[
https://issues.apache.org/jira/browse/DERBY-857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12535760
]
Kathey Marsden commented on DERBY-857:
--------------------------------------
Investigating this further I find that I need to give the permission to the top
level program, for example if I use ij to connect I need to give the
SocketPermission to derbytools.jar. If I write a small program to connect. I
need to give that program permission. e.g.
grant codeBase "file:c:/kmarsden/repro/DERBY-857/-" {
permission java.net.SocketPermission "<machine>", "resolve,connect";
};
> LDAP user authentication fails under a security manager
> -------------------------------------------------------
>
> Key: DERBY-857
> URL: https://issues.apache.org/jira/browse/DERBY-857
> Project: Derby
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.2.1.6
> Reporter: Daniel John Debrunner
> Assignee: Kathey Marsden
> Attachments: derby-857_diff.txt
>
>
> Running the test jdbcapi/secureUsers1.sql with a security manager results in:
> > ERROR 08004: Connection refused : javax.naming.CommunicationException:
> > noSuchMachine:389 [Root exception is java.security.AccessControlException:
> > access denied (java.net.SocketPermission noSuchMachine resolve)]
> Adding this permission to the policy file has no effect. which means a priv
> block is required around the LDAP call.
> permission java.net.SocketPermission "noSuchMachine", "resolve";
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
