db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Besosa, Michael" <michael.bes...@pearson.com>
Subject Re: AccessControlException with no security manager
Date Mon, 03 Jun 2019 13:52:28 GMT
I don't understand what you mean when you say, "Even if you don't install a
Java security manager...you get a security manager anyway." I don't have
(haven't installed) a security manager and System.getSecurityManager()
returns null. And if I "really, really" don't want a security manager, how
can I say so, other than executing System.setSecurityManager(null)?

On Fri, May 31, 2019 at 9:03 PM Bryan Pendleton <bpendleton.derby@gmail.com>
wrote:

> I feel like you're probably hitting DERBY-6648:
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_DERBY-2D6648&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=Hutrm_MTSwNDtab2E2bMNCxLo0eDRIZrB1B5x2AL-1k&e=
>
> Even if you don't install a Java security manager (perhaps especially
> if that is so), you get a security manager anyway.
>
> If you really, really don't want a security manager, you can say so.
>
> Or, bite the bullet and define a security manager, and start
> assembling the precise security policy that is right for your
> particular situation, as in:
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__stackoverflow.com_a_52392015_193453&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=uackNzNN36boV8-m6DGN7VJOPwN4tnfuUwgQBgOmv0I&e=
> ,
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__db.apache.org_derby_docs_10.13_security_csecembeddedperms.html&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=53JhmaGEsK92jA_W0ofwQrvGLuaZ-TLXOiDawh9P3rQ&e=
> , etc.
>
> bryan
>
> On Fri, May 31, 2019 at 11:58 AM Besosa, Michael
> <michael.besosa@pearson.com> wrote:
> >
> > We have an application that is using the Derby 10.12.1.1 embedded engine
> and Java 8. When the app executes the SELECT shown below, we see an
> exception with the message 'access denied
> org.apache.derby.security.SystemPermission( "engine", "usederbyinternals"
> ): java.security.AccessControlException'.
> >
> > This application does not install a SecurityManager. I'm at a bit of a
> loss about how to fix this.
> >
> > The query:
> >
> > SELECT
> >         DeliveryEvent.AppointmentStart,
> >         DeliveryEvent.Attempt,
> >         DeliveryEvent.BiometricCheckTypeCode,
> >         DeliveryEvent.CandidateID,
> >         DeliveryEvent.DeliveryStatus,
> >         DeliveryEvent.ExamLanguageID,
> >         DeliveryEvent.HasNoTestListBlock,
> >         DeliveryEvent.IsDisconnectedIBTDelivery,
> >         DeliveryEvent.NextAppointmentID,
> >         DeliveryEvent.ProcessStateCode,
> >         DeliveryEvent.ProctorID,
> >         DeliveryEvent.RegisteredExamVersionID,
> >         DeliveryEvent.RegistrationID,
> >         DeliveryEvent.SelectedFormID,
> >         DeliveryEvent.SelectedExamVersionID,
> >         DeliveryEvent.TerminationDate,
> >         DeliveryEvent.TimeLimit,
> >         DeliveryEvent.TimeLimitAdjust,
> >         Clients.Client_ID AS ClientID,
> >         Clients.ClientName AS ClientName,
> >         ExamSeries.Code AS ExamSeriesCode,
> >         ExamVersion.DriverID AS DriverID,
> >         ExamLanguage.Title AS TranslatedTitle,
> >         (SELECT AppUser.FirstName || ' ' || AppUser.LastName FROM
> ((((((AssetAppUser INNER JOIN AppUser ON AssetAppUser.AppUserID =
> AppUser.ID) INNER JOIN AssetUsage ON AssetAppUser.AssetID =
> AssetUsage.AssetID) INNER JOIN Asset ON AssetUsage.AssetID = Asset.ID)
> INNER JOIN AssetType ON Asset.AssetTypeID = AssetType.ID) INNER JOIN
> AssetTypeProperty ON AssetType.ID = AssetTypeProperty.AssetTypeID AND
> AssetTypeProperty.AssetTypePropertyValue = 'Examiner') INNER JOIN
> AssetTypePropertyKey ON AssetTypeProperty.AssetTypePropertyKeyID =
> AssetTypePropertyKey.AssetTypePropertyKeyID AND
> AssetTypePropertyKey.AssetTypePropertyKeyName = 'AssetSubClass') WHERE
> (AssetUsage.OrderItemID = DeliveryEvent.RegistrationID) FETCH FIRST 1 ROWS
> ONLY) AS ExaminerName,
> >         (SELECT Asset.Name FROM ((((Asset INNER JOIN AssetType ON
> Asset.AssetTypeID = AssetType.ID) INNER JOIN AssetUsage ON Asset.ID =
> AssetUsage.AssetID) INNER JOIN AssetTypeProperty ON AssetType.ID =
> AssetTypeProperty.AssetTypeID AND AssetTypeProperty.AssetTypePropertyValue
> = 'Vehicle') INNER JOIN AssetTypePropertyKey ON
> AssetTypeProperty.AssetTypePropertyKeyID =
> AssetTypePropertyKey.AssetTypePropertyKeyID AND
> AssetTypePropertyKey.AssetTypePropertyKeyName = 'AssetSubClass') WHERE
> (AssetUsage.OrderItemID = DeliveryEvent.RegistrationID) AND
> (AssetType.AssetClassCode IN
> ('Facility','Workstation','CiscoRack','TaskSchedule')) FETCH FIRST 1 ROWS
> ONLY) AS VehicleName,
> >         (SELECT COUNT(*) FROM (Accommodation INNER JOIN
> AccommodationStatus ON Accommodation.AccommodationStatusID =
> AccommodationStatus.AccommodationStatusID AND
> AccommodationStatus.StatusCode = 'Granted') WHERE
> (Accommodation.OrderItemID = DeliveryEvent.RegistrationID)) AS
> AccommodationCount,
> >         (SELECT COUNT(*) FROM DeliveryBlockedReason WHERE
> (DeliveryBlockedReason.DeliveryEventID = DeliveryEvent.RegistrationID)) AS
> ReasonsBlockedCount,
> >         (SELECT DeliveryEventNext.RegistrationID FROM DeliveryEvent AS
> DeliveryEventNext WHERE (DeliveryEvent.RegistrationID =
> DeliveryEventNext.NextAppointmentID)) AS FirstDayRegistrationID
> > FROM ((((
> >         DeliveryEvent
> >         INNER JOIN ExamLanguage
> >                 ON DeliveryEvent.ExamLanguageID = ExamLanguage.ID)
> >         INNER JOIN ExamSeriesON ExamLanguage.ExamSeriesID =
> ExamSeries.ID)
> > INNER JOIN Clients
> > ON ExamSeries.Client_ID = Clients.Client_ID)
> > LEFT JOIN ExamVersion
> > ON DeliveryEvent.RegisteredExamVersionID = ExamVersion.ID)
> > WHERE
> > (DeliveryEvent.RegistrationID = 5)
>

Mime
View raw message