Ah, good point. Yes, I missed that, and yes I was thinking about the network server.
Sorry about that. bryan On Mon, Jun 3, 2019 at 8:37 AM Besosa, Michael <[email protected]> wrote: > > Thinking about it a bit more, I wonder if you missed that this is using the > embedded engine, not the network server. I know that the network server > installs a security manager by default, and that there is a system property > that can be set to disable that behavior. But that's not applicable in our > situation. > > On Mon, Jun 3, 2019 at 8:52 AM Besosa, Michael <[email protected]> > wrote: >> >> I don't understand what you mean when you say, "Even if you don't install a >> Java security manager...you get a security manager anyway." I don't have >> (haven't installed) a security manager and System.getSecurityManager() >> returns null. And if I "really, really" don't want a security manager, how >> can I say so, other than executing System.setSecurityManager(null)? >> >> On Fri, May 31, 2019 at 9:03 PM Bryan Pendleton <[email protected]> >> wrote: >>> >>> I feel like you're probably hitting DERBY-6648: >>> https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_DERBY-2D6648&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=Hutrm_MTSwNDtab2E2bMNCxLo0eDRIZrB1B5x2AL-1k&e= >>> >>> Even if you don't install a Java security manager (perhaps especially >>> if that is so), you get a security manager anyway. >>> >>> If you really, really don't want a security manager, you can say so. >>> >>> Or, bite the bullet and define a security manager, and start >>> assembling the precise security policy that is right for your >>> particular situation, as in: >>> https://urldefense.proofpoint.com/v2/url?u=https-3A__stackoverflow.com_a_52392015_193453&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=uackNzNN36boV8-m6DGN7VJOPwN4tnfuUwgQBgOmv0I&e= >>> , >>> https://urldefense.proofpoint.com/v2/url?u=https-3A__db.apache.org_derby_docs_10.13_security_csecembeddedperms.html&d=DwIFaQ&c=0YLnzTkWOdJlub_y7qAx8Q&r=Wl0HX9k4fXSgP8TsHwfE2EzboRhWUZIw3D92MjZ0k8A&m=jAZ8M-UCTv0Ms-FrB1NaYA62mIGrbUhHirW9AxhEyxw&s=53JhmaGEsK92jA_W0ofwQrvGLuaZ-TLXOiDawh9P3rQ&e= >>> , etc. >>> >>> bryan >>> >>> On Fri, May 31, 2019 at 11:58 AM Besosa, Michael >>> <[email protected]> wrote: >>> > >>> > We have an application that is using the Derby 10.12.1.1 embedded engine >>> > and Java 8. When the app executes the SELECT shown below, we see an >>> > exception with the message 'access denied >>> > org.apache.derby.security.SystemPermission( "engine", "usederbyinternals" >>> > ): java.security.AccessControlException'. >>> > >>> > This application does not install a SecurityManager. I'm at a bit of a >>> > loss about how to fix this. >>> > >>> > The query: >>> > >>> > SELECT >>> > DeliveryEvent.AppointmentStart, >>> > DeliveryEvent.Attempt, >>> > DeliveryEvent.BiometricCheckTypeCode, >>> > DeliveryEvent.CandidateID, >>> > DeliveryEvent.DeliveryStatus, >>> > DeliveryEvent.ExamLanguageID, >>> > DeliveryEvent.HasNoTestListBlock, >>> > DeliveryEvent.IsDisconnectedIBTDelivery, >>> > DeliveryEvent.NextAppointmentID, >>> > DeliveryEvent.ProcessStateCode, >>> > DeliveryEvent.ProctorID, >>> > DeliveryEvent.RegisteredExamVersionID, >>> > DeliveryEvent.RegistrationID, >>> > DeliveryEvent.SelectedFormID, >>> > DeliveryEvent.SelectedExamVersionID, >>> > DeliveryEvent.TerminationDate, >>> > DeliveryEvent.TimeLimit, >>> > DeliveryEvent.TimeLimitAdjust, >>> > Clients.Client_ID AS ClientID, >>> > Clients.ClientName AS ClientName, >>> > ExamSeries.Code AS ExamSeriesCode, >>> > ExamVersion.DriverID AS DriverID, >>> > ExamLanguage.Title AS TranslatedTitle, >>> > (SELECT AppUser.FirstName || ' ' || AppUser.LastName FROM >>> > ((((((AssetAppUser INNER JOIN AppUser ON AssetAppUser.AppUserID = >>> > AppUser.ID) INNER JOIN AssetUsage ON AssetAppUser.AssetID = >>> > AssetUsage.AssetID) INNER JOIN Asset ON AssetUsage.AssetID = Asset.ID) >>> > INNER JOIN AssetType ON Asset.AssetTypeID = AssetType.ID) INNER JOIN >>> > AssetTypeProperty ON AssetType.ID = AssetTypeProperty.AssetTypeID AND >>> > AssetTypeProperty.AssetTypePropertyValue = 'Examiner') INNER JOIN >>> > AssetTypePropertyKey ON AssetTypeProperty.AssetTypePropertyKeyID = >>> > AssetTypePropertyKey.AssetTypePropertyKeyID AND >>> > AssetTypePropertyKey.AssetTypePropertyKeyName = 'AssetSubClass') WHERE >>> > (AssetUsage.OrderItemID = DeliveryEvent.RegistrationID) FETCH FIRST 1 >>> > ROWS ONLY) AS ExaminerName, >>> > (SELECT Asset.Name FROM ((((Asset INNER JOIN AssetType ON >>> > Asset.AssetTypeID = AssetType.ID) INNER JOIN AssetUsage ON Asset.ID = >>> > AssetUsage.AssetID) INNER JOIN AssetTypeProperty ON AssetType.ID = >>> > AssetTypeProperty.AssetTypeID AND >>> > AssetTypeProperty.AssetTypePropertyValue = 'Vehicle') INNER JOIN >>> > AssetTypePropertyKey ON AssetTypeProperty.AssetTypePropertyKeyID = >>> > AssetTypePropertyKey.AssetTypePropertyKeyID AND >>> > AssetTypePropertyKey.AssetTypePropertyKeyName = 'AssetSubClass') WHERE >>> > (AssetUsage.OrderItemID = DeliveryEvent.RegistrationID) AND >>> > (AssetType.AssetClassCode IN >>> > ('Facility','Workstation','CiscoRack','TaskSchedule')) FETCH FIRST 1 ROWS >>> > ONLY) AS VehicleName, >>> > (SELECT COUNT(*) FROM (Accommodation INNER JOIN >>> > AccommodationStatus ON Accommodation.AccommodationStatusID = >>> > AccommodationStatus.AccommodationStatusID AND >>> > AccommodationStatus.StatusCode = 'Granted') WHERE >>> > (Accommodation.OrderItemID = DeliveryEvent.RegistrationID)) AS >>> > AccommodationCount, >>> > (SELECT COUNT(*) FROM DeliveryBlockedReason WHERE >>> > (DeliveryBlockedReason.DeliveryEventID = DeliveryEvent.RegistrationID)) >>> > AS ReasonsBlockedCount, >>> > (SELECT DeliveryEventNext.RegistrationID FROM DeliveryEvent AS >>> > DeliveryEventNext WHERE (DeliveryEvent.RegistrationID = >>> > DeliveryEventNext.NextAppointmentID)) AS FirstDayRegistrationID >>> > FROM (((( >>> > DeliveryEvent >>> > INNER JOIN ExamLanguage >>> > ON DeliveryEvent.ExamLanguageID = ExamLanguage.ID) >>> > INNER JOIN ExamSeriesON ExamLanguage.ExamSeriesID = ExamSeries.ID) >>> > INNER JOIN Clients >>> > ON ExamSeries.Client_ID = Clients.Client_ID) >>> > LEFT JOIN ExamVersion >>> > ON DeliveryEvent.RegisteredExamVersionID = ExamVersion.ID) >>> > WHERE >>> > (DeliveryEvent.RegistrationID = 5)
