db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Besosa, Michael" <michael.bes...@pearson.com>
Subject Re: AccessControlException with no security manager
Date Mon, 03 Jun 2019 15:37:02 GMT
Thinking about it a bit more, I wonder if you missed that this is using the
embedded engine, not the network server. I know that the network server
installs a security manager by default, and that there is a system property
that can be set to disable that behavior. But that's not applicable in our
situation.

On Mon, Jun 3, 2019 at 8:52 AM Besosa, Michael <michael.besosa@pearson.com>
wrote:

> I don't understand what you mean when you say, "Even if you don't install
> a Java security manager...you get a security manager anyway." I don't have
> (haven't installed) a security manager and System.getSecurityManager()
> returns null. And if I "really, really" don't want a security manager, how
> can I say so, other than executing System.setSecurityManager(null)?
>
> On Fri, May 31, 2019 at 9:03 PM Bryan Pendleton <
> bpendleton.derby@gmail.com> wrote:
>
>> I feel like you're probably hitting DERBY-6648:
>>
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_DERBY-2D6648&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=Hutrm_MTSwNDtab2E2bMNCxLo0eDRIZrB1B5x2AL-1k&e=
>>
>> Even if you don't install a Java security manager (perhaps especially
>> if that is so), you get a security manager anyway.
>>
>> If you really, really don't want a security manager, you can say so.
>>
>> Or, bite the bullet and define a security manager, and start
>> assembling the precise security policy that is right for your
>> particular situation, as in:
>>
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__stackoverflow.com_a_52392015_193453&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=uackNzNN36boV8-m6DGN7VJOPwN4tnfuUwgQBgOmv0I&e=
>> ,
>>
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__db.apache.org_derby_docs_10.13_security_csecembeddedperms.html&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=53JhmaGEsK92jA_W0ofwQrvGLuaZ-TLXOiDawh9P3rQ&e=
>> , etc.
>>
>> bryan
>>
>> On Fri, May 31, 2019 at 11:58 AM Besosa, Michael
>> <michael.besosa@pearson.com> wrote:
>> >
>> > We have an application that is using the Derby 10.12.1.1 embedded
>> engine and Java 8. When the app executes the SELECT shown below, we see an
>> exception with the message 'access denied
>> org.apache.derby.security.SystemPermission( "engine", "usederbyinternals"
>> ): java.security.AccessControlException'.
>> >
>> > This application does not install a SecurityManager. I'm at a bit of a
>> loss about how to fix this.
>> >
>> > The query:
>> >
>> > SELECT
>> >         DeliveryEvent.AppointmentStart,
>> >         DeliveryEvent.Attempt,
>> >         DeliveryEvent.BiometricCheckTypeCode,
>> >         DeliveryEvent.CandidateID,
>> >         DeliveryEvent.DeliveryStatus,
>> >         DeliveryEvent.ExamLanguageID,
>> >         DeliveryEvent.HasNoTestListBlock,
>> >         DeliveryEvent.IsDisconnectedIBTDelivery,
>> >         DeliveryEvent.NextAppointmentID,
>> >         DeliveryEvent.ProcessStateCode,
>> >         DeliveryEvent.ProctorID,
>> >         DeliveryEvent.RegisteredExamVersionID,
>> >         DeliveryEvent.RegistrationID,
>> >         DeliveryEvent.SelectedFormID,
>> >         DeliveryEvent.SelectedExamVersionID,
>> >         DeliveryEvent.TerminationDate,
>> >         DeliveryEvent.TimeLimit,
>> >         DeliveryEvent.TimeLimitAdjust,
>> >         Clients.Client_ID AS ClientID,
>> >         Clients.ClientName AS ClientName,
>> >         ExamSeries.Code AS ExamSeriesCode,
>> >         ExamVersion.DriverID AS DriverID,
>> >         ExamLanguage.Title AS TranslatedTitle,
>> >         (SELECT AppUser.FirstName || ' ' || AppUser.LastName FROM
>> ((((((AssetAppUser INNER JOIN AppUser ON AssetAppUser.AppUserID =
>> AppUser.ID) INNER JOIN AssetUsage ON AssetAppUser.AssetID =
>> AssetUsage.AssetID) INNER JOIN Asset ON AssetUsage.AssetID = Asset.ID)
>> INNER JOIN AssetType ON Asset.AssetTypeID = AssetType.ID) INNER JOIN
>> AssetTypeProperty ON AssetType.ID = AssetTypeProperty.AssetTypeID AND
>> AssetTypeProperty.AssetTypePropertyValue = 'Examiner') INNER JOIN
>> AssetTypePropertyKey ON AssetTypeProperty.AssetTypePropertyKeyID =
>> AssetTypePropertyKey.AssetTypePropertyKeyID AND
>> AssetTypePropertyKey.AssetTypePropertyKeyName = 'AssetSubClass') WHERE
>> (AssetUsage.OrderItemID = DeliveryEvent.RegistrationID) FETCH FIRST 1 ROWS
>> ONLY) AS ExaminerName,
>> >         (SELECT Asset.Name FROM ((((Asset INNER JOIN AssetType ON
>> Asset.AssetTypeID = AssetType.ID) INNER JOIN AssetUsage ON Asset.ID =
>> AssetUsage.AssetID) INNER JOIN AssetTypeProperty ON AssetType.ID =
>> AssetTypeProperty.AssetTypeID AND AssetTypeProperty.AssetTypePropertyValue
>> = 'Vehicle') INNER JOIN AssetTypePropertyKey ON
>> AssetTypeProperty.AssetTypePropertyKeyID =
>> AssetTypePropertyKey.AssetTypePropertyKeyID AND
>> AssetTypePropertyKey.AssetTypePropertyKeyName = 'AssetSubClass') WHERE
>> (AssetUsage.OrderItemID = DeliveryEvent.RegistrationID) AND
>> (AssetType.AssetClassCode IN
>> ('Facility','Workstation','CiscoRack','TaskSchedule')) FETCH FIRST 1 ROWS
>> ONLY) AS VehicleName,
>> >         (SELECT COUNT(*) FROM (Accommodation INNER JOIN
>> AccommodationStatus ON Accommodation.AccommodationStatusID =
>> AccommodationStatus.AccommodationStatusID AND
>> AccommodationStatus.StatusCode = 'Granted') WHERE
>> (Accommodation.OrderItemID = DeliveryEvent.RegistrationID)) AS
>> AccommodationCount,
>> >         (SELECT COUNT(*) FROM DeliveryBlockedReason WHERE
>> (DeliveryBlockedReason.DeliveryEventID = DeliveryEvent.RegistrationID)) AS
>> ReasonsBlockedCount,
>> >         (SELECT DeliveryEventNext.RegistrationID FROM DeliveryEvent AS
>> DeliveryEventNext WHERE (DeliveryEvent.RegistrationID =
>> DeliveryEventNext.NextAppointmentID)) AS FirstDayRegistrationID
>> > FROM ((((
>> >         DeliveryEvent
>> >         INNER JOIN ExamLanguage
>> >                 ON DeliveryEvent.ExamLanguageID = ExamLanguage.ID)
>> >         INNER JOIN ExamSeriesON ExamLanguage.ExamSeriesID =
>> ExamSeries.ID)
>> > INNER JOIN Clients
>> > ON ExamSeries.Client_ID = Clients.Client_ID)
>> > LEFT JOIN ExamVersion
>> > ON DeliveryEvent.RegisteredExamVersionID = ExamVersion.ID)
>> > WHERE
>> > (DeliveryEvent.RegistrationID = 5)
>>
>

Mime
View raw message