Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.0, 1.1, 1.2, 1.3, 1.3.1, 1.4, 1.4.1, 2.0.0-alpha-1, 2.0.0-alpha-2, 2.0.0-beta-1, 2.0.0-beta-2, 2.0-RC1, 2.0-RC2, 2.0
-
None
-
None
Description
When configuring Ivy through IvySettings, a call to System.getProperties() is made.
System property calls are typically disabled through the security manager in shared web containers which results in the following stack trace:
java.security.AccessControlException: access denied
(java.util.PropertyPermission * read,write)
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
java.security.AccessController.checkPermission(AccessController.java:546)
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1252)
java.lang.System.getProperties(System.java:582)
org.apache.ivy.core.settings.IvySettings.addSystemProperties(IvySettings.java:294)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:290)
org.apache.ivy.core.settings.IvySettings.<init>(IvySettings.java:212)
Since there is no out-of-the-box workaround, Ivy cannot be used in such an environment.
Ivy could be made more web app friendly by providing a flag to disable System property lookups.
It would be useful to configure this flag through API on the IvySettings class.
Any other usage of system properties outside of the IvySettings file should also be controllable.