2

I am at my wits end!

  • I have a minimal install of Ubuntu Server 18.04 and OpenJDK 11 (headless).
  • Downloaded, to a local folder are the java 9+ binaries for Derby (db-derby-10.15.2.0-bin)

Path and Environment settings are all correct!

When I start the server startNetworkServer -h 0.0.0.0, I get an error when doing a simple connect using the ij command line tool

ij> connect 'jdbc:derby://localhost:1527/dbname;create=true';
ERROR XJ041: DERBY SQL error: ERRORCODE: 40000, SQLSTATE: XJ041, SQLERRMC: Failed to create database 'dbname', see the next exception for details.::SQLSTATE: XBM01::SQLSTATE: XJ001

The derby.log file makes reference to:

java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.SOURCE_DATE_EPOCH")

Looking further into this error, I learned that I somehow need a security.profile. I found this website that seemed to be the answers to my problems. https://www.javacodegeeks.com/2020/04/apache-derby-database-jvm-security-policy.html

Following these pretty straight-forward instructions, I get:

java.security.AccessControlException: access denied
org.apache.derby.shared.common.security.SystemPermission( "engine", "usederbyinternals" )
Community
  • 1
  • 1
Jeff M Palmer
  • 29
  • 1
  • 7
  • I'm not sure I understand what your precise question is, but since you seem to be struggling with how to configure the Java security manager for your Derby Network Server, try starting here: http://db.apache.org/derby/docs/10.15/security/csecjavasecurity.html – Bryan Pendleton May 09 '20 at 02:06
  • If I put the following as my server.policy it works. grant { permission java.security.AllPermission "", ""; }; – Jeff M Palmer May 11 '20 at 22:59

2 Answers2

2

For the next person who has this strange problem (it seems to happen with some regularity, here's a simple workaround, copied from this FAQ page at Chalmers Institute of Technology:

Q: When we try to create a database in Derby and the database explorer in NetBeans, we get one or more of the following error(s):

An error occurred while creating the database: java.sql.NonTransientConnectionException: DERBY SQL error: ERRORCODE: 40000, SQLSTATE: XJ041, SQLERRMC: ...

Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.SOURCE_DATE_EPOCH")

A: This is some kind of missconfiguration in the JVM with a very aggressive security policy that doesn't allow applications to fetch the time on the system (since epoch). The solution is to edit ~/.java.policy or [java.home]/lib/security/java.policy and add the following:

grant { permission java.lang.RuntimePermission "getenv.SOURCE_DATE_EPOCH", "read"; };

If you are on Windows you can read about where this policy file is supposed to be located here; https://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html

Bryan Pendleton
  • 16,128
  • 3
  • 32
  • 56
0

Apache-Derby is a database management system prepared for a multi-user environment, therefore, when you execute the startNetworkServer -h 0.0.0.0 instruction, you are telling it by default to take certain security into account, and that is why it does not let you do an insecure connection such as ij> connect 'jdbc:derby://172.16.17.31:1527/BBDD_server;create=true';

because you are connecting without specifying username and password, so you should either connect by specifying username + password, or start the server without any security:

startNetworkServer -h 0.0.0.0 -noSecurityManager

More help: https://db.apache.org/derby/docs/10.4/adminguide/tadminnetservopen.html

https://db.apache.org/derby/docs/10.4/adminguide/tadminnetservbasic.html

Eric Aya
  • 69,473
  • 35
  • 181
  • 253
Fernando G
  • 1
  • 1