[ https://issues.apache.org/jira/browse/YOKO-302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Jencks updated YOKO-302: ------------------------------ Attachment: YOKO-302-2.patch Rick pointed out that my first patch is entirely against the classloading behavior in the spec, and that wrapping the attempt to create the security manager in a PrivilegedAction might let it proceed in all reasonable environments. The attached patch does that and works fine in my environment. > Cannot run yoko without permission to create a security manager > --------------------------------------------------------------- > > Key: YOKO-302 > URL: https://issues.apache.org/jira/browse/YOKO-302 > Project: Yoko - CORBA Server > Issue Type: Bug > Components: orb core > Affects Versions: v1.0-incubating-M2 > Reporter: David Jencks > Attachments: YOKO-302-2.patch, YOKO-302.patch > > > I've run into a situation where I'm trying to use yoko in an environment > where it doesn't have permission to create a security manager. UtilImpl and > UtilLoader have the same code with a static field > // Note: this field must be declared before the static intializer that > calls Util.loadClass > // since that method will call loadClass0 which uses this field... if it > is below the static > // initializer the _secman field will be null > private static final SecMan _secman = new SecMan(); > static class SecMan extends java.rmi.RMISecurityManager { > public Class[] getClassContext() { > return super.getClassContext(); > } > } > which is used in an attempt to load a class: > ClassLoader stackLoader = null; > Class[] stack = _secman.getClassContext(); > for (int i = 1; i < stack.length; i++) { > stackLoader = stack[i].getClassLoader(); > if (stackLoader != null) > break; > } > if (stackLoader != null) { > try { > result = stackLoader.loadClass(name); > } catch (ClassNotFoundException ex) { > // skip // > } > if (result != null) { > return result; > } > } > obviously, in an environment where we don't have permission to create a > security manager this will fail. > Patching the code to continue if it can't create the security manager works > fine for the situation I've encountered. Are there any other bad effects? -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.