[ https://issues.apache.org/jira/browse/DERBY-6741?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14625693#comment-14625693 ]
Bryan Pendleton commented on DERBY-6741: ---------------------------------------- Perhaps: public void test_002_EmbedConnection() throws Exception { Connection conn = getConnection(); try { ((EmbedConnection) conn).getContextManager(); fail( "Should have raised an AccessControlException" ); } catch (AccessControlException e) { println( "Caught an AccessControlException" ); } } should be: public void test_002_EmbedConnection() throws Exception { try { Connection conn = getConnection(); ((EmbedConnection) conn).getContextManager(); fail( "Should have raised an AccessControlException" ); } catch (AccessControlException e) { println( "Caught an AccessControlException" ); } } > User code can get the ContextManager from an EmbedConnection > ------------------------------------------------------------ > > Key: DERBY-6741 > URL: https://issues.apache.org/jira/browse/DERBY-6741 > Project: Derby > Issue Type: Bug > Components: JDBC, Services > Reporter: Rick Hillegas > Assignee: Rick Hillegas > Fix For: 10.12.0.0 > > Attachments: derby-6741-01-aa-usederbyinternals.diff, derby.log, > error-stacktrace.out > > > EmbedConnection.getContextManager() is a public method. Exposing internals > like the ContextManager is a security risk. -- This message was sent by Atlassian JIRA (v6.3.4#6332)