This is an automated email from the ASF dual-hosted git repository.
desruisseaux pushed a commit to branch geoapi-4.0
in repository https://gitbox.apache.org/repos/asf/sis.git
commit b62ce391e5dff43e4bd04a724c68584f8b28f69f
Author: Martin Desruisseaux <martin.desruisse...@geomatys.com>
AuthorDate: Thu May 5 18:30:58 2022 +0200
Remove all usage of `java.util.security.AccessController` because this
class is deprecated since Java 17.
The `src/main/config/security.policy` file is deleted.
https://openjdk.java.net/jeps/411
https://issues.apache.org/jira/browse/SIS-525
---
.../java/org/apache/sis/console/package-info.java | 2 +-
.../sis/coverage/grid/GridCoverageProcessor.java | 4 +-
.../sis/internal/metadata/sql/Initializer.java | 12 +--
.../sis/internal/metadata/sql/LocalDataSource.java | 12 +--
.../org/apache/sis/metadata/MetadataStandard.java | 5 +-
.../apache/sis/geometry/GeneralDirectPosition.java | 9 +-
.../org/apache/sis/parameter/TensorParameters.java | 5 +-
.../referencing/factory/GeodeticObjectFactory.java | 8 +-
.../transform/DefaultMathTransformFactory.java | 8 +-
.../apache/sis/internal/system/DataDirectory.java | 4 +-
.../apache/sis/internal/util/FinalFieldSetter.java | 112 ++++++++-------------
.../java/org/apache/sis/measure/RangeFormat.java | 5 +-
.../java/org/apache/sis/measure/UnitFormat.java | 5 +-
.../main/java/org/apache/sis/util/Exceptions.java | 3 +-
ide-project/NetBeans/nbproject/project.properties | 2 -
src/main/config/security.policy | 51 ----------
16 files changed, 61 insertions(+), 186 deletions(-)
diff --git
a/application/sis-console/src/main/java/org/apache/sis/console/package-info.java
b/application/sis-console/src/main/java/org/apache/sis/console/package-info.java
index f37551946e..a4df08cce3 100644
---
a/application/sis-console/src/main/java/org/apache/sis/console/package-info.java
+++
b/application/sis-console/src/main/java/org/apache/sis/console/package-info.java
@@ -43,7 +43,7 @@
* The {@code com.sun.management.jmxremote.local.only} property is recommended
if the remote JVM is an other
* JVM instance running on the local machine. Otherwise this property can be
omitted for debugging purpose.
* For production environment, see the security settings documented on the
- * <a
href="http://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html";>Monitoring
+ * <a
href="https://docs.oracle.com/en/java/javase/18/management/monitoring-and-management-using-jmx-technology.html";>Monitoring
* and Management Using JMX Technology</a> page.
*
* @author Martin Desruisseaux (Geomatys)
diff --git
a/core/sis-feature/src/main/java/org/apache/sis/coverage/grid/GridCoverageProcessor.java
b/core/sis-feature/src/main/java/org/apache/sis/coverage/grid/GridCoverageProcessor.java
index c631458e9b..fd4944689c 100644
---
a/core/sis-feature/src/main/java/org/apache/sis/coverage/grid/GridCoverageProcessor.java
+++
b/core/sis-feature/src/main/java/org/apache/sis/coverage/grid/GridCoverageProcessor.java
@@ -18,7 +18,6 @@ package org.apache.sis.coverage.grid;
import java.awt.Shape;
import java.util.Objects;
-import java.security.AccessController;
import java.awt.image.RenderedImage;
import javax.measure.Quantity;
import org.opengis.util.FactoryException;
@@ -311,8 +310,7 @@ public class GridCoverageProcessor implements Cloneable {
public GridCoverageProcessor clone() {
try {
final GridCoverageProcessor clone = (GridCoverageProcessor)
super.clone();
- AccessController.doPrivileged(new
FinalFieldSetter<>(GridCoverageProcessor.class, "imageProcessor"))
- .set(clone, imageProcessor.clone());
+ FinalFieldSetter.set(GridCoverageProcessor.class,
"imageProcessor", clone, imageProcessor.clone());
return clone;
} catch (CloneNotSupportedException e) {
throw new AssertionError(e);
diff --git
a/core/sis-metadata/src/main/java/org/apache/sis/internal/metadata/sql/Initializer.java
b/core/sis-metadata/src/main/java/org/apache/sis/internal/metadata/sql/Initializer.java
index d80a91e950..c3896c6b9c 100644
---
a/core/sis-metadata/src/main/java/org/apache/sis/internal/metadata/sql/Initializer.java
+++
b/core/sis-metadata/src/main/java/org/apache/sis/internal/metadata/sql/Initializer.java
@@ -22,8 +22,6 @@ import java.util.concurrent.Callable;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.LogRecord;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import javax.sql.DataSource;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
@@ -369,15 +367,7 @@ public abstract class Initializer {
*/
public static boolean hasJNDI() {
return NamingManager.hasInitialContextFactoryBuilder() ||
- AccessController.doPrivileged((PrivilegedAction<Boolean>)
Initializer::isContextDefined);
- }
-
- /**
- * Returns whether an initial context factory is specified.
- * Defined as a separated method for clearer stack trace in case of
security exception.
- */
- private static Boolean isContextDefined() {
- return System.getProperty(Context.INITIAL_CONTEXT_FACTORY) != null;
+ System.getProperty(Context.INITIAL_CONTEXT_FACTORY) != null;
}
/**
diff --git
a/core/sis-metadata/src/main/java/org/apache/sis/internal/metadata/sql/LocalDataSource.java
b/core/sis-metadata/src/main/java/org/apache/sis/internal/metadata/sql/LocalDataSource.java
index 810556f405..2e9b3c081d 100644
---
a/core/sis-metadata/src/main/java/org/apache/sis/internal/metadata/sql/LocalDataSource.java
+++
b/core/sis-metadata/src/main/java/org/apache/sis/internal/metadata/sql/LocalDataSource.java
@@ -30,8 +30,6 @@ import java.nio.file.Paths;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.logging.LogRecord;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import org.apache.sis.util.ArraysExt;
import org.apache.sis.util.logging.Logging;
import org.apache.sis.internal.system.Loggers;
@@ -110,7 +108,7 @@ public final class LocalDataSource implements DataSource,
Comparable<LocalDataSo
final String home;
switch (dialect) {
// More cases may be added in the future.
- case DERBY: home =
AccessController.doPrivileged((PrivilegedAction<String>)
LocalDataSource::getDerbyHome); break;
+ case DERBY: home = System.getProperty(DERBY_HOME_KEY); break;
default: home = null; break;
}
final String dbFile;
@@ -164,14 +162,6 @@ public final class LocalDataSource implements DataSource,
Comparable<LocalDataSo
return sources;
}
- /**
- * Returns the home directory of Derby databases, or {@code null} if none.
- * Defined as a separated method for clearer stack trace in case of
security exception.
- */
- private static String getDerbyHome() {
- return System.getProperty(DERBY_HOME_KEY);
- }
-
/**
* Wraps an existing data source for adding a shutdown method to it.
* This method is used for source of data embedded in a separated JAR file.
diff --git
a/core/sis-metadata/src/main/java/org/apache/sis/metadata/MetadataStandard.java
b/core/sis-metadata/src/main/java/org/apache/sis/metadata/MetadataStandard.java
index b313c74c02..3ac23f942c 100644
---
a/core/sis-metadata/src/main/java/org/apache/sis/metadata/MetadataStandard.java
+++
b/core/sis-metadata/src/main/java/org/apache/sis/metadata/MetadataStandard.java
@@ -27,7 +27,6 @@ import java.io.IOException;
import java.io.Serializable;
import java.io.ObjectInputStream;
import java.io.InvalidClassException;
-import java.security.AccessController;
import org.opengis.metadata.Identifier;
import org.opengis.metadata.citation.Citation;
import org.opengis.metadata.ExtendedElementInformation;
@@ -91,7 +90,7 @@ import static
org.apache.sis.util.ArgumentChecks.ensureNonNullElement;
* by a large amount of {@link ModifiableMetadata}.
*
* @author Martin Desruisseaux (Geomatys)
- * @version 1.0
+ * @version 1.2
*
* @see AbstractMetadata
*
@@ -1081,7 +1080,7 @@ public class MetadataStandard implements Serializable {
throws InvalidClassException
{
try {
- AccessController.doPrivileged(new FinalFieldSetter<>(classe,
name)).set(instance, new ConcurrentHashMap<>());
+ FinalFieldSetter.set(classe, name, instance, new
ConcurrentHashMap<>());
} catch (ReflectiveOperationException e) {
throw FinalFieldSetter.readFailure(e);
}
diff --git
a/core/sis-referencing/src/main/java/org/apache/sis/geometry/GeneralDirectPosition.java
b/core/sis-referencing/src/main/java/org/apache/sis/geometry/GeneralDirectPosition.java
index 642ba0e7b4..0b844548ff 100644
---
a/core/sis-referencing/src/main/java/org/apache/sis/geometry/GeneralDirectPosition.java
+++
b/core/sis-referencing/src/main/java/org/apache/sis/geometry/GeneralDirectPosition.java
@@ -25,8 +25,6 @@ import java.util.Arrays;
import java.util.Objects;
import java.io.Serializable;
import java.lang.reflect.Field;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import org.opengis.geometry.DirectPosition;
import org.opengis.geometry.MismatchedDimensionException;
import org.opengis.referencing.crs.CoordinateReferenceSystem;
@@ -52,7 +50,7 @@ import static
org.apache.sis.util.ArgumentChecks.ensureDimensionMatches;
* on the value of the containing object's {@code CoordinateReferenceSystem}.
*
* @author Martin Desruisseaux (IRD, Geomatys)
- * @version 1.0
+ * @version 1.2
*
* @see DirectPosition1D
* @see DirectPosition2D
@@ -294,10 +292,7 @@ public class GeneralDirectPosition extends
AbstractDirectPosition implements Ser
*/
static Field getCoordinatesField(final Class<?> type) throws
NoSuchFieldException {
final Field field = type.getDeclaredField("coordinates");
- AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
- field.setAccessible(true);
- return null;
- });
+ field.setAccessible(true);
return field;
}
diff --git
a/core/sis-referencing/src/main/java/org/apache/sis/parameter/TensorParameters.java
b/core/sis-referencing/src/main/java/org/apache/sis/parameter/TensorParameters.java
index 9c25b9f255..e235a49e4d 100644
---
a/core/sis-referencing/src/main/java/org/apache/sis/parameter/TensorParameters.java
+++
b/core/sis-referencing/src/main/java/org/apache/sis/parameter/TensorParameters.java
@@ -25,7 +25,6 @@ import java.util.Objects;
import java.io.IOException;
import java.io.Serializable;
import java.io.ObjectInputStream;
-import java.security.AccessController;
import org.opengis.parameter.ParameterValue;
import org.opengis.parameter.ParameterValueGroup;
import org.opengis.parameter.ParameterDescriptor;
@@ -139,7 +138,7 @@ import org.apache.sis.util.resources.Errors;
* }
*
* @author Martin Desruisseaux (IRD, Geomatys)
- * @version 0.6
+ * @version 1.2
*
* @param <E> the type of tensor element values.
*
@@ -835,7 +834,7 @@ public class TensorParameters<E> implements Serializable {
private void readObject(final ObjectInputStream in) throws IOException,
ClassNotFoundException {
in.defaultReadObject();
try {
- AccessController.doPrivileged(new
FinalFieldSetter<>(TensorParameters.class, "parameters")).set(this,
createCache());
+ FinalFieldSetter.set(TensorParameters.class, "parameters", this,
createCache());
} catch (ReflectiveOperationException e) {
throw FinalFieldSetter.readFailure(e);
}
diff --git
a/core/sis-referencing/src/main/java/org/apache/sis/referencing/factory/GeodeticObjectFactory.java
b/core/sis-referencing/src/main/java/org/apache/sis/referencing/factory/GeodeticObjectFactory.java
index 45e1e033b3..55638bf231 100644
---
a/core/sis-referencing/src/main/java/org/apache/sis/referencing/factory/GeodeticObjectFactory.java
+++
b/core/sis-referencing/src/main/java/org/apache/sis/referencing/factory/GeodeticObjectFactory.java
@@ -26,8 +26,6 @@ import java.util.logging.Logger;
import java.util.logging.LogRecord;
import java.util.concurrent.atomic.AtomicReference;
import java.lang.reflect.Constructor;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import javax.measure.Unit;
import javax.measure.quantity.Angle;
import javax.measure.quantity.Length;
@@ -1656,11 +1654,7 @@ public class GeodeticObjectFactory extends
AbstractFactory implements CRSFactory
if (c == null) {
c =
Class.forName("org.apache.sis.io.wkt.GeodeticObjectParser").asSubclass(Parser.class)
.getConstructor(Map.class, ObjectFactory.class,
MathTransformFactory.class);
- final Constructor<?> cp = c; // For allowing use in inner
class or lambda expression.
- AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
- cp.setAccessible(true);
- return null;
- });
+ c.setAccessible(true);
parserConstructor = c;
}
p = c.newInstance(defaultProperties, this,
getMathTransformFactory());
diff --git
a/core/sis-referencing/src/main/java/org/apache/sis/referencing/operation/transform/DefaultMathTransformFactory.java
b/core/sis-referencing/src/main/java/org/apache/sis/referencing/operation/transform/DefaultMathTransformFactory.java
index 6c984b80df..46af41fccb 100644
---
a/core/sis-referencing/src/main/java/org/apache/sis/referencing/operation/transform/DefaultMathTransformFactory.java
+++
b/core/sis-referencing/src/main/java/org/apache/sis/referencing/operation/transform/DefaultMathTransformFactory.java
@@ -26,8 +26,6 @@ import java.util.concurrent.atomic.AtomicReference;
import java.util.logging.Level;
import java.util.logging.LogRecord;
import java.lang.reflect.Constructor;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.io.Serializable;
import javax.measure.quantity.Length;
import javax.measure.Unit;
@@ -1544,11 +1542,7 @@ public class DefaultMathTransformFactory extends
AbstractFactory implements Math
if (c == null) {
c =
Class.forName("org.apache.sis.io.wkt.MathTransformParser").asSubclass(Parser.class)
.getConstructor(MathTransformFactory.class);
- final Constructor<?> cp = c; // For allowing use in inner
class or lambda expression.
- AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
- cp.setAccessible(true);
- return null;
- });
+ c.setAccessible(true);
parserConstructor = c;
}
p = c.newInstance(this);
diff --git
a/core/sis-utility/src/main/java/org/apache/sis/internal/system/DataDirectory.java
b/core/sis-utility/src/main/java/org/apache/sis/internal/system/DataDirectory.java
index 164da27bff..338acca688 100644
---
a/core/sis-utility/src/main/java/org/apache/sis/internal/system/DataDirectory.java
+++
b/core/sis-utility/src/main/java/org/apache/sis/internal/system/DataDirectory.java
@@ -23,8 +23,6 @@ import java.nio.file.Paths;
import java.nio.file.InvalidPathException;
import java.util.logging.Level;
import java.util.logging.LogRecord;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import org.apache.sis.util.logging.Logging;
import org.apache.sis.util.resources.Messages;
@@ -142,7 +140,7 @@ public enum DataDirectory {
* @since 0.8
*/
public static String getenv() throws SecurityException {
- return AccessController.doPrivileged((PrivilegedAction<String>) () ->
System.getenv(ENV));
+ return System.getenv(ENV);
}
/**
diff --git
a/core/sis-utility/src/main/java/org/apache/sis/internal/util/FinalFieldSetter.java
b/core/sis-utility/src/main/java/org/apache/sis/internal/util/FinalFieldSetter.java
index 929767aced..8814afd3e5 100644
---
a/core/sis-utility/src/main/java/org/apache/sis/internal/util/FinalFieldSetter.java
+++
b/core/sis-utility/src/main/java/org/apache/sis/internal/util/FinalFieldSetter.java
@@ -18,13 +18,11 @@ package org.apache.sis.internal.util;
import java.lang.reflect.Field;
import java.io.InvalidClassException;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import org.apache.sis.internal.system.Modules;
/**
- * Convenience methods for setting the final field of an object with
privileged permissions.
+ * Convenience methods for setting the final field of an object.
* This class shall be used only after deserialization or cloning of Apache
SIS objects.
* The usage pattern is:
*
@@ -34,104 +32,78 @@ import org.apache.sis.internal.system.Modules;
* in.defaultReadObject();
* Object someValue = ...;
* try {
- * AccessController.doPrivileged(new
FinalFieldSetter<>(MyClass.class, "myField")).set(this, someValue);
+ * FinalFieldSetter.set(MyClass.class, "myField", this, someValue);
* } catch (ReflectiveOperationException e) {
* throw FinalFieldSetter.readFailure(e);
* }
* }
* }
*
+ * <p><b>On clone:</b></p>
+ * Same as above but invoking {@code cloneFailure(e)} if the operation failed.
+ * The exception to be thrown is not the same.
+ *
+ * <h2>Historical note</h2>
+ * Previous version was implementing {@code
PrivilegedAction<FinalFieldSetter<T>>}
+ * for working in the context of a security manager. This feature has been
removed
+ * since {@code java.security.AccessController} has been deprecated in Java 17.
+ *
* @author Martin Desruisseaux (Geomatys)
- * @version 1.0
+ * @version 1.2
*
- * @param <T> the type of object in which to set a final field. Should be
Apache SIS classes only.
+ * @see <a href="https://openjdk.java.net/jeps/411";>JEP-411</a>
+ * @see <a href="https://issues.apache.org/jira/browse/SIS-525";>SIS-525</a>
*
* @since 1.0
* @module
*/
-public final class FinalFieldSetter<T> implements
PrivilegedAction<FinalFieldSetter<T>> {
+public final class FinalFieldSetter {
/**
- * The field to make accessible in a privileged context.
+ * Do not allow instantiation of this class.
*/
- private final Field field;
-
- /**
- * A second field to make accessible, or {@code null} if none.
- */
- private Field second;
-
- /**
- * Creates a new setter for a final field.
- *
- * <div class="note"><b>API note:</b>
- * this constructor is executed in a non-privileged context because {@link
SecurityException} may happen here
- * only if the given class was loaded with a different class loader than
this {@code FinalFieldSetter} class.
- * If such situation happen, then the given class is probably not an
Apache SIS one.</div>
- *
- * @param classe the Apache SIS class of object for which to set a final
field.
- * @param field the name of the final field for which to set a value.
- * @throws NoSuchFieldException if the given field has not been found.
- * @throws SecurityException may happen if the given class has been loaded
with an unexpected class loader.
- */
- public FinalFieldSetter(final Class<T> classe, final String field) throws
NoSuchFieldException {
- assert classe.getName().startsWith(Modules.CLASSNAME_PREFIX) : classe;
- this.field = classe.getDeclaredField(field);
- }
-
- /**
- * Creates a new setter for two final fields.
- *
- * @param classe the Apache SIS class of object for which to set a final
field.
- * @param field the name of the first final field for which to set a
value.
- * @param second the name of the second final field for which to set a
value.
- * @throws NoSuchFieldException if the given field has not been found.
- * @throws SecurityException may happen if the given class has been loaded
with an unexpected class loader.
- */
- public FinalFieldSetter(final Class<T> classe, final String field, final
String second) throws NoSuchFieldException {
- this(classe, field);
- this.second = classe.getDeclaredField(second);
- }
-
- /**
- * Makes the final fields accessible.
- * This is a callback for {@link
AccessController#doPrivileged(PrivilegedAction)}.
- * That call must be done from the caller, not from this {@code
FinalFieldSetter} class,
- * because {@link AccessController} check the caller for determining the
permissions.
- *
- * @return {@code this}.
- * @throws SecurityException if write permission has been denied.
- */
- @Override
- public FinalFieldSetter<T> run() throws SecurityException {
- field.setAccessible(true);
- if (second != null) {
- second.setAccessible(true);
- }
- return this;
+ private FinalFieldSetter() {
}
/**
* Sets the value of the final field.
*
+ * @param <T> the type of object in which to set a final field.
Should be Apache SIS classes only.
+ * @param classe the Apache SIS class of object for which to set a
final field.
+ * @param field the name of the final field for which to set a value.
* @param instance the instance on which to set the value.
* @param value the value to set.
- * @throws IllegalAccessException may happen if {@link #run()} has not
been invoked before this method.
+ * @throws NoSuchFieldException if the given field has not been found.
+ * @throws IllegalAccessException if the value can not be set.
*/
- public final void set(final T instance, final Object value) throws
IllegalAccessException {
- field.set(instance, value);
+ public static <T> void set(final Class<T> classe, final String field,
final T instance,
+ final Object value) throws NoSuchFieldException,
IllegalAccessException
+ {
+ assert classe.getName().startsWith(Modules.CLASSNAME_PREFIX) : classe;
+ final Field f = classe.getDeclaredField(field);
+ f.setAccessible(true);
+ f.set(instance, value);
}
/**
* Sets the values of the final fields.
*
+ * @param <T> the type of object in which to set a final field.
Should be Apache SIS classes only.
+ * @param classe the Apache SIS class of object for which to set a
final field.
+ * @param field the name of the first final field for which to set a
value.
+ * @param second the name of the second final field for which to set a
value.
* @param instance the instance on which to set the value.
* @param value the value of the first field to set.
* @param more the value of the second field to set.
- * @throws IllegalAccessException may happen if {@link #run()} has not
been invoked before this method.
+ * @throws NoSuchFieldException if a given field has not been found.
+ * @throws IllegalAccessException if a value can not be set.
*/
- public final void set(final T instance, final Object value, final Object
more) throws IllegalAccessException {
- field .set(instance, value);
- second.set(instance, more);
+ public static <T> void set(final Class<T> classe, final String field,
final String second, final T instance,
+ final Object value, final Object more) throws
NoSuchFieldException, IllegalAccessException
+ {
+ set(classe, field, instance, value);
+ final Field f = classe.getDeclaredField(second);
+ f.setAccessible(true);
+ f.set(instance, more);
}
/**
diff --git
a/core/sis-utility/src/main/java/org/apache/sis/measure/RangeFormat.java
b/core/sis-utility/src/main/java/org/apache/sis/measure/RangeFormat.java
index bae274c8eb..bba92cd0d7 100644
--- a/core/sis-utility/src/main/java/org/apache/sis/measure/RangeFormat.java
+++ b/core/sis-utility/src/main/java/org/apache/sis/measure/RangeFormat.java
@@ -35,7 +35,6 @@ import java.time.format.FormatStyle;
import java.time.format.DateTimeFormatterBuilder;
import java.time.temporal.Temporal;
import java.time.Instant;
-import java.security.AccessController;
import javax.measure.Unit;
import org.apache.sis.util.Numbers;
import org.apache.sis.util.Localized;
@@ -1080,8 +1079,8 @@ public class RangeFormat extends Format implements
Localized {
public RangeFormat clone() {
final RangeFormat f = (RangeFormat) super.clone();
try {
- AccessController.doPrivileged(new
FinalFieldSetter<>(RangeFormat.class, "elementFormat", "unitFormat"))
- .set(f, elementFormat.clone(), unitFormat.clone());
+ FinalFieldSetter.set(RangeFormat.class, "elementFormat",
"unitFormat",
+ f, elementFormat.clone(), unitFormat.clone());
} catch (ReflectiveOperationException e) {
throw FinalFieldSetter.cloneFailure(e);
}
diff --git
a/core/sis-utility/src/main/java/org/apache/sis/measure/UnitFormat.java
b/core/sis-utility/src/main/java/org/apache/sis/measure/UnitFormat.java
index 73b551fd12..1beddf9926 100644
--- a/core/sis-utility/src/main/java/org/apache/sis/measure/UnitFormat.java
+++ b/core/sis-utility/src/main/java/org/apache/sis/measure/UnitFormat.java
@@ -30,7 +30,6 @@ import java.util.ResourceBundle;
import java.util.MissingResourceException;
import java.io.IOException;
import java.io.UncheckedIOException;
-import java.security.AccessController;
import javax.measure.Dimension;
import javax.measure.Unit;
import javax.measure.format.ParserException;
@@ -1650,8 +1649,8 @@ search: while ((i =
CharSequences.skipTrailingWhitespaces(symbols, start, i)
public UnitFormat clone() {
final UnitFormat f = (UnitFormat) super.clone();
try {
- AccessController.doPrivileged(new
FinalFieldSetter<>(UnitFormat.class, "unitToLabel", "labelToUnit"))
- .set(f, clone(unitToLabel), clone(labelToUnit));
+ FinalFieldSetter.set(UnitFormat.class, "unitToLabel",
"labelToUnit",
+ f, clone(unitToLabel), clone(labelToUnit));
} catch (ReflectiveOperationException e) {
throw FinalFieldSetter.cloneFailure(e);
}
diff --git a/core/sis-utility/src/main/java/org/apache/sis/util/Exceptions.java
b/core/sis-utility/src/main/java/org/apache/sis/util/Exceptions.java
index 13a90a3b33..f16fcbb03e 100644
--- a/core/sis-utility/src/main/java/org/apache/sis/util/Exceptions.java
+++ b/core/sis-utility/src/main/java/org/apache/sis/util/Exceptions.java
@@ -245,7 +245,8 @@ public final class Exceptions extends Static {
*
* <div class="note"><b>Note:</b>
* {@link java.security.PrivilegedActionException} is also a wrapper
exception, but is not included in above list
- * because it is used in very specific contexts.</div>
+ * because it is used in very specific contexts. Furthermore classes
related to security manager are deprecated
+ * since Java 17.</div>
*
* This method uses only the exception class and the absence of
{@linkplain Exception#getSuppressed() suppressed
* exceptions} as criterion; it does not verify if the exception messages
are the same.
diff --git a/ide-project/NetBeans/nbproject/project.properties
b/ide-project/NetBeans/nbproject/project.properties
index bf87962543..0a5f02e6b4 100644
--- a/ide-project/NetBeans/nbproject/project.properties
+++ b/ide-project/NetBeans/nbproject/project.properties
@@ -44,8 +44,6 @@ junit.forkmode = once
run.jvmargs = -enableassertions ${javafx.options} \
-Dorg.apache.sis.test.verbose=true
-Dorg.apache.sis.test.extensive=true \
-Djava.util.logging.config.file=${work.dir.to.root}/src/main/config/logging.properties
-# -Djava.security.manager
-Djava.security.policy=${work.dir.to.root}/src/main/config/security.policy \
-# -Dderby.drda.startNetworkServer=true
-Dderby.drda.portNumber=1527
#
# Source directories. The "project.root" path is relative to
"ide-project/NetBeans" directory.
diff --git a/src/main/config/security.policy b/src/main/config/security.policy
deleted file mode 100644
index 83a0ff257b..0000000000
--- a/src/main/config/security.policy
+++ /dev/null
@@ -1,51 +0,0 @@
-//
-// Security policy for running Apache SIS in a security-constrained
environment.
-// The first grant block below contains the permissions that are most likely to
-// be needed for SIS use. Other grant blocks contain permissions needed only if
-// the JavaDB is used or if MBeans monitoring is desired.
-//
-grant {
- permission java.lang.RuntimePermission "shutdownHooks";
- permission java.lang.RuntimePermission "getenv.SIS_DATA";
- permission java.util.PropertyPermission "java.naming.factory.initial",
"read";
- permission java.util.PropertyPermission "derby.system.home", "read";
- permission java.lang.RuntimePermission "getClassLoader";
-
- // Apache SIS suppresses those checks only for its own classes or fields.
- permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
-
- // Actually only need access to the ${SIS_DATA} directory.
- // The read and delete actions are needed for Derby and may be omitted if
another
- // database is used (e.g. PostgreSQL). Read operations may also be omitted
too if
- // another database is used and no other files (e.g. datum shift grids) is
needed.
- permission java.io.FilePermission "${user.home}${/}-", "read,write,delete";
-};
-
-
-
-//
-// Optional permissions for using the JavaDB embedded with Oracle JDK.
-// Some or all of those permissions can be omitted if a Derby driver
-// or another database driver (e.g. PostgreSQL) is on the classpath.
-//
-grant {
- permission java.io.FilePermission "${user.dir}${/}derby.log",
"read,write,delete";
- permission java.io.FilePermission
"${java.home}${/}..${/}db${/}lib${/}derby.jar", "read";
- permission java.util.PropertyPermission "java.home", "read";
- permission java.util.PropertyPermission "derby.*", "read";
- permission java.lang.RuntimePermission "getClassLoader";
- permission java.lang.RuntimePermission "createClassLoader";
- permission java.lang.RuntimePermission "setContextClassLoader";
-};
-
-
-
-//
-// Optional permissions. If those permissions are not granted, a message
-// will be logged at Level.CONFIG and JMX monitoring will be disabled.
-//
-grant {
- permission javax.management.MBeanServerPermission "createMBeanServer";
- permission javax.management.MBeanPermission
"org.apache.sis.internal.system.Supervisor#-[org.apache.sis:type=Supervisor]",
"registerMBean,unregisterMBean";
- permission javax.management.MBeanTrustPermission "register";
-};
