuscany Java SCA 1.2.1 (RC1)
Luciano Resende wrote: My only minor comment is whether we are still going to use incubating on the release name/artifacts. Other then that, all looks ok, and here is my +1. +1 from me. I agree with Luciano. It would be nice to move off the incubating affix as soon as possible. It tends to lengthen the directory names, sometime causing delete problems on some operating systems. -- Thanks, Dan Becker
[jira] Commented: (TUSCANY-2343) OSGi bundle design leads to class loading issues
[ https://issues.apache.org/jira/browse/TUSCANY-2343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12602021#action_12602021 ] Dan Becker commented on TUSCANY-2343: - That last stack trace looks like a security-related issue. You can work around it temporarily by turning Java 2 security off. Or you can add the code base to one of the security policy files that would allow it to run as priviledged. What sort of security policy do you run with? OSGi bundle design leads to class loading issues Key: TUSCANY-2343 URL: https://issues.apache.org/jira/browse/TUSCANY-2343 Project: Tuscany Issue Type: Bug Reporter: Georg Schmidt Attachments: Libary Versions.xls, test_bundles.zip Currently the design of the OSGi bundles leads to class loading exceptions. There seem to be several reasons for this behavior: * reexporting of all libraries without version numbers * imports without version numbers Please use distinct bundles for 3rd party libraries. That would lead to easier reusage of your bundles in a larger OSGi project. The current status leads to undefined system behaviour due to the OSGi class loading concept. Please tell if you see a way, how we could support you by achieving this goal. (If a solution is interesting for you) We are willing to contribute because its a critical project issue for us. The problems occur with the current snapshot release. Sorry, I do not know which version to take. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (TUSCANY-2343) OSGi bundle design leads to class loading issues
[ https://issues.apache.org/jira/browse/TUSCANY-2343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12602074#action_12602074 ] Dan Becker commented on TUSCANY-2343: - Rajini said: Dan, Doesn't Tuscany throw SecurityExceptions when security is turned on and the required FilePermissions are not granted? Rajini, Yes that is true. Do you have J2 security on and a policy file? If not, I wonder if it is going through security-related code and failing for some other reason. I am trying to understand the fail myself. OSGi bundle design leads to class loading issues Key: TUSCANY-2343 URL: https://issues.apache.org/jira/browse/TUSCANY-2343 Project: Tuscany Issue Type: Bug Reporter: Georg Schmidt Attachments: Libary Versions.xls, test_bundles.zip Currently the design of the OSGi bundles leads to class loading exceptions. There seem to be several reasons for this behavior: * reexporting of all libraries without version numbers * imports without version numbers Please use distinct bundles for 3rd party libraries. That would lead to easier reusage of your bundles in a larger OSGi project. The current status leads to undefined system behaviour due to the OSGi class loading concept. Please tell if you see a way, how we could support you by achieving this goal. (If a solution is interesting for you) We are willing to contribute because its a critical project issue for us. The problems occur with the current snapshot release. Sorry, I do not know which version to take. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: [NOTICE] Vamsavardhana Reddy voted as Tuscany committer
Vamsavardhana Reddy wrote: Thank you for this great news. And thanks to Tuscany PMC for this recognition. Great job Vamsi! Congratulations -- Thanks, Dan Becker
[jira] Updated: (TUSCANY-2339) Java 2 Security - Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled
[ https://issues.apache.org/jira/browse/TUSCANY-2339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2339: Attachment: TUSCANY-2339.2.patch Hello Raymond, Thanks for your constructive suggestions. This new version of the patch, TUSCANY-2339.3.patch, will allow activation via a property, and it will allow the user to specify the property on the command line. So, as before, you can invoke the security profile via profile name (in which case it will use the default tuscany.policy at location file:///${java.home}/lib/security/tuscany.policy): mvn -P security Or you can invoke the security profile by adding a command line property: mvn -Dtuscany.policy.file=file:///e:/tuscany.policy Java 2 Security - Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled --- Key: TUSCANY-2339 URL: https://issues.apache.org/jira/browse/TUSCANY-2339 Project: Tuscany Issue Type: Improvement Components: Java SCA Core Runtime Environment: Maven profile should be operating system independent. Reporter: Dan Becker Attachments: TUSCANY-2339.2.patch Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled. This profile should specify a security profile for Tuscany, and should run vtest and itests with Java 2 security enabled. Run the profile with mvn -P security. Suggested profile addition to Tuscany java/sca pom.xml profile idsecurity/id modules !-- moduledemos/module -- moduleitest/module modulevtest/module /modules build plugins plugin groupIdorg.apache.maven.plugins/groupId artifactIdmaven-surefire-plugin/artifactId version2.3.1/version configuration includes include**/*TestCase.java/include /includes reportFormatbrief/reportFormat useFilefalse/useFile forkModeonce/forkMode !-- Place tuscany.policy in your Java home security directory. Alternatively, hardcode the file location here. -- argLine-Djava.security.manager -Djava.security.policy=file:///${java.home}/lib/security/tuscany.policy -Dpolicy.allowSystemProperty=true -Djava.security.debug=policy/argLine /configuration /plugin /plugins /build /profile -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (TUSCANY-2339) Java 2 Security - Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled
[ https://issues.apache.org/jira/browse/TUSCANY-2339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2339: Attachment: (was: TUSCANY-2339.patch) Java 2 Security - Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled --- Key: TUSCANY-2339 URL: https://issues.apache.org/jira/browse/TUSCANY-2339 Project: Tuscany Issue Type: Improvement Components: Java SCA Core Runtime Environment: Maven profile should be operating system independent. Reporter: Dan Becker Attachments: TUSCANY-2339.2.patch Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled. This profile should specify a security profile for Tuscany, and should run vtest and itests with Java 2 security enabled. Run the profile with mvn -P security. Suggested profile addition to Tuscany java/sca pom.xml profile idsecurity/id modules !-- moduledemos/module -- moduleitest/module modulevtest/module /modules build plugins plugin groupIdorg.apache.maven.plugins/groupId artifactIdmaven-surefire-plugin/artifactId version2.3.1/version configuration includes include**/*TestCase.java/include /includes reportFormatbrief/reportFormat useFilefalse/useFile forkModeonce/forkMode !-- Place tuscany.policy in your Java home security directory. Alternatively, hardcode the file location here. -- argLine-Djava.security.manager -Djava.security.policy=file:///${java.home}/lib/security/tuscany.policy -Dpolicy.allowSystemProperty=true -Djava.security.debug=policy/argLine /configuration /plugin /plugins /build /profile -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Created: (TUSCANY-2339) Java 2 Security - Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled
Java 2 Security - Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled --- Key: TUSCANY-2339 URL: https://issues.apache.org/jira/browse/TUSCANY-2339 Project: Tuscany Issue Type: Improvement Components: Java SCA Core Runtime Environment: Maven profile should be operating system independent. Reporter: Dan Becker Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled. This profile should specify a security profile for Tuscany, and should run vtest and itests with Java 2 security enabled. Run the profile with mvn -P security. Suggested profile addition to Tuscany java/sca pom.xml profile idsecurity/id modules !-- moduledemos/module -- moduleitest/module modulevtest/module /modules build plugins plugin groupIdorg.apache.maven.plugins/groupId artifactIdmaven-surefire-plugin/artifactId version2.3.1/version configuration includes include**/*TestCase.java/include /includes reportFormatbrief/reportFormat useFilefalse/useFile forkModeonce/forkMode !-- Place tuscany.policy in your Java home security directory. Alternatively, hardcode the file location here. -- argLine-Djava.security.manager -Djava.security.policy=file:///${java.home}/lib/security/tuscany.policy -Dpolicy.allowSystemProperty=true -Djava.security.debug=policy/argLine /configuration /plugin /plugins /build /profile -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (TUSCANY-2339) Java 2 Security - Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled
[ https://issues.apache.org/jira/browse/TUSCANY-2339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2339: Attachment: TUSCANY-2339.patch Java 2 Security - Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled --- Key: TUSCANY-2339 URL: https://issues.apache.org/jira/browse/TUSCANY-2339 Project: Tuscany Issue Type: Improvement Components: Java SCA Core Runtime Environment: Maven profile should be operating system independent. Reporter: Dan Becker Attachments: TUSCANY-2339.patch Provide Tuscany Maven profile to run vtest and itest with Java 2 security enabled. This profile should specify a security profile for Tuscany, and should run vtest and itests with Java 2 security enabled. Run the profile with mvn -P security. Suggested profile addition to Tuscany java/sca pom.xml profile idsecurity/id modules !-- moduledemos/module -- moduleitest/module modulevtest/module /modules build plugins plugin groupIdorg.apache.maven.plugins/groupId artifactIdmaven-surefire-plugin/artifactId version2.3.1/version configuration includes include**/*TestCase.java/include /includes reportFormatbrief/reportFormat useFilefalse/useFile forkModeonce/forkMode !-- Place tuscany.policy in your Java home security directory. Alternatively, hardcode the file location here. -- argLine-Djava.security.manager -Djava.security.policy=file:///${java.home}/lib/security/tuscany.policy -Dpolicy.allowSystemProperty=true -Djava.security.debug=policy/argLine /configuration /plugin /plugins /build /profile -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Graduation
Matthieu Riou wrote: Congratulations guys! Congratulations to all. Many put in an extreme amount of hard work, and I think it shows favorably in the project. Enjoy the recognition. -- Thanks, Dan Becker
[jira] Updated: (TUSCANY-2290) Java 2 Security enablement for Tuscany sample (part 1)
[ https://issues.apache.org/jira/browse/TUSCANY-2290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2290: Attachment: TUSCANY-2290.2.patch I saw on the Tuscany dev list that there was a problem with the previous patch. I have regenerated this one and hope it is better. (I had deleted some non-security changes in the previous patch, and I might have deleted too much.) Java 2 Security enablement for Tuscany sample (part 1) -- Key: TUSCANY-2290 URL: https://issues.apache.org/jira/browse/TUSCANY-2290 Project: Tuscany Issue Type: Bug Affects Versions: Java-SCA-1.2 Environment: Windows, Java 1.5 Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2290.1.patch, TUSCANY-2290.2.patch Fix security issues that arise in Tuscany samples when Java 2 security is turned on via -java.security.manager -Djava.security.policy=tuscany.policy -Dpolicy.allowSystemProperty=true A typical exception might be for sample helloworld sdo ws Problems trying to access System properties: java.security.AccessControlException: access denied (java.util.PropertyPermission java.specification.version read) java.lang.NoClassDefFoundError at org.apache.tuscany.sca.databinding.sdo.SDODataBinding.introspect(SDODataBinding.java:61) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.introspect(DefaultDataBindingExtensionPoint.java:191) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:246) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:202) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.processInterface(DataBindingJavaInterfaceProcessor.java:116) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.visitInterface(DataBindingJavaInterfaceProcessor.java:58) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceIntrospectorImpl.introspectInterface(JavaInterfaceIntrospectorImpl.java:113) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceFactoryImpl.createJavaInterface(JavaInterfaceFactoryImpl.java:48) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.createService(ServiceProcessor.java:159) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.visitClass(ServiceProcessor.java:90) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:72) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:63) ... -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: More Java security fixes on the way
Raymond Feng wrote: I have some trouble applying the patch. It complains an unknown line type is found line 573 (I don't know what it means:-(. Hi Raymond. I regenerated the patch as TUSCANY-2290.2.patch and attached it to the TUSCANY-2290 JIRA. I think with the previous patch I deleted some non-security changes, and I might have corrupted the file. Hopefully this one is better, let me know. -- Thanks, Dan Becker
[jira] Updated: (TUSCANY-2290) Java 2 Security enablement for Tuscany sample (part 1)
[ https://issues.apache.org/jira/browse/TUSCANY-2290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2290: Attachment: TUSCANY-2290.3.patch Trying once more. This time using TortoiseSVN to generate patch and ignore non-security issues in my private tree. Java 2 Security enablement for Tuscany sample (part 1) -- Key: TUSCANY-2290 URL: https://issues.apache.org/jira/browse/TUSCANY-2290 Project: Tuscany Issue Type: Bug Affects Versions: Java-SCA-1.2 Environment: Windows, Java 1.5 Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2290.3.patch Fix security issues that arise in Tuscany samples when Java 2 security is turned on via -java.security.manager -Djava.security.policy=tuscany.policy -Dpolicy.allowSystemProperty=true A typical exception might be for sample helloworld sdo ws Problems trying to access System properties: java.security.AccessControlException: access denied (java.util.PropertyPermission java.specification.version read) java.lang.NoClassDefFoundError at org.apache.tuscany.sca.databinding.sdo.SDODataBinding.introspect(SDODataBinding.java:61) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.introspect(DefaultDataBindingExtensionPoint.java:191) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:246) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:202) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.processInterface(DataBindingJavaInterfaceProcessor.java:116) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.visitInterface(DataBindingJavaInterfaceProcessor.java:58) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceIntrospectorImpl.introspectInterface(JavaInterfaceIntrospectorImpl.java:113) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceFactoryImpl.createJavaInterface(JavaInterfaceFactoryImpl.java:48) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.createService(ServiceProcessor.java:159) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.visitClass(ServiceProcessor.java:90) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:72) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:63) ... -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (TUSCANY-2290) Java 2 Security enablement for Tuscany sample (part 1)
[ https://issues.apache.org/jira/browse/TUSCANY-2290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2290: Attachment: (was: TUSCANY-2290.1.patch) Java 2 Security enablement for Tuscany sample (part 1) -- Key: TUSCANY-2290 URL: https://issues.apache.org/jira/browse/TUSCANY-2290 Project: Tuscany Issue Type: Bug Affects Versions: Java-SCA-1.2 Environment: Windows, Java 1.5 Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2290.3.patch Fix security issues that arise in Tuscany samples when Java 2 security is turned on via -java.security.manager -Djava.security.policy=tuscany.policy -Dpolicy.allowSystemProperty=true A typical exception might be for sample helloworld sdo ws Problems trying to access System properties: java.security.AccessControlException: access denied (java.util.PropertyPermission java.specification.version read) java.lang.NoClassDefFoundError at org.apache.tuscany.sca.databinding.sdo.SDODataBinding.introspect(SDODataBinding.java:61) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.introspect(DefaultDataBindingExtensionPoint.java:191) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:246) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:202) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.processInterface(DataBindingJavaInterfaceProcessor.java:116) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.visitInterface(DataBindingJavaInterfaceProcessor.java:58) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceIntrospectorImpl.introspectInterface(JavaInterfaceIntrospectorImpl.java:113) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceFactoryImpl.createJavaInterface(JavaInterfaceFactoryImpl.java:48) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.createService(ServiceProcessor.java:159) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.visitClass(ServiceProcessor.java:90) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:72) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:63) ... -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (TUSCANY-2290) Java 2 Security enablement for Tuscany sample (part 1)
[ https://issues.apache.org/jira/browse/TUSCANY-2290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2290: Attachment: (was: TUSCANY-2290.2.patch) Java 2 Security enablement for Tuscany sample (part 1) -- Key: TUSCANY-2290 URL: https://issues.apache.org/jira/browse/TUSCANY-2290 Project: Tuscany Issue Type: Bug Affects Versions: Java-SCA-1.2 Environment: Windows, Java 1.5 Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2290.3.patch Fix security issues that arise in Tuscany samples when Java 2 security is turned on via -java.security.manager -Djava.security.policy=tuscany.policy -Dpolicy.allowSystemProperty=true A typical exception might be for sample helloworld sdo ws Problems trying to access System properties: java.security.AccessControlException: access denied (java.util.PropertyPermission java.specification.version read) java.lang.NoClassDefFoundError at org.apache.tuscany.sca.databinding.sdo.SDODataBinding.introspect(SDODataBinding.java:61) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.introspect(DefaultDataBindingExtensionPoint.java:191) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:246) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:202) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.processInterface(DataBindingJavaInterfaceProcessor.java:116) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.visitInterface(DataBindingJavaInterfaceProcessor.java:58) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceIntrospectorImpl.introspectInterface(JavaInterfaceIntrospectorImpl.java:113) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceFactoryImpl.createJavaInterface(JavaInterfaceFactoryImpl.java:48) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.createService(ServiceProcessor.java:159) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.visitClass(ServiceProcessor.java:90) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:72) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:63) ... -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (TUSCANY-2290) Java 2 Security enablement for Tuscany sample (part 1)
[ https://issues.apache.org/jira/browse/TUSCANY-2290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2290: Attachment: TUSCANY-2290.1.patch New patch generated based on comments in Tuscany dev group. Summary is that security fixes should not be applied to samples to keep them simple. Java 2 Security enablement for Tuscany sample (part 1) -- Key: TUSCANY-2290 URL: https://issues.apache.org/jira/browse/TUSCANY-2290 Project: Tuscany Issue Type: Bug Affects Versions: Java-SCA-1.2 Environment: Windows, Java 1.5 Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2290.1.patch Fix security issues that arise in Tuscany samples when Java 2 security is turned on via -java.security.manager -Djava.security.policy=tuscany.policy -Dpolicy.allowSystemProperty=true A typical exception might be for sample helloworld sdo ws Problems trying to access System properties: java.security.AccessControlException: access denied (java.util.PropertyPermission java.specification.version read) java.lang.NoClassDefFoundError at org.apache.tuscany.sca.databinding.sdo.SDODataBinding.introspect(SDODataBinding.java:61) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.introspect(DefaultDataBindingExtensionPoint.java:191) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:246) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:202) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.processInterface(DataBindingJavaInterfaceProcessor.java:116) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.visitInterface(DataBindingJavaInterfaceProcessor.java:58) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceIntrospectorImpl.introspectInterface(JavaInterfaceIntrospectorImpl.java:113) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceFactoryImpl.createJavaInterface(JavaInterfaceFactoryImpl.java:48) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.createService(ServiceProcessor.java:159) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.visitClass(ServiceProcessor.java:90) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:72) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:63) ... -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (TUSCANY-2290) Java 2 Security enablement for Tuscany sample (part 1)
[ https://issues.apache.org/jira/browse/TUSCANY-2290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2290: Attachment: (was: TUSCANY-2290.patch) Java 2 Security enablement for Tuscany sample (part 1) -- Key: TUSCANY-2290 URL: https://issues.apache.org/jira/browse/TUSCANY-2290 Project: Tuscany Issue Type: Bug Affects Versions: Java-SCA-1.2 Environment: Windows, Java 1.5 Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2290.1.patch Fix security issues that arise in Tuscany samples when Java 2 security is turned on via -java.security.manager -Djava.security.policy=tuscany.policy -Dpolicy.allowSystemProperty=true A typical exception might be for sample helloworld sdo ws Problems trying to access System properties: java.security.AccessControlException: access denied (java.util.PropertyPermission java.specification.version read) java.lang.NoClassDefFoundError at org.apache.tuscany.sca.databinding.sdo.SDODataBinding.introspect(SDODataBinding.java:61) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.introspect(DefaultDataBindingExtensionPoint.java:191) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:246) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:202) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.processInterface(DataBindingJavaInterfaceProcessor.java:116) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.visitInterface(DataBindingJavaInterfaceProcessor.java:58) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceIntrospectorImpl.introspectInterface(JavaInterfaceIntrospectorImpl.java:113) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceFactoryImpl.createJavaInterface(JavaInterfaceFactoryImpl.java:48) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.createService(ServiceProcessor.java:159) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.visitClass(ServiceProcessor.java:90) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:72) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:63) ... -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: More Java security fixes on the way
Jean-Sebastien Delfino wrote: I'd like to suggest the following: - Keep the Java2 security blocks in test case classes - Don't put them in sample program classes Hmmm but looking at these test cases, could you help me understand why we need these technical API calls to the jmsBroker at all? Isn't SCA supposed to shield me from having to deal with that kind of calls? Based on the several opinions, I've regenerated the patch so that samples are keep simple and do not have security code in them. Jean-Sebastien, I can't comment on why several of the samples have explicit JMS broker starts and stops in their JUnit tests as I am not the original author. It seems like the author wanted to ensure the broker was running before running the unit test. However, commenting out the startBroker call in sample-helloworld-ws-service-jms, the JUnit test still ran and passed. -- Thanks, Dan Becker
Running vtests with security on
Since I am not much of a Maven expert, I thought I would run this by the Tuscany community to see if I am going down the right path or to see if there are better ideas. Normally when I test with any Tuscany sample or test with Java 2 security enabled, I use the JVM options -Djava.security.manager -Djava.security.policy=tuscany.policy -Djava.security.debug=policy. The tuscany.policy file enables certain parts of Tuscany code to access sensitive API calls, such as reading system properties or writing to the file system. When I run Tuscany JUnit tests in Eclipse, I add these options to the JUnit Run As dialog settings. The Tuscany vtests run when you execute Maven on the vtest pom with the test goal. I was thinking of adding a profile that specifies the additional properties above. Also, I would provide an example tuscany.policy file that provides the proper permissions for the Tuscany code base. This when you wanted to run vtests with security on, you would invoke this profile along with the test goal. Any additional suggestions or comments? -- Thanks, Dan Becker
Re: [BRAINSTORM] Future improvements for Tuscany databinding framework
Raymond Feng wrote: To improve the Tuscany databinding framework for simplicity and flexibility, I come out a list of potential TODOs. Your feedback/ideas/help will be very welcome. Being a developer, I may be biased towards items that make the developer's life a bit easier, so I tend to favor ease of use over new features. Given that, here are 3 I would vote for: * Refine/simplify the databinding SPIs (for better extensibility and consumeablity) * Better support for collective/aggregate data types such as java.util.Collection * Support annotations of a java type (for example, an InputStream can be used to contain different formats of data) to further constrain the data type (We could use the JAXB annotation for this purpose) Additionally, I think the following item is well-worth the effort to popularize Tuscany and make it easier to adopt and implement. * More and better documents -- Thanks, Dan Becker
Re: More Java security fixes on the way
Raymond Feng wrote: I'm looking into the patch you contributed with https://issues.apache.org/jira/browse/TUSCANY-2290. There is one issue catching my eyes. We have samples in Tuscany today which use some technology APIs, for example, to start the ActiveMQ JMS broker. To run these samples with Java2 security enabled, we have to surround some of the calls with privileged block. That seems to complicate/pollute the samples. Should we leave these samples as-is without supporting Java2 security (or grant permissions to the sample code directly with a policy file)? Hi Raymond, Thanks for the code review. Those are excellent points you bring up which not only apply to the Tuscany-provided samples, but potentially also to user-solutions which exploit Tuscany as the samples do. Do you require such code to implement security blocks (and grant permissions with policy files) or do you simplify and not support security? In my opinion, the answer would depend on what you would expect the user to do and what the purpose of the user code would be. For instance with application level code and samples I would never expect the user to have to add privileged blocks or add security policy permissions. On the other hand, for extensions and code that used Tuscany SPIs, I would expect requirements for the extension to provide privileged blocks and security policy permissions. In the current situation you mention (starting the ActiveMQ JMS broker), I agree it does complicate the samples. But any user application that attempts to start the JMS broker and support Java 2 security would have to do the same thing. I am fine removing the complicating security code from the sample, but then I should write a wiki page or other documentation that shows how to support this. Other opinions? -- Thanks, Dan Becker
Re: [VOTE] Graduate Apache Tuscany as a Top Level Project (take two)
+1 from me. -- Thanks, Dan Becker
Re: [vtest] @init, @destroy configuration and service lookup
Vamsavardhana Reddy wrote: I have created a JIRA TUSCANY-2296 describing the problem. I have also posted a patch file that will help understand the problem better. On Tue, May 6, 2008 at 8:42 PM, Kevin Williams [EMAIL PROTECTED] wrote: Thanks for your contribution to the vtest bucket for @Init and @Destroy annotations. Can you say why you do not use the SCADomain APIs to configure the domain and locate services from the test client? I would like to keep this pattern consistent throughout the entire suite. This is a somewhat related question. I am running the sample-store service via the given Launch class. With Java 2 security off, the example runs as intended. With Java 2 security on, there is a ContributionResolveException. It seems that the @Init implementation scope is added to a protected method, not public. Here is the first part of the stack trace that I print out using a bit of extra debug code in JavaImplementationProcessor.resolve method. JavaImplementationProcessor.resolve error=org.apache.tuscany.sca.implementation.java.introspect.impl.IllegalInitException: Initializer must be a public method. Invalid annotation @Init found on protected void services.ShoppingCartImpl.init() org.apache.tuscany.sca.implementation.java.introspect.impl.IllegalInitException: Initializer must be a public method. Invalid annotation @Init found on protected void services.ShoppingCartImpl.init() at org.apache.tuscany.sca.implementation.java.introspect.impl.InitProcessor.visitMethod(InitProcessor.java:57) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:99) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:1) at org.apache.tuscany.sca.contribution.processor.DefaultStAXArtifactProcessorExtensionPoint$LazyStAXArtifactProcessor.resolve(DefaultStAXArtifactProcessorExtensionPoint.java:287) at org.apache.tuscany.sca.contribution.processor.ExtensibleStAXArtifactProcessor.resolve(ExtensibleStAXArtifactProcessor.java:116) at org.apache.tuscany.sca.assembly.xml.BaseAssemblyProcessor.resolveImplementation(BaseAssemblyProcessor.java:271) at org.apache.tuscany.sca.assembly.xml.CompositeProcessor.resolve(CompositeProcessor.java:903) at org.apache.tuscany.sca.assembly.xml.CompositeProcessor.resolve(CompositeProcessor.java:1) I've checked the SCA_JavaAnnotationsAndAPIs_V100 specification, but I see no mention that this API be public. What say the SCA experts? Should these implementation scoped methods be public? Or do you think there should be more privileged blocks to allow this to run with security on? Or other? -- Thanks, Dan Becker
Re: [vtest] @init, @destroy configuration and service lookup
Vamsavardhana Reddy wrote: I think this error has got nothing to do with running with Java 2 security on. See TUSCANY-2272 for a reference to the spec that says the lifecycle methods must be public. Cool. Our findings are the same. Thanks for the pointer to the spec reference. -- Thanks, Dan Becker
More Java security fixes on the way
FYI, so every one is aware of recent Tuscany security changes and for your comments. Over the last few weeks I have been making fixes to the Tuscany core in order to make the code a bit safer with Java 2 security enabled. There are many instances in which we want Tuscany code to perform some privileged action (such as read a system property or write a file to the file system), yet we do not want client code to have this ability. There are over 300 Tuscany calls to privileged Java APIs which may throw some sort of security exception if proper access is not granted. Since there are so many APIs, I have have been issuing patches in smaller increments. This makes the patch easier to review, commit, and reverse if there is a problem. Following is a list of past changes related to security. TUSCANY-2108 - Enabled Simple Calculator to run with security on TUSCANY-2227 - Enabled ITests to run with secuirty on TUSCANY-2030 - Enabled Simple Caclulator to run on WebSphere Expect a few JIRAs in the next weeks to enable the demos, samples, and vtests to run with security on. And then I would like to make a maven profile that allows a user to test with security on or off. If you have any other ideas related to Java 2 security, I encourage you to mention them here. -- Thanks, Dan Becker
[jira] Created: (TUSCANY-2290) Java 2 Security enablement for Tuscany sample (part 1)
Java 2 Security enablement for Tuscany sample (part 1) -- Key: TUSCANY-2290 URL: https://issues.apache.org/jira/browse/TUSCANY-2290 Project: Tuscany Issue Type: Bug Affects Versions: Java-SCA-1.2 Environment: Windows, Java 1.5 Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2290.patch Fix security issues that arise in Tuscany samples when Java 2 security is turned on via -java.security.manager -Djava.security.policy=tuscany.policy -Dpolicy.allowSystemProperty=true A typical exception might be for sample helloworld sdo ws Problems trying to access System properties: java.security.AccessControlException: access denied (java.util.PropertyPermission java.specification.version read) java.lang.NoClassDefFoundError at org.apache.tuscany.sca.databinding.sdo.SDODataBinding.introspect(SDODataBinding.java:61) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.introspect(DefaultDataBindingExtensionPoint.java:191) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:246) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:202) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.processInterface(DataBindingJavaInterfaceProcessor.java:116) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.visitInterface(DataBindingJavaInterfaceProcessor.java:58) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceIntrospectorImpl.introspectInterface(JavaInterfaceIntrospectorImpl.java:113) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceFactoryImpl.createJavaInterface(JavaInterfaceFactoryImpl.java:48) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.createService(ServiceProcessor.java:159) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.visitClass(ServiceProcessor.java:90) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:72) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:63) ... -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (TUSCANY-2290) Java 2 Security enablement for Tuscany sample (part 1)
[ https://issues.apache.org/jira/browse/TUSCANY-2290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2290: Attachment: TUSCANY-2290.patch Please let me know if there are improvements to be made to the patch or comments. Java 2 Security enablement for Tuscany sample (part 1) -- Key: TUSCANY-2290 URL: https://issues.apache.org/jira/browse/TUSCANY-2290 Project: Tuscany Issue Type: Bug Affects Versions: Java-SCA-1.2 Environment: Windows, Java 1.5 Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2290.patch Fix security issues that arise in Tuscany samples when Java 2 security is turned on via -java.security.manager -Djava.security.policy=tuscany.policy -Dpolicy.allowSystemProperty=true A typical exception might be for sample helloworld sdo ws Problems trying to access System properties: java.security.AccessControlException: access denied (java.util.PropertyPermission java.specification.version read) java.lang.NoClassDefFoundError at org.apache.tuscany.sca.databinding.sdo.SDODataBinding.introspect(SDODataBinding.java:61) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint$LazyDataBinding.introspect(DefaultDataBindingExtensionPoint.java:191) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:246) at org.apache.tuscany.sca.databinding.DefaultDataBindingExtensionPoint.introspectType(DefaultDataBindingExtensionPoint.java:202) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.processInterface(DataBindingJavaInterfaceProcessor.java:116) at org.apache.tuscany.sca.core.databinding.processor.DataBindingJavaInterfaceProcessor.visitInterface(DataBindingJavaInterfaceProcessor.java:58) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceIntrospectorImpl.introspectInterface(JavaInterfaceIntrospectorImpl.java:113) at org.apache.tuscany.sca.interfacedef.java.impl.JavaInterfaceFactoryImpl.createJavaInterface(JavaInterfaceFactoryImpl.java:48) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.createService(ServiceProcessor.java:159) at org.apache.tuscany.sca.implementation.java.introspect.impl.ServiceProcessor.visitClass(ServiceProcessor.java:90) at org.apache.tuscany.sca.implementation.java.impl.JavaClassIntrospectorImpl.introspectClass(JavaClassIntrospectorImpl.java:72) at org.apache.tuscany.sca.implementation.java.impl.JavaImplementationFactoryImpl.createJavaImplementation(JavaImplementationFactoryImpl.java:53) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:152) at org.apache.tuscany.sca.implementation.java.xml.JavaImplementationProcessor.resolve(JavaImplementationProcessor.java:63) ... -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: [VOTE] Graduate Apache Tuscany as a Top Level Project
ant elder wrote: X. Establish the Apache Tuscany Project +1 You've grown up. Time to graduate. -- Thanks, Dan Becker
Re: [NOTICE] Mario Antollini voted as Tuscany committer
Antollini, Mario wrote: I just read the great news... This is a great opportunity for me! Thanks for all your confidence and support. Congratulations to you Mario! -- Thanks, Dan Becker
[jira] Updated: (TUSCANY-2030) Java 2 security
[ https://issues.apache.org/jira/browse/TUSCANY-2030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2030: Attachment: TUSCANY-2030.patch This patch when used in conjunction with fixes for TUSCANY-2108 and TUSCANY-2237 allow the Tuscany runtime to run under WAS 7.0 plus SOA FeP with Java 2 security on. However, there are still some security errors in the WebSphere code, which prevents the calculator sample from running error free. Java 2 security --- Key: TUSCANY-2030 URL: https://issues.apache.org/jira/browse/TUSCANY-2030 Project: Tuscany Issue Type: New Feature Affects Versions: Java-SCA-1.0.1 Reporter: Greg Dritschler Fix For: Java-SCA-Next Attachments: TUSCANY-2030.patch In environments where Java 2 security is enabled, an AccessControlException may occur in Tuscany code even though it has privileges to perform the action, because there is code on the call stack that does not have such privileges. doPrivileged calls must be used around such actions. Here is an example of a failure. There are undoubtedly others. java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader) at java.security.AccessController.checkPermission(AccessController.java:104) at java.lang.SecurityManager.checkPermission(SecurityManager.java:547) at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189) at java.lang.Class.getClassLoader(Class.java:234) at org.apache.tuscany.sca.core.invocation.JDKProxyFactory.createProxy(JDKProxyFactory.java:64) at org.apache.tuscany.sca.core.invocation.DefaultProxyFactoryExtensionPoint.createProxy(DefaultProxyFactoryExtensionPoint.java:105) at org.apache.tuscany.sca.core.context.CallableReferenceImpl.getInstance(CallableReferenceImpl.java:154) at org.apache.tuscany.sca.core.context.CallableReferenceImpl.getService(CallableReferenceImpl.java:162) at org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138) at com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86) at com.ibm._jsp._Calculator._jspService(_Calculator.java:96) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Updated: (TUSCANY-2030) Java 2 security
[ https://issues.apache.org/jira/browse/TUSCANY-2030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2030: Patch Info: [Patch Available] Java 2 security --- Key: TUSCANY-2030 URL: https://issues.apache.org/jira/browse/TUSCANY-2030 Project: Tuscany Issue Type: New Feature Affects Versions: Java-SCA-1.0.1 Reporter: Greg Dritschler Fix For: Java-SCA-Next Attachments: TUSCANY-2030.patch In environments where Java 2 security is enabled, an AccessControlException may occur in Tuscany code even though it has privileges to perform the action, because there is code on the call stack that does not have such privileges. doPrivileged calls must be used around such actions. Here is an example of a failure. There are undoubtedly others. java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader) at java.security.AccessController.checkPermission(AccessController.java:104) at java.lang.SecurityManager.checkPermission(SecurityManager.java:547) at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189) at java.lang.Class.getClassLoader(Class.java:234) at org.apache.tuscany.sca.core.invocation.JDKProxyFactory.createProxy(JDKProxyFactory.java:64) at org.apache.tuscany.sca.core.invocation.DefaultProxyFactoryExtensionPoint.createProxy(DefaultProxyFactoryExtensionPoint.java:105) at org.apache.tuscany.sca.core.context.CallableReferenceImpl.getInstance(CallableReferenceImpl.java:154) at org.apache.tuscany.sca.core.context.CallableReferenceImpl.getService(CallableReferenceImpl.java:162) at org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138) at com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86) at com.ibm._jsp._Calculator._jspService(_Calculator.java:96) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
Re: Run Tuscany with JDK 6: was: Re: [VOTE] Release Tuscany Java SCA 1.2-incubating (RC4)
Raymond Feng wrote: It's related to JDK 6 which ships a version of JAXB impl by itself. Up to JDK 6 Update 3, the JDK ships with JAX-WS 2.0 (which includes JAXB 2.0), but Tuscany requires JAXB 2.1. There are two possible solutions to this problem: 1) Upgrade your JDK to 1.6.0_04 or above, which will include JAX-WS (and JAXB) 2.1 2) Copy the version 2.1 jaxb-api.jar or jaxws-api.jar (you can probably find them in your local maven repo) to JAVA_HOME/lib/endorsed to override the API jars that ship with the JDK 3) Use the -Djava.endorsed.dir=a folder containing our JAXB jars to override the JAXB from JDK 6. As a user, I'd prefer option 1. In general I prefer version upgrades and prereqs over any solution that required spare copies of libs. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Updated: (TUSCANY-2237) Java 2 Security - Enhancements to run Itest bucket
[ https://issues.apache.org/jira/browse/TUSCANY-2237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2237: Attachment: TUSCANY-2237-2.patch This moves the module.stop in ReallySmallRuntime (that Raymond mentions) to the submodules such as Jetty and Tomcat runtime modules. More focused in scope than before. Java 2 Security - Enhancements to run Itest bucket -- Key: TUSCANY-2237 URL: https://issues.apache.org/jira/browse/TUSCANY-2237 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Java 1.5, Windows Reporter: Dan Becker Assignee: Raymond Feng Fix For: Java-SCA-Next Attachments: TUSCANY-2237-2.patch Must add proper Java 2 security to allow all Itests to run and pass JUnit testing. An example of a failing Itest occurs with CallableReferenceRemoteTestcase with Java 2 security enables. Here is an example AccessControlException: java.security.AccessControlException: access denied (java.util.PropertyPermission java.io.tmpdir read) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPropertyAccess(Unknown Source) at java.lang.System.getProperty(Unknown Source) at org.apache.axis2.context.ConfigurationContext.cleanupTemp(ConfigurationContext.java:665) at org.apache.axis2.context.ConfigurationContext.terminate(ConfigurationContext.java:653) at org.apache.axis2.transport.http.AxisServlet.destroy(AxisServlet.java:449) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceServlet.destroy(Axis2ServiceServlet.java:236) at org.apache.tuscany.sca.http.tomcat.ServletWrapper.destroyServlet(ServletWrapper.java:55) at org.apache.tuscany.sca.http.tomcat.TomcatServer.removeServletMapping(TomcatServer.java:510) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceProvider.stop(Axis2ServiceProvider.java:308) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceBindingProvider.stop(Axis2ServiceBindingProvider.java:98) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:615) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:513) at org.apache.tuscany.sca.node.impl.SCADomainProxyImpl.destroy(SCADomainProxyImpl.java:500) at org.apache.tuscany.sca.node.impl.SCANodeImpl.destroy(SCANodeImpl.java:441) at org.apache.tuscany.sca.itest.callableref.CallableReferenceRemoteTestCase.destroy(CallableReferenceRemoteTestCase.java:97) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.junit.internal.runners.BeforeAndAfterRunner.invokeMethod(BeforeAndAfterRunner.java:74) at org.junit.internal.runners.BeforeAndAfterRunner.runAfters(BeforeAndAfterRunner.java:65) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:37) at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196) This is fixed by adding AccessController.doPrivileged blocks around the sensitive call -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Updated: (TUSCANY-2237) Java 2 Security - Enhancements to run Itest bucket
[ https://issues.apache.org/jira/browse/TUSCANY-2237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2237: Attachment: (was: TUSCANY-2237.patch) Java 2 Security - Enhancements to run Itest bucket -- Key: TUSCANY-2237 URL: https://issues.apache.org/jira/browse/TUSCANY-2237 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Java 1.5, Windows Reporter: Dan Becker Assignee: Raymond Feng Fix For: Java-SCA-Next Attachments: TUSCANY-2237-2.patch Must add proper Java 2 security to allow all Itests to run and pass JUnit testing. An example of a failing Itest occurs with CallableReferenceRemoteTestcase with Java 2 security enables. Here is an example AccessControlException: java.security.AccessControlException: access denied (java.util.PropertyPermission java.io.tmpdir read) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPropertyAccess(Unknown Source) at java.lang.System.getProperty(Unknown Source) at org.apache.axis2.context.ConfigurationContext.cleanupTemp(ConfigurationContext.java:665) at org.apache.axis2.context.ConfigurationContext.terminate(ConfigurationContext.java:653) at org.apache.axis2.transport.http.AxisServlet.destroy(AxisServlet.java:449) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceServlet.destroy(Axis2ServiceServlet.java:236) at org.apache.tuscany.sca.http.tomcat.ServletWrapper.destroyServlet(ServletWrapper.java:55) at org.apache.tuscany.sca.http.tomcat.TomcatServer.removeServletMapping(TomcatServer.java:510) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceProvider.stop(Axis2ServiceProvider.java:308) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceBindingProvider.stop(Axis2ServiceBindingProvider.java:98) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:615) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:513) at org.apache.tuscany.sca.node.impl.SCADomainProxyImpl.destroy(SCADomainProxyImpl.java:500) at org.apache.tuscany.sca.node.impl.SCANodeImpl.destroy(SCANodeImpl.java:441) at org.apache.tuscany.sca.itest.callableref.CallableReferenceRemoteTestCase.destroy(CallableReferenceRemoteTestCase.java:97) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.junit.internal.runners.BeforeAndAfterRunner.invokeMethod(BeforeAndAfterRunner.java:74) at org.junit.internal.runners.BeforeAndAfterRunner.runAfters(BeforeAndAfterRunner.java:65) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:37) at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196) This is fixed by adding AccessController.doPrivileged blocks around the sensitive call -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [NOTICE] Wang Feng voted as Tuscany committer
ant elder wrote: The Tuscany PPMC and Incubator PMC have voted for Wang Feng to become a Tuscany committer. Congratulations Wang Feng! -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Created: (TUSCANY-2237) Java 2 Security - Enhancements to run Itest bucket
Java 2 Security - Enhancements to run Itest bucket -- Key: TUSCANY-2237 URL: https://issues.apache.org/jira/browse/TUSCANY-2237 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Java 1.5, Windows Reporter: Dan Becker Fix For: Java-SCA-Next Must add proper Java 2 security to allow all Itests to run and pass JUnit testing. An example of a failing Itest occurs with CallableReferenceRemoteTestcase with Java 2 security enables. Here is an example AccessControlException: java.security.AccessControlException: access denied (java.util.PropertyPermission java.io.tmpdir read) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPropertyAccess(Unknown Source) at java.lang.System.getProperty(Unknown Source) at org.apache.axis2.context.ConfigurationContext.cleanupTemp(ConfigurationContext.java:665) at org.apache.axis2.context.ConfigurationContext.terminate(ConfigurationContext.java:653) at org.apache.axis2.transport.http.AxisServlet.destroy(AxisServlet.java:449) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceServlet.destroy(Axis2ServiceServlet.java:236) at org.apache.tuscany.sca.http.tomcat.ServletWrapper.destroyServlet(ServletWrapper.java:55) at org.apache.tuscany.sca.http.tomcat.TomcatServer.removeServletMapping(TomcatServer.java:510) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceProvider.stop(Axis2ServiceProvider.java:308) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceBindingProvider.stop(Axis2ServiceBindingProvider.java:98) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:615) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:513) at org.apache.tuscany.sca.node.impl.SCADomainProxyImpl.destroy(SCADomainProxyImpl.java:500) at org.apache.tuscany.sca.node.impl.SCANodeImpl.destroy(SCANodeImpl.java:441) at org.apache.tuscany.sca.itest.callableref.CallableReferenceRemoteTestCase.destroy(CallableReferenceRemoteTestCase.java:97) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.junit.internal.runners.BeforeAndAfterRunner.invokeMethod(BeforeAndAfterRunner.java:74) at org.junit.internal.runners.BeforeAndAfterRunner.runAfters(BeforeAndAfterRunner.java:65) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:37) at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196) This is fixed by adding AccessController.doPrivileged blocks around the sensitive call -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Updated: (TUSCANY-2237) Java 2 Security - Enhancements to run Itest bucket
[ https://issues.apache.org/jira/browse/TUSCANY-2237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2237: Attachment: TUSCANY-2237.patch This file adds Java 2 security to cover ITests. I would like to co-review with a commiter before commiting. Java 2 Security - Enhancements to run Itest bucket -- Key: TUSCANY-2237 URL: https://issues.apache.org/jira/browse/TUSCANY-2237 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Java 1.5, Windows Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2237.patch Must add proper Java 2 security to allow all Itests to run and pass JUnit testing. An example of a failing Itest occurs with CallableReferenceRemoteTestcase with Java 2 security enables. Here is an example AccessControlException: java.security.AccessControlException: access denied (java.util.PropertyPermission java.io.tmpdir read) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPropertyAccess(Unknown Source) at java.lang.System.getProperty(Unknown Source) at org.apache.axis2.context.ConfigurationContext.cleanupTemp(ConfigurationContext.java:665) at org.apache.axis2.context.ConfigurationContext.terminate(ConfigurationContext.java:653) at org.apache.axis2.transport.http.AxisServlet.destroy(AxisServlet.java:449) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceServlet.destroy(Axis2ServiceServlet.java:236) at org.apache.tuscany.sca.http.tomcat.ServletWrapper.destroyServlet(ServletWrapper.java:55) at org.apache.tuscany.sca.http.tomcat.TomcatServer.removeServletMapping(TomcatServer.java:510) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceProvider.stop(Axis2ServiceProvider.java:308) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceBindingProvider.stop(Axis2ServiceBindingProvider.java:98) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:615) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:513) at org.apache.tuscany.sca.node.impl.SCADomainProxyImpl.destroy(SCADomainProxyImpl.java:500) at org.apache.tuscany.sca.node.impl.SCANodeImpl.destroy(SCANodeImpl.java:441) at org.apache.tuscany.sca.itest.callableref.CallableReferenceRemoteTestCase.destroy(CallableReferenceRemoteTestCase.java:97) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.junit.internal.runners.BeforeAndAfterRunner.invokeMethod(BeforeAndAfterRunner.java:74) at org.junit.internal.runners.BeforeAndAfterRunner.runAfters(BeforeAndAfterRunner.java:65) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:37) at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196) This is fixed by adding AccessController.doPrivileged blocks around the sensitive call -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Updated: (TUSCANY-2237) Java 2 Security - Enhancements to run Itest bucket
[ https://issues.apache.org/jira/browse/TUSCANY-2237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2237: Patch Info: [Patch Available] Java 2 Security - Enhancements to run Itest bucket -- Key: TUSCANY-2237 URL: https://issues.apache.org/jira/browse/TUSCANY-2237 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Java 1.5, Windows Reporter: Dan Becker Fix For: Java-SCA-Next Attachments: TUSCANY-2237.patch Must add proper Java 2 security to allow all Itests to run and pass JUnit testing. An example of a failing Itest occurs with CallableReferenceRemoteTestcase with Java 2 security enables. Here is an example AccessControlException: java.security.AccessControlException: access denied (java.util.PropertyPermission java.io.tmpdir read) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPropertyAccess(Unknown Source) at java.lang.System.getProperty(Unknown Source) at org.apache.axis2.context.ConfigurationContext.cleanupTemp(ConfigurationContext.java:665) at org.apache.axis2.context.ConfigurationContext.terminate(ConfigurationContext.java:653) at org.apache.axis2.transport.http.AxisServlet.destroy(AxisServlet.java:449) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceServlet.destroy(Axis2ServiceServlet.java:236) at org.apache.tuscany.sca.http.tomcat.ServletWrapper.destroyServlet(ServletWrapper.java:55) at org.apache.tuscany.sca.http.tomcat.TomcatServer.removeServletMapping(TomcatServer.java:510) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceProvider.stop(Axis2ServiceProvider.java:308) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceBindingProvider.stop(Axis2ServiceBindingProvider.java:98) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:615) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:513) at org.apache.tuscany.sca.node.impl.SCADomainProxyImpl.destroy(SCADomainProxyImpl.java:500) at org.apache.tuscany.sca.node.impl.SCANodeImpl.destroy(SCANodeImpl.java:441) at org.apache.tuscany.sca.itest.callableref.CallableReferenceRemoteTestCase.destroy(CallableReferenceRemoteTestCase.java:97) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.junit.internal.runners.BeforeAndAfterRunner.invokeMethod(BeforeAndAfterRunner.java:74) at org.junit.internal.runners.BeforeAndAfterRunner.runAfters(BeforeAndAfterRunner.java:65) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:37) at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196) This is fixed by adding AccessController.doPrivileged blocks around the sensitive call -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Commented: (TUSCANY-2237) Java 2 Security - Enhancements to run Itest bucket
[ https://issues.apache.org/jira/browse/TUSCANY-2237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12589709#action_12589709 ] Dan Becker commented on TUSCANY-2237: - Yes, will do. Thanks for reviewing and keeping me honest. I will have an updated patch soon. Java 2 Security - Enhancements to run Itest bucket -- Key: TUSCANY-2237 URL: https://issues.apache.org/jira/browse/TUSCANY-2237 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Java 1.5, Windows Reporter: Dan Becker Assignee: Raymond Feng Fix For: Java-SCA-Next Attachments: TUSCANY-2237.patch Must add proper Java 2 security to allow all Itests to run and pass JUnit testing. An example of a failing Itest occurs with CallableReferenceRemoteTestcase with Java 2 security enables. Here is an example AccessControlException: java.security.AccessControlException: access denied (java.util.PropertyPermission java.io.tmpdir read) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPropertyAccess(Unknown Source) at java.lang.System.getProperty(Unknown Source) at org.apache.axis2.context.ConfigurationContext.cleanupTemp(ConfigurationContext.java:665) at org.apache.axis2.context.ConfigurationContext.terminate(ConfigurationContext.java:653) at org.apache.axis2.transport.http.AxisServlet.destroy(AxisServlet.java:449) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceServlet.destroy(Axis2ServiceServlet.java:236) at org.apache.tuscany.sca.http.tomcat.ServletWrapper.destroyServlet(ServletWrapper.java:55) at org.apache.tuscany.sca.http.tomcat.TomcatServer.removeServletMapping(TomcatServer.java:510) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceProvider.stop(Axis2ServiceProvider.java:308) at org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceBindingProvider.stop(Axis2ServiceBindingProvider.java:98) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:615) at org.apache.tuscany.sca.core.assembly.CompositeActivatorImpl.stop(CompositeActivatorImpl.java:513) at org.apache.tuscany.sca.node.impl.SCADomainProxyImpl.destroy(SCADomainProxyImpl.java:500) at org.apache.tuscany.sca.node.impl.SCANodeImpl.destroy(SCANodeImpl.java:441) at org.apache.tuscany.sca.itest.callableref.CallableReferenceRemoteTestCase.destroy(CallableReferenceRemoteTestCase.java:97) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.junit.internal.runners.BeforeAndAfterRunner.invokeMethod(BeforeAndAfterRunner.java:74) at org.junit.internal.runners.BeforeAndAfterRunner.runAfters(BeforeAndAfterRunner.java:65) at org.junit.internal.runners.BeforeAndAfterRunner.runProtected(BeforeAndAfterRunner.java:37) at org.junit.internal.runners.TestClassRunner.run(TestClassRunner.java:52) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:38) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:460) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:673) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:386) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196) This is fixed by adding AccessController.doPrivileged blocks around the sensitive call -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Project Ideas - Let's get the community involved !!!
Luciano Resende wrote: I have noticed that the approach we used for GSoC, where we described small project ideas, with a proper description and a suggested scenario to guide the development of the idea is generating much more interest from the community. [1] http://incubator.apache.org/tuscany/getting-involved-projects.html I think this is a great idea and would like to add one minor suggestion. The page might benefit from a large title and brief introductory paragraph. That way if you search for or otherwise stumble onto the page, you have a bit of an idea of the nature of the page, why it's there, who should use it. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Release Tuscany Java SCA 1.2-incubating (RC3b)
Luciano Resende wrote: Please review and vote on the 1.2 release artifacts of Tuscany SCA for Java. The artifacts are available for review at: http://people.apache.org/~lresende/tuscany/sca-1.2-RC3b/ +1. It downloaded, unpacked, and ran acceptably on my system. No errors spotted. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [VOTE] Release Tuscany Java SCA 1.2-incubating (RC3a)
Luciano Resende wrote: Please review and vote on the 1.2 release artifacts of Tuscany SCA for Java. The artifacts are available for review at: http://people.apache.org/~lresende/tuscany/sca-1.2-RC3a/ +1 Working from your zip package at the above site, I was able to unzip, ant build and run the calculator sample. At least we know 3 + 2= 5.0! Doing an svn update and mvn build, I had no trouble working in Eclipse. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SCA 2.0, was Re: Next SCA release
ant elder wrote: On Tue, Apr 8, 2008 at 6:11 PM, Simon Laws [EMAIL PROTECTED] wrote: We may need to branch the documentation also. Normally I would suggest that we ask for a new space but as our documentation could not be considered complete for 1.1 and as the suggested first actions are internal restructuring we may find it less onerous to maintain 2.X documents alongside the the 1.X documents with suitable comments to point out where they diverge. Do people have a preference. I wondered about the doc too, if there was a new wiki space for 2.x could it be initially be populated with the existing content? If so then it seems to me like it would be easiest to have the new space than to try point out the differences for each release all in the one space. +1 on versioning and branching the docs and the wikis. Customers on older levels will want to see the proper docs, configs, and samples for their version, and customers on newer levels will want to see proper docs, configs, and samples for their version. We should support them both. (This is also how the Geronimo team is tacking docs and samples.) -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [vTest] Wiki content
Kevin Williams wrote: I would like to add page to our wiki devoted to vtest development. I see this as a place where we can provide a mapping from the specification set to specific test buckets and also as a place to track progress. +1 - A page like this would be quite useful. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Created: (TUSCANY-2173) Add style formatter and template information to website Coding Guidelines
Add style formatter and template information to website Coding Guidelines --- Key: TUSCANY-2173 URL: https://issues.apache.org/jira/browse/TUSCANY-2173 Project: Tuscany Issue Type: Improvement Components: Website Environment: All browsers Reporter: Dan Becker Priority: Minor Incorporate more specific Eclipse style formatter and template notes to the external web site. The external web site at http://cwiki.apache.org/TUSCANY/sca-java-development-guide.html#SCAJavaDevelopmentGuide-CodingGuidelines contains useful coding guidelines. There are additional Eclipse-specific guidelines on the internal wiki at http://cwiki.apache.org/confluence/display/TUSCANYWIKI/Code+Style+Formatters+and+Templates It would be useful if the Eclipse Style Formatter and Eclipse Templates (which are in the Tuscany build/repository) be mentioned in the external site. In other words, append the information from the second link above to the first link above. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tuscany Coding Standards/Style Guides
I added information on Eclipse code formatters and templates to the Tuscany confluence wiki at: http://cwiki.apache.org/confluence/display/TUSCANYWIKI/Code+Style+Formatters+and+Templates After a few days of comments, I will work on promoting this page to one of the Tuscany incubator wiki pages, probably hanging off the FAW Build and Development questions at: http://cwiki.apache.org/confluence/display/TUSCANY/Tuscany+SCA+Java+-+FAQ haleh mahbod wrote: should this information be added to the development guide? On 3/24/08, ant elder [EMAIL PROTECTED] wrote: There are some templates at https://svn.apache.org/repos/asf/incubator/tuscany/java/etc/ ...ant On Mon, Mar 24, 2008 at 4:37 PM, Dan Becker [EMAIL PROTECTED] wrote: Many Apache projects have official or recommended coding standards or style guides (e.g. Geronimo at http://geronimo.apache.org/coding-standards.html). Others have code formatting and style templates that you can import into Eclipse (e.g. http://cwiki.apache.org/GMOxDEV/developing-geronimo-in-eclipse.html#DevelopingGeronimoinEclipse-CodeFormatting ). Does Tuscany have an office code style formatter or template for Eclipse? If so, can someone point me to the docs? If not, can someone export and post their Eclipse formatters? -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Reporting errors for illegal SCA annotations (TUSCANY-2140)
Jean-Sebastien Delfino wrote: Simon Nash wrote: TUSCANY-2140 raises a more general question about whether we should report errors for all SCA annotations that are used in illegal positions. I suspect it would be impractical to do this in every possible case. For error cases that we consider common or harmful, adding a diagnostic is worthwhile. TUSCANY-2140 would fall into this category. +1 to report a misplaced annotation as a warning. Throwing an exception that'll prevent my application to run just because a harmless annotation was present (and not considered) somewhere in part of my code seems too aggressive to me. +1 to report misplaced SCA annotations. Please ignore non-SCA annotations. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tuscany JUnit tests
I notice most every Tuscany component has JUnit tests associated with it. I also notice that these tests are run as part of a normal Maven build (which you can turn on and off via -Dmaven.test.skip=true). 1) Are there other Maven test related switches? Specifically, is there a Maven switch/target/profile to just run the unit tests without a build? 2) Is there a to run these JUnit test cases from within an Eclipse project? Perhaps some test perspective or some menu item that understands JUnit test cases. I saw the Tuscany Wiki had some good articles on testing (e.g. http://cwiki.apache.org/confluence/display/TUSCANYWIKI/Automation+of+itests+in+web+applications), but I would like to grow my knowledge here. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tuscany JUnit tests
Kevin Williams wrote: On Wed, Mar 26, 2008 at 8:49 AM, Dan Becker [EMAIL PROTECTED] wrote: 1) Are there other Maven test related switches? Specifically, is there a Maven switch/target/profile to just run the unit tests without a build? 2) Is there a to run these JUnit test cases from within an Eclipse project? Perhaps some test perspective or some menu item that understands JUnit test cases. Within Eclipse you can highlight a JUnit test class and Run as = JUnit Test Doh! Thanks Kevin. I found that shortly after posting. I also see you can run in the debugger via Debug as = JUnit Test. Still looking for Maven pointers. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Updated: (TUSCANY-2108) Java 2 Security - ReallySmallRuntime AccessController blocks
[ https://issues.apache.org/jira/browse/TUSCANY-2108?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2108: Attachment: tuscany2108-2.txt Patch regenerated based on failing test cases and review comments. Java 2 Security - ReallySmallRuntime AccessController blocks Key: TUSCANY-2108 URL: https://issues.apache.org/jira/browse/TUSCANY-2108 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Run with JDK 1.5, Windows XP system Reporter: Dan Becker Assignee: Raymond Feng Fix For: Java-SCA-Next Attachments: tuscany2108-2.txt, tuscany2108.txt Add Java 2 Security to SCA core accessed via ReallySmallRuntime. This can be seen by running the sample-calculator program with -Djava.security.manager for the Java application runtime. This JIRA is a preliminary prereq for JIRA TUSCANY-2030. That JIRA covers the code entry points via org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138) and com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86) This JIRA covers all internal entry points that are accessed via Exception in thread main org.osoa.sca.ServiceRuntimeException: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:264) at org.apache.tuscany.sca.host.embedded.SCADomain.newInstance(SCADomain.java:69) at calculator.CalculatorClient.main(CalculatorClient.java:31) Caused by: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.impl.ReallySmallRuntime.start(ReallySmallRuntime.java:116) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:118) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:109) at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:231) There needs to be AccessController.doPrivileged blocks around all sensitive code that creates a ClassLoader, accesses the file system via stream or URL, reads system properties and all other sensitive areas not covered by the security.policy file. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: GSoc Project Ideas - Tuscany
Jacek Laskowski wrote: On Sun, Mar 23, 2008 at 1:19 PM, ant elder [EMAIL PROTECTED] wrote: Probably depends what you want, with -fn the tests still run with -Dmaven.test.skip=true they don't. Not running the tests makes the build much faster but without running the tests you don't know what problems there might be with the jars that get built. A key thing is that with -fn a test failure in one module does not stop the build of other modules, but, the jar for the module with the test failure does not get built so if you want to ignore a test failure but still rebuild a module then you need to use -Dmaven.test.skip=true. On the other hand for things like the itest modules you just want to see the tests results so it doesn't make much sense to use -Dmaven.test.skip=true but -fn can be useful to see how good or bad the state of the code is. That's more I could dream of! I have never used -fn before so it's nice to have read so comprehensive explanation why it might be useful. Thanks. And helpful to all the other developers and readers too! Thanks Ant. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Created: (TUSCANY-2130) Promote Security Aware Tuscany article from internal wiki to external developer wiki pages
Promote Security Aware Tuscany article from internal wiki to external developer wiki pages -- Key: TUSCANY-2130 URL: https://issues.apache.org/jira/browse/TUSCANY-2130 Project: Tuscany Issue Type: Improvement Components: Website Environment: Web Reporter: Dan Becker Priority: Minor Promote the Security Aware Programming in Tuscany article from the internal wiki (at http://cwiki.apache.org/confluence/display/TUSCANYWIKI/Security+Aware+Programming+in+Tuscany) to the external developer pages. A suggested location is the developer hints section of the development guide (at http://cwiki.apache.org/TUSCANY/sca-java-development-guide.html) Wiki and HTML source code for the article is available at the first link given. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tuscany Coding Standards/Style Guides
Many Apache projects have official or recommended coding standards or style guides (e.g. Geronimo at http://geronimo.apache.org/coding-standards.html). Others have code formatting and style templates that you can import into Eclipse (e.g. http://cwiki.apache.org/GMOxDEV/developing-geronimo-in-eclipse.html#DevelopingGeronimoinEclipse-CodeFormatting). Does Tuscany have an office code style formatter or template for Eclipse? If so, can someone point me to the docs? If not, can someone export and post their Eclipse formatters? -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Security Aware Programming in Tuscany
I wrote an article to help explain security aware programming in Tuscany. It is in the Tuscany Confluience wiki at http://cwiki.apache.org/confluence/display/TUSCANYWIKI/Security+Aware+Programming+in+Tuscany . Please let me know if you have any suggestions, or since it is a wiki add them yourself and let me know. I hope to promote this to the external Tuscany page soon, so any suggestions are appreciated. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Keeping up with the dev list and the flood of JIRA messages
Jean-Sebastien Delfino wrote: Just curious, are people able to keep up with the list discussions in the middle of that flood of JIRA messages? Is everybody routing JIRAs to a separate folder? I'm finding it difficult to see through the traffic without doing that. Thoughts? Can we improve this to make it easier for people to follow? I know from my perspective, the volume of Tuscany and Geronimo lists are huge. Easily 100 to 200 messages a day. I use filtering of my mail reader to help sort the messages. I color Tuscany messages red and Geronimo black. I put the JIRA traffic to its own folder, with JIRA open, close and comments to subfolders. It is ironic, but the threads I am most interesting in are usually the ones with no prefixes: ones that bring up new topics or new issues for instance. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Commented: (TUSCANY-2108) Java 2 Security - ReallySmallRuntime AccessController blocks
[ https://issues.apache.org/jira/browse/TUSCANY-2108?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12580372#action_12580372 ] Dan Becker commented on TUSCANY-2108: - I have a patch that covers about 40 doPrivileged blocks in about 24 files. Will append patch shortly. Java 2 Security - ReallySmallRuntime AccessController blocks Key: TUSCANY-2108 URL: https://issues.apache.org/jira/browse/TUSCANY-2108 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Run with JDK 1.5, Windows XP system Reporter: Dan Becker Fix For: Java-SCA-1.2 Add Java 2 Security to SCA core accessed via ReallySmallRuntime. This can be seen by running the sample-calculator program with -Djava.security.manager for the Java application runtime. This JIRA is a preliminary prereq for JIRA TUSCANY-2030. That JIRA covers the code entry points via org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138) and com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86) This JIRA covers all internal entry points that are accessed via Exception in thread main org.osoa.sca.ServiceRuntimeException: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:264) at org.apache.tuscany.sca.host.embedded.SCADomain.newInstance(SCADomain.java:69) at calculator.CalculatorClient.main(CalculatorClient.java:31) Caused by: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.impl.ReallySmallRuntime.start(ReallySmallRuntime.java:116) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:118) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:109) at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:231) There needs to be AccessController.doPrivileged blocks around all sensitive code that creates a ClassLoader, accesses the file system via stream or URL, reads system properties and all other sensitive areas not covered by the security.policy file. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Created: (TUSCANY-2108) Java 2 Security - ReallySmallRuntime AccessController blocks
Java 2 Security - ReallySmallRuntime AccessController blocks Key: TUSCANY-2108 URL: https://issues.apache.org/jira/browse/TUSCANY-2108 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Run with JDK 1.5, Windows XP system Reporter: Dan Becker Fix For: Java-SCA-1.2 Add Java 2 Security to SCA core accessed via ReallySmallRuntime. This can be seen by running the sample-calculator program with -Djava.security.manager for the Java application runtime. This JIRA is a preliminary prereq for JIRA TUSCANY-2030. That JIRA covers the code entry points via org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138) and com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86) This JIRA covers all internal entry points that are accessed via Exception in thread main org.osoa.sca.ServiceRuntimeException: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:264) at org.apache.tuscany.sca.host.embedded.SCADomain.newInstance(SCADomain.java:69) at calculator.CalculatorClient.main(CalculatorClient.java:31) Caused by: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.impl.ReallySmallRuntime.start(ReallySmallRuntime.java:116) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:118) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:109) at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:231) There needs to be AccessController.doPrivileged blocks around all sensitive code that creates a ClassLoader, accesses the file system via stream or URL, reads system properties and all other sensitive areas not covered by the security.policy file. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Updated: (TUSCANY-2108) Java 2 Security - ReallySmallRuntime AccessController blocks
[ https://issues.apache.org/jira/browse/TUSCANY-2108?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2108: Attachment: tuscany2108.txt Java 2 Security - ReallySmallRuntime AccessController blocks Key: TUSCANY-2108 URL: https://issues.apache.org/jira/browse/TUSCANY-2108 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Run with JDK 1.5, Windows XP system Reporter: Dan Becker Fix For: Java-SCA-1.2 Attachments: tuscany2108.txt Add Java 2 Security to SCA core accessed via ReallySmallRuntime. This can be seen by running the sample-calculator program with -Djava.security.manager for the Java application runtime. This JIRA is a preliminary prereq for JIRA TUSCANY-2030. That JIRA covers the code entry points via org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138) and com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86) This JIRA covers all internal entry points that are accessed via Exception in thread main org.osoa.sca.ServiceRuntimeException: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:264) at org.apache.tuscany.sca.host.embedded.SCADomain.newInstance(SCADomain.java:69) at calculator.CalculatorClient.main(CalculatorClient.java:31) Caused by: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.impl.ReallySmallRuntime.start(ReallySmallRuntime.java:116) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:118) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:109) at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:231) There needs to be AccessController.doPrivileged blocks around all sensitive code that creates a ClassLoader, accesses the file system via stream or URL, reads system properties and all other sensitive areas not covered by the security.policy file. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Updated: (TUSCANY-2108) Java 2 Security - ReallySmallRuntime AccessController blocks
[ https://issues.apache.org/jira/browse/TUSCANY-2108?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Becker updated TUSCANY-2108: Patch Info: [Patch Available] Java 2 Security - ReallySmallRuntime AccessController blocks Key: TUSCANY-2108 URL: https://issues.apache.org/jira/browse/TUSCANY-2108 Project: Tuscany Issue Type: Bug Components: Java SCA Core Runtime Affects Versions: Java-SCA-1.1 Environment: Run with JDK 1.5, Windows XP system Reporter: Dan Becker Fix For: Java-SCA-1.2 Attachments: tuscany2108.txt Add Java 2 Security to SCA core accessed via ReallySmallRuntime. This can be seen by running the sample-calculator program with -Djava.security.manager for the Java application runtime. This JIRA is a preliminary prereq for JIRA TUSCANY-2030. That JIRA covers the code entry points via org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138) and com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86) This JIRA covers all internal entry points that are accessed via Exception in thread main org.osoa.sca.ServiceRuntimeException: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:264) at org.apache.tuscany.sca.host.embedded.SCADomain.newInstance(SCADomain.java:69) at calculator.CalculatorClient.main(CalculatorClient.java:31) Caused by: java.lang.NullPointerException at org.apache.tuscany.sca.host.embedded.impl.ReallySmallRuntime.start(ReallySmallRuntime.java:116) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:118) at org.apache.tuscany.sca.host.embedded.impl.DefaultSCADomain.init(DefaultSCADomain.java:109) at org.apache.tuscany.sca.host.embedded.SCADomain.createNewInstance(SCADomain.java:231) There needs to be AccessController.doPrivileged blocks around all sensitive code that creates a ClassLoader, accesses the file system via stream or URL, reads system properties and all other sensitive areas not covered by the security.policy file. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Verification Testing
Simon Nash wrote: Kevin Williams wrote: I am thinking of adding a new test bucket specifically for verification testing against the specification set. I believe it would add value to the project and may also be a place where developers new to Tuscany might contribute. Does this sound like a reasonable idea? +1 I think it is very useful and will be a good way to make piece-of-mind regression tests. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[jira] Commented: (TUSCANY-2030) Java 2 security
[ https://issues.apache.org/jira/browse/TUSCANY-2030?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12578775#action_12578775 ] Dan Becker commented on TUSCANY-2030: - I am investigating this an other java.security.AccessControlExceptions that occur with -Djava.security.manager turned on. Java 2 security --- Key: TUSCANY-2030 URL: https://issues.apache.org/jira/browse/TUSCANY-2030 Project: Tuscany Issue Type: New Feature Affects Versions: Java-SCA-1.0.1 Reporter: Greg Dritschler Fix For: Java-SCA-Next In environments where Java 2 security is enabled, an AccessControlException may occur in Tuscany code even though it has privileges to perform the action, because there is code on the call stack that does not have such privileges. doPrivileged calls must be used around such actions. Here is an example of a failure. There are undoubtedly others. java.security.AccessControlException: Access denied (java.lang.RuntimePermission getClassLoader) at java.security.AccessController.checkPermission(AccessController.java:104) at java.lang.SecurityManager.checkPermission(SecurityManager.java:547) at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java:189) at java.lang.Class.getClassLoader(Class.java:234) at org.apache.tuscany.sca.core.invocation.JDKProxyFactory.createProxy(JDKProxyFactory.java:64) at org.apache.tuscany.sca.core.invocation.DefaultProxyFactoryExtensionPoint.createProxy(DefaultProxyFactoryExtensionPoint.java:105) at org.apache.tuscany.sca.core.context.CallableReferenceImpl.getInstance(CallableReferenceImpl.java:154) at org.apache.tuscany.sca.core.context.CallableReferenceImpl.getService(CallableReferenceImpl.java:162) at org.apache.tuscany.sca.host.embedded.impl.EmbeddedSCADomain.getService(EmbeddedSCADomain.java:138) at com.ibm.ws.soa.sca.runtime.impl.SimpleCompositeContextImpl.locateService(SimpleCompositeContextImpl.java:86) at com.ibm._jsp._Calculator._jspService(_Calculator.java:96) -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tuscany policy file syntax
Thanks Raymond. Your codeBases worked for me too. Be sure to put tuscany.policy in the project root when using -Djava.security.policy==tuscany.policy. Now on to those pesky doPriviledged blocks Raymond Feng wrote: I got the following working with Eclipse. 1) Create a java2 security policy file such as tuscany.policy in root of the sample project with the following content: grant codeBase file:/C:/Tuscany/java/sca/modules/- { permission java.security.AllPermission; }; grant codeBase file:${user.home}/.m2/repository/- { permission java.security.AllPermission; }; The first grant is for the tuscany modules in your workspace. You might need to adjust it to fit your environment. The second grant is for the 3rd party jars tuscany modules depend on. 2) Create a run profile for the main class with VM arguments set to: -Djava.security.manager -Djava.security.policy==tuscany.policy -Dpolicy.allowSystemProperty=true -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Contributor access in Tuscany JIRA
Vamsavardhana Reddy wrote: Can someone give me contributor access to Tuscany JIRA so that I can assign issues to me while I work on the issues? My user id is vamsic. Please can someone also give me contributer access to Tuscany also, so I can assign JIRA issues that I am working on to myself. My userid is beckerdo. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tuscany policy file syntax
I have two questions on running Tuscany code in Eclipse with security manager and user policy files. 1) In a command line environment, I usually provide a policy files with the following simple syntax: java -Djava.security.manager -Djava.security.policy=mypolicy.policy MyApp However with my Tuscany sample in Eclipse, I had trouble finding the policy file with that sort of syntax when I placed my policy in the src/main/resource or target/classes directory. It did work when I provided a long ugly workspace file URL: java -Djava.security.manager -Djava.security.policy=file:/D:/workspaces/tuscany-code/sample-security-getprops/target/classes/mypolicy.policy MyApp Does anyone have a more usable URL or place to locate the policy file so I can use the first simpler syntax? 2) In a similar vein, I tried to add some permissions in my policy file for the tuscany runtime code. I found that this ugly type of syntax inside the policy file seemed to work: grant codeBase file:/tuscany-sca*.jar { ... } However, this simpler, more understandable, more general way of specifying the code base did not seem to work for me: grant codeBase http://org.apache.tuscany.sca/-; { ... } Is there a simpler more obvious way to add access to the runtime code? -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Open Source Experience for JavaOne
Antollini, Mario wrote: Jean-Sebastien and I would like to add a single slide we can show at JavaOne where we can share our experience (or BKMs) of working in an Open Source project. This is what I have so far... 1. Managing the code a. Organize the project in small modules b. Build and manage dependencies with Maven c. Bug/Issue tracking system: JIRA d. SVN 2. Discussions held through the mailing list a. Politeness is key 3. Anyone can contribute 4. Documentation is very important Hi Mario, I am interested in what you have to say for bullet 4. Documentation is very important. After recently joining the Geronimo team, our group had a lot experience working on the Geronimo docs for 2.1. It took a very large effort to validate all the docs and the samples were still working from 2.0 and earlier docs. We worked on ensuring all samples were versioned in svn, but we had many discussions on how to keep the docs in step with the samples and the release. It would be nice if there were some automated ways to mark, version, and update the docs to ensure the users are getting the best service. -- Thanks, Dan Becker - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]