Last Ant Test Failure with JDK9 - JAXP Secure Processing and XSLT Extensions
Joe Wang
huizhe.wang at oracle.com
Mon Aug 29 18:43:41 UTC 2016
Hi Stefan,
If you are using the built-in extension functions, try turning on the
following feature:
private static final String ENABLE_EXTENSION_FUNCTIONS =
"http://www.oracle.com/xml/jaxp/properties/enableExtensionFunctions";
tf.setFeature(ENABLE_EXTENSION_FUNCTIONS, true);
If you are using user-extension functions, then add the following:
private static final String EXTENSION_CLASS_LOADER =
"jdk.xml.transform.extensionClassLoader";
tf.setAttribute(EXTENSION_CLASS_LOADER, cl);
where cl is the user-specified ClassLoader that will load external
extension function classes, e.g.
runWithPermission(() ->
Thread.currentThread().getContextClassLoader())
HTH, and please let me know if it works for you.
Thanks,
Joe
On 8/28/16, 10:03 AM, Stefan Bodewig wrote:
> Hi,
>
> I've been told to ask for advice here.
>
> Over the past few weeks we've adapted the Apache Ant code base to JDK 9
> well enough that Ant's own test suite works - almost.
>
> The onyl remaining issue really goes back to Java 1.7 and JAXP 1.4 when
> secure processing was introduced. If you are running an XSLT transform
> and it needs extensions - say the Xalan redirect extension - you can't
> do it if a SecurityManager has been set.
>
> https://bz.apache.org/bugzilla/show_bug.cgi?id=51668
>
> This is causing quite a few problems for users running Ant from within
> IDEs which typically install SecurityManagers. One such instance it
> Ant's own<junitreport> task which uses XSLT and the redirect extension.
>
> Back in Java 1.7 we "solved" the problem with a hack. We simply disable
> secure processing mode via reflection
>
> https://github.com/apache/ant/commit/fe829a9d0fa679df3ae2cc4803e5236ed2ed5c7b
>
> The module system now breaks the hack as we can no longer access the
> necessary field via reflection.
>
> Before we try to find new clever or stupid workarounds we may as well
> ask for advice on how to do it properly.
>
> This is our use-case: The user wants to execute Ant's<xslt>-Task from
> within Eclipse which has installed a SecurityManager and the transform
> requires an extension. How can we make this work?
>
> Cheers
>
> Stefan
More information about the core-libs-dev
mailing list