Skip to Main Content

Java HotSpot Virtual Machine

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Can the _JAVA_VERSION_SET environment variable be set to any value that is not null?

user-jfuf9Apr 18 2023

The value of _JAVA_VERSION_SET is given to main_class, but it will be ignored。

Get the application's main class. * * See bugid 5030265.

The Main-Class name has already been parsed

* from the manifest, but not parsed properly for UTF-8 support.

* Hence the code here ignores the value previously extracted and

* uses the pre-existing code to reextract the value. This is

* possibly an end of release cycle expedient. However, it has * also been discovered that passing some character sets through the environment has "strange" behavior on some variants of

* Windows. Hence, maybe the manifest parsing code local to the

* launcher should never be enhanced.

* * Hence, future work should either:

* 1) Correct the local parsing code and verify that the * Main-Class attribute gets properly passed through * all environments,

* 2) Remove the vestages of maintaining main_class through * the environment (and remove these comments).

SelectVersion(int argc, char **argv, char **main_class){

if ((env_in = getenv(ENV_ENTRY)) != NULL) {
if (*env_in != '\0')
*main_class = JLI_StringDup(env_in);
return;
}

…………

}

So the _JAVA_VERSION_SET environment variable can be set to any non-empty value to avoid reading MANIFEST.MF twice, right?The bug description also says that the main_class will be removed in the future, but why hasn't it been removed yet?Obviously main_class doesn't make sense anymore._JAVA_VERSION_SET has very little meaning anymore, doesn't it?

Comments

thatJeffSmith-Oracle Feb 13 2025

Your ENTRA users will get authenticated via JSON Web Tokens, and their Entra roles will determine which ORDS REST APIs they can hit.

When they hit an endpoint, it'll execute code in the database as the database user that owns the schema where the REST API is defined, not as Entra defiend end user. In fact, the Entra users won't have accounts in the database (they could, but wont' need to).

The :current_user field as far as ords is concerned would be the corresponding oauth2 client or JWT issued for the authorizied session.

Your prehook should be able to alter the session to set the context that would put your RLS/VPD security policy in play.

1 - 1

Post Details

Added on Apr 18 2023
0 comments
349 views