Home » Modeling » EMF » EObjects validation and security problem
| EObjects validation and security problem [message #426764] |
Tue, 20 January 2009 08:46  |
Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
Hi all !
I'm facing a problem with the validation framework.
I have a model described in a .ecore file, and i create eobject using
this model. Now i want to check that my eobjects are valid (mandatory
features have a value, for example).
I try using the validation framework as i saw in the eclipse help
tutorials (IBatchValidator.validate(EList<EObject>)), but when i try to
run my test, i get an exception :
java.lang.SecurityException: class
"org.eclipse.core.runtime.CoreException"'s signer information does not
match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
...
I'm quite confused about this, and i'd like to know if there is
something i forgot (or did wrong), or if there is a way to disable the
checkCert mechanism.
For your information, here is my calling code :
IBatchValidator validator =
ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
IStatus validationResult = validator.validate(eObjects);
if (!validationResult.isOK()) {
throw new nvalidEObjectException(validationResult.getMessage());
}
Thanks for your help !
Frédéric Esnault
|
|
|
| Re: EObjects validation and security problem [message #426773 is a reply to message #426764] |
Tue, 20 January 2009 11:26  |
 Ed Merks
Messages: 33142
Registered: July 2009 |
Senior Member |
|
|
Frédéric,
Comments below.
Frédéric Esnault wrote:
> Hi all !
>
> I'm facing a problem with the validation framework.
> I have a model described in a .ecore file, and i create eobject using
> this model. Now i want to check that my eobjects are valid (mandatory
> features have a value, for example).
>
> I try using the validation framework as i saw in the eclipse help
> tutorials (IBatchValidator.validate(EList<EObject>)), but when i try
> to run my test, i get an exception :
> java.lang.SecurityException: class
> "org.eclipse.core.runtime.CoreException"'s signer information does not
> match signer information of other classes in the same package
> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
I don't know how all this signing stuff works...
> ...
>
> I'm quite confused about this, and i'd like to know if there is
> something i forgot (or did wrong), or if there is a way to disable the
> checkCert mechanism.
> For your information, here is my calling code :
>
> IBatchValidator validator =
> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
> IStatus validationResult = validator.validate(eObjects);
> if (!validationResult.isOK()) {
> throw new nvalidEObjectException(validationResult.getMessage());
> }
Based on the message, I get the impression that you might have use an
Eclipse package name within your own plugin. What's the name of the
class you're trying to load at this point?
>
>
> Thanks for your help !
> Frédéric Esnault
Ed Merks
Professional Support: https://www.macromodeling.com/
|
|
|
| Re: EObjects validation and security problem [message #426778 is a reply to message #426773] |
Tue, 20 January 2009 12:04 |
| Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
Hi Ed and thanks for the answer.
First of all, i don't know either how this signing stuff works and i was
not trying to use it anyway. After a short debugging, i got the
following information :
* error occurs when this line is executed:
IBatchValidator validator =
ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
* error occurs when the checkCerts method compares the certificates
(don't ask me why it uses certs) of the different packages. Here the
package which has no valid certificate is org.eclipse.core.runtime.
* The class it is attempting to load at this point is
org.eclipse.core.runtime.IStatus, the return value of the
IValidator.validate() method. But the class appearing in the exception
message is CoreException.
So basically, you're right, i'm using an eclipse package here, but i
didn't ask for it. It is referenced by the IValidator as the return
value type.
Am I using a wrong validator, or in a wrong way? Is there a way to
remove this dependency? And anyway why is it creating a security problem ?
Thanks again !
Frédéric Esnault
Ed Merks a écrit :
> Frédéric,
>
> Comments below.
>
>
> Frédéric Esnault wrote:
>> Hi all !
>>
>> I'm facing a problem with the validation framework.
>> I have a model described in a .ecore file, and i create eobject using
>> this model. Now i want to check that my eobjects are valid (mandatory
>> features have a value, for example).
>>
>> I try using the validation framework as i saw in the eclipse help
>> tutorials (IBatchValidator.validate(EList<EObject>)), but when i try
>> to run my test, i get an exception :
>> java.lang.SecurityException: class
>> "org.eclipse.core.runtime.CoreException"'s signer information does not
>> match signer information of other classes in the same package
>> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
> I don't know how all this signing stuff works...
>> ...
>>
>> I'm quite confused about this, and i'd like to know if there is
>> something i forgot (or did wrong), or if there is a way to disable the
>> checkCert mechanism.
>> For your information, here is my calling code :
>>
>> IBatchValidator validator =
>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>> IStatus validationResult = validator.validate(eObjects);
>> if (!validationResult.isOK()) {
>> throw new nvalidEObjectException(validationResult.getMessage());
>> }
> Based on the message, I get the impression that you might have use an
> Eclipse package name within your own plugin. What's the name of the
> class you're trying to load at this point?
>>
>>
>> Thanks for your help !
>> Frédéric Esnault
|
|
|
| Re: EObjects validation and security problem [message #426781 is a reply to message #426778] |
Tue, 20 January 2009 12:24 |
Ed Merks
Messages: 33142
Registered: July 2009 |
Senior Member |
|
|
Frédéric,
Comments below.
Frédéric Esnault wrote:
> Hi Ed and thanks for the answer.
>
> First of all, i don't know either how this signing stuff works and i
> was not trying to use it anyway.
The Eclipse jars are signed though.
> After a short debugging, i got the following information :
>
> * error occurs when this line is executed:
> IBatchValidator validator =
> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
Reading the extension points I imagine.
>
> * error occurs when the checkCerts method compares the certificates
> (don't ask me why it uses certs) of the different packages. Here the
> package which has no valid certificate is org.eclipse.core.runtime.
That definitely should be properly signed. Maybe someone has tampered
with your installed jars...
>
> * The class it is attempting to load at this point is
> org.eclipse.core.runtime.IStatus, the return value of the
> IValidator.validate() method. But the class appearing in the exception
> message is CoreException.
>
> So basically, you're right, i'm using an eclipse package here, but i
> didn't ask for it. It is referenced by the IValidator as the return
> value type.
I'm a bit doubtful that the problem doesn't lie in some instance class
name you've specified in your contributions to the validator's extension
points...
>
> Am I using a wrong validator, or in a wrong way? Is there a way to
> remove this dependency? And anyway why is it creating a security
> problem ?
My guess would still be that when creating your own example, you've
decided to use org.eclipse.* as the name of the packages you've created...
>
> Thanks again !
> Frédéric Esnault
>
> Ed Merks a écrit :
>> Frédéric,
>>
>> Comments below.
>>
>>
>> Frédéric Esnault wrote:
>>> Hi all !
>>>
>>> I'm facing a problem with the validation framework.
>>> I have a model described in a .ecore file, and i create eobject
>>> using this model. Now i want to check that my eobjects are valid
>>> (mandatory features have a value, for example).
>>>
>>> I try using the validation framework as i saw in the eclipse help
>>> tutorials (IBatchValidator.validate(EList<EObject>)), but when i try
>>> to run my test, i get an exception :
>>> java.lang.SecurityException: class
>>> "org.eclipse.core.runtime.CoreException"'s signer information does
>>> not match signer information of other classes in the same package
>>> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
>> I don't know how all this signing stuff works...
>>> ...
>>>
>>> I'm quite confused about this, and i'd like to know if there is
>>> something i forgot (or did wrong), or if there is a way to disable
>>> the checkCert mechanism.
>>> For your information, here is my calling code :
>>>
>>> IBatchValidator validator =
>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>
>>> IStatus validationResult = validator.validate(eObjects);
>>> if (!validationResult.isOK()) {
>>> throw new nvalidEObjectException(validationResult.getMessage());
>>> }
>> Based on the message, I get the impression that you might have use an
>> Eclipse package name within your own plugin. What's the name of the
>> class you're trying to load at this point?
>>>
>>>
>>> Thanks for your help !
>>> Frédéric Esnault
Ed Merks
Professional Support: https://www.macromodeling.com/
|
|
|
| Re: EObjects validation and security problem [message #426782 is a reply to message #426781] |
Tue, 20 January 2009 13:06 |
| Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
I didn't create/extend any extension point of the validation framework.
Basically all i have is a personalized Resource and ResourceSet, but
that's all. And all our packages names begins with com.legisway. There
is no package of ours beginning with org.eclipse.
Your comment about someone messing around our jars is not possible, but
pointed me in the direction of the eclipse jars.
We are using Maven to handle our dependencies (and releases, jar
repositories,...) and i just added two dependencies yesterday when
preparing the validation process. Here they are :
<dependency>
<groupId>org.eclipse.emf</groupId>
<artifactId>ecore-change</artifactId>
<version>${emf.version}</version><!-- this var set to 2.4.1 -->
<scope>compile</scope>
</dependency>
<!-- The new dependencies below -->
<dependency>
<groupId>org.eclipse.emf</groupId>
<artifactId>validation</artifactId>
<version>1.2.0.v200807161729</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.eclipse.core</groupId>
<artifactId>runtime</artifactId>
<version>3.2.0-v20060603</version>
<scope>compile</scope>
</dependency>
I'm thinking maybe the runtime jar version is not correct or is not
compatible with the validation jar version, or both version do not fit
the 2.4.1 EMF version?
Frédéric Esnault
Ed Merks a écrit :
> Frédéric,
>
> Comments below.
>
>
> Frédéric Esnault wrote:
>> Hi Ed and thanks for the answer.
>>
>> First of all, i don't know either how this signing stuff works and i
>> was not trying to use it anyway.
> The Eclipse jars are signed though.
>> After a short debugging, i got the following information :
>>
>> * error occurs when this line is executed:
>> IBatchValidator validator =
>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
> Reading the extension points I imagine.
>>
>> * error occurs when the checkCerts method compares the certificates
>> (don't ask me why it uses certs) of the different packages. Here the
>> package which has no valid certificate is org.eclipse.core.runtime.
> That definitely should be properly signed. Maybe someone has tampered
> with your installed jars...
>>
>> * The class it is attempting to load at this point is
>> org.eclipse.core.runtime.IStatus, the return value of the
>> IValidator.validate() method. But the class appearing in the exception
>> message is CoreException.
>>
>> So basically, you're right, i'm using an eclipse package here, but i
>> didn't ask for it. It is referenced by the IValidator as the return
>> value type.
> I'm a bit doubtful that the problem doesn't lie in some instance class
> name you've specified in your contributions to the validator's extension
> points...
>>
>> Am I using a wrong validator, or in a wrong way? Is there a way to
>> remove this dependency? And anyway why is it creating a security
>> problem ?
> My guess would still be that when creating your own example, you've
> decided to use org.eclipse.* as the name of the packages you've created...
>>
>> Thanks again !
>> Frédéric Esnault
>>
>> Ed Merks a écrit :
>>> Frédéric,
>>>
>>> Comments below.
>>>
>>>
>>> Frédéric Esnault wrote:
>>>> Hi all !
>>>>
>>>> I'm facing a problem with the validation framework.
>>>> I have a model described in a .ecore file, and i create eobject
>>>> using this model. Now i want to check that my eobjects are valid
>>>> (mandatory features have a value, for example).
>>>>
>>>> I try using the validation framework as i saw in the eclipse help
>>>> tutorials (IBatchValidator.validate(EList<EObject>)), but when i try
>>>> to run my test, i get an exception :
>>>> java.lang.SecurityException: class
>>>> "org.eclipse.core.runtime.CoreException"'s signer information does
>>>> not match signer information of other classes in the same package
>>>> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
>>> I don't know how all this signing stuff works...
>>>> ...
>>>>
>>>> I'm quite confused about this, and i'd like to know if there is
>>>> something i forgot (or did wrong), or if there is a way to disable
>>>> the checkCert mechanism.
>>>> For your information, here is my calling code :
>>>>
>>>> IBatchValidator validator =
>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>
>>>> IStatus validationResult = validator.validate(eObjects);
>>>> if (!validationResult.isOK()) {
>>>> throw new nvalidEObjectException(validationResult.getMessage());
>>>> }
>>> Based on the message, I get the impression that you might have use an
>>> Eclipse package name within your own plugin. What's the name of the
>>> class you're trying to load at this point?
>>>>
>>>>
>>>> Thanks for your help !
>>>> Frédéric Esnault
|
|
|
| Re: EObjects validation and security problem [message #426785 is a reply to message #426782] |
Tue, 20 January 2009 15:11 |
Ed Merks
Messages: 33142
Registered: July 2009 |
Senior Member |
|
|
Frédéric
Comments below.
Frédéric Esnault wrote:
> I didn't create/extend any extension point of the validation framework.
> Basically all i have is a personalized Resource and ResourceSet, but
> that's all. And all our packages names begins with com.legisway. There
> is no package of ours beginning with org.eclipse.
>
> Your comment about someone messing around our jars is not possible,
> but pointed me in the direction of the eclipse jars.
>
> We are using Maven to handle our dependencies (and releases, jar
> repositories,...) and i just added two dependencies yesterday when
> preparing the validation process. Here they are :
>
> <dependency>
> <groupId>org.eclipse.emf</groupId>
> <artifactId>ecore-change</artifactId>
> <version>${emf.version}</version><!-- this var set to 2.4.1 -->
> <scope>compile</scope>
> </dependency>
> <!-- The new dependencies below -->
> <dependency>
> <groupId>org.eclipse.emf</groupId>
> <artifactId>validation</artifactId>
> <version>1.2.0.v200807161729</version>
> <scope>compile</scope>
> </dependency>
> <dependency>
> <groupId>org.eclipse.core</groupId>
> <artifactId>runtime</artifactId>
> <version>3.2.0-v20060603</version>
This sounds like perhaps an older version before we started signing.
I.e., probably you have an unsigned jar...
> <scope>compile</scope>
> </dependency>
>
> I'm thinking maybe the runtime jar version is not correct or is not
> compatible with the validation jar version, or both version do not fit
> the 2.4.1 EMF version?
Yes, I think that's it.
>
> Frédéric Esnault
> Ed Merks a écrit :
>> Frédéric,
>>
>> Comments below.
>>
>>
>> Frédéric Esnault wrote:
>>> Hi Ed and thanks for the answer.
>>>
>>> First of all, i don't know either how this signing stuff works and i
>>> was not trying to use it anyway.
>> The Eclipse jars are signed though.
>>> After a short debugging, i got the following information :
>>>
>>> * error occurs when this line is executed:
>>> IBatchValidator validator =
>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>
>> Reading the extension points I imagine.
>>>
>>> * error occurs when the checkCerts method compares the certificates
>>> (don't ask me why it uses certs) of the different packages. Here the
>>> package which has no valid certificate is org.eclipse.core.runtime.
>> That definitely should be properly signed. Maybe someone has
>> tampered with your installed jars...
>>>
>>> * The class it is attempting to load at this point is
>>> org.eclipse.core.runtime.IStatus, the return value of the
>>> IValidator.validate() method. But the class appearing in the
>>> exception message is CoreException.
>>>
>>> So basically, you're right, i'm using an eclipse package here, but i
>>> didn't ask for it. It is referenced by the IValidator as the return
>>> value type.
>> I'm a bit doubtful that the problem doesn't lie in some instance
>> class name you've specified in your contributions to the validator's
>> extension points...
>>>
>>> Am I using a wrong validator, or in a wrong way? Is there a way to
>>> remove this dependency? And anyway why is it creating a security
>>> problem ?
>> My guess would still be that when creating your own example, you've
>> decided to use org.eclipse.* as the name of the packages you've
>> created...
>>>
>>> Thanks again !
>>> Frédéric Esnault
>>>
>>> Ed Merks a écrit :
>>>> Frédéric,
>>>>
>>>> Comments below.
>>>>
>>>>
>>>> Frédéric Esnault wrote:
>>>>> Hi all !
>>>>>
>>>>> I'm facing a problem with the validation framework.
>>>>> I have a model described in a .ecore file, and i create eobject
>>>>> using this model. Now i want to check that my eobjects are valid
>>>>> (mandatory features have a value, for example).
>>>>>
>>>>> I try using the validation framework as i saw in the eclipse help
>>>>> tutorials (IBatchValidator.validate(EList<EObject>)), but when i
>>>>> try to run my test, i get an exception :
>>>>> java.lang.SecurityException: class
>>>>> "org.eclipse.core.runtime.CoreException"'s signer information does
>>>>> not match signer information of other classes in the same package
>>>>> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
>>>> I don't know how all this signing stuff works...
>>>>> ...
>>>>>
>>>>> I'm quite confused about this, and i'd like to know if there is
>>>>> something i forgot (or did wrong), or if there is a way to disable
>>>>> the checkCert mechanism.
>>>>> For your information, here is my calling code :
>>>>>
>>>>> IBatchValidator validator =
>>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>>
>>>>> IStatus validationResult = validator.validate(eObjects);
>>>>> if (!validationResult.isOK()) {
>>>>> throw new nvalidEObjectException(validationResult.getMessage());
>>>>> }
>>>> Based on the message, I get the impression that you might have use
>>>> an Eclipse package name within your own plugin. What's the name of
>>>> the class you're trying to load at this point?
>>>>>
>>>>>
>>>>> Thanks for your help !
>>>>> Frédéric Esnault
Ed Merks
Professional Support: https://www.macromodeling.com/
|
|
|
| Re: EObjects validation and security problem [message #426788 is a reply to message #426785] |
Tue, 20 January 2009 15:46 |
| Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
Well I changed my dependency to the latest version i could find
reference of (3.4.0.v20080512) but maven cannot find it in any
repository. So i deployed the jar i have in my ganymede install plugins
directory, and maven finds it in our local repository.
But it does not compile anymore, as the IStatus interface is not found.
I looked at the code of org.eclipse.core.runtime jar, which references
IStatus, but nowhere it defines it. Maven didn't download (nor complain
about) a linked reference.
Any idea about this ? Seems the IStatus still belongs to the same
package (according to ganymede javadoc on the eclipse website, but is
not present in the corresponding jar....) Help please.
Frédéric
Ed Merks a écrit :
> Frédéric
>
> Comments below.
>
> Frédéric Esnault wrote:
>> I didn't create/extend any extension point of the validation framework.
>> Basically all i have is a personalized Resource and ResourceSet, but
>> that's all. And all our packages names begins with com.legisway. There
>> is no package of ours beginning with org.eclipse.
>>
>> Your comment about someone messing around our jars is not possible,
>> but pointed me in the direction of the eclipse jars.
>>
>> We are using Maven to handle our dependencies (and releases, jar
>> repositories,...) and i just added two dependencies yesterday when
>> preparing the validation process. Here they are :
>>
>> <dependency>
>> <groupId>org.eclipse.emf</groupId>
>> <artifactId>ecore-change</artifactId>
>> <version>${emf.version}</version><!-- this var set to 2.4.1 -->
>> <scope>compile</scope>
>> </dependency>
>> <!-- The new dependencies below -->
>> <dependency>
>> <groupId>org.eclipse.emf</groupId>
>> <artifactId>validation</artifactId>
>> <version>1.2.0.v200807161729</version>
>> <scope>compile</scope>
>> </dependency>
>> <dependency>
>> <groupId>org.eclipse.core</groupId>
>> <artifactId>runtime</artifactId>
>> <version>3.2.0-v20060603</version>
> This sounds like perhaps an older version before we started signing.
> I.e., probably you have an unsigned jar...
>> <scope>compile</scope>
>> </dependency>
>>
>> I'm thinking maybe the runtime jar version is not correct or is not
>> compatible with the validation jar version, or both version do not fit
>> the 2.4.1 EMF version?
> Yes, I think that's it.
>>
>> Frédéric Esnault
>> Ed Merks a écrit :
>>> Frédéric,
>>>
>>> Comments below.
>>>
>>>
>>> Frédéric Esnault wrote:
>>>> Hi Ed and thanks for the answer.
>>>>
>>>> First of all, i don't know either how this signing stuff works and i
>>>> was not trying to use it anyway.
>>> The Eclipse jars are signed though.
>>>> After a short debugging, i got the following information :
>>>>
>>>> * error occurs when this line is executed:
>>>> IBatchValidator validator =
>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>
>>> Reading the extension points I imagine.
>>>>
>>>> * error occurs when the checkCerts method compares the certificates
>>>> (don't ask me why it uses certs) of the different packages. Here the
>>>> package which has no valid certificate is org.eclipse.core.runtime.
>>> That definitely should be properly signed. Maybe someone has
>>> tampered with your installed jars...
>>>>
>>>> * The class it is attempting to load at this point is
>>>> org.eclipse.core.runtime.IStatus, the return value of the
>>>> IValidator.validate() method. But the class appearing in the
>>>> exception message is CoreException.
>>>>
>>>> So basically, you're right, i'm using an eclipse package here, but i
>>>> didn't ask for it. It is referenced by the IValidator as the return
>>>> value type.
>>> I'm a bit doubtful that the problem doesn't lie in some instance
>>> class name you've specified in your contributions to the validator's
>>> extension points...
>>>>
>>>> Am I using a wrong validator, or in a wrong way? Is there a way to
>>>> remove this dependency? And anyway why is it creating a security
>>>> problem ?
>>> My guess would still be that when creating your own example, you've
>>> decided to use org.eclipse.* as the name of the packages you've
>>> created...
>>>>
>>>> Thanks again !
>>>> Frédéric Esnault
>>>>
>>>> Ed Merks a écrit :
>>>>> Frédéric,
>>>>>
>>>>> Comments below.
>>>>>
>>>>>
>>>>> Frédéric Esnault wrote:
>>>>>> Hi all !
>>>>>>
>>>>>> I'm facing a problem with the validation framework.
>>>>>> I have a model described in a .ecore file, and i create eobject
>>>>>> using this model. Now i want to check that my eobjects are valid
>>>>>> (mandatory features have a value, for example).
>>>>>>
>>>>>> I try using the validation framework as i saw in the eclipse help
>>>>>> tutorials (IBatchValidator.validate(EList<EObject>)), but when i
>>>>>> try to run my test, i get an exception :
>>>>>> java.lang.SecurityException: class
>>>>>> "org.eclipse.core.runtime.CoreException"'s signer information does
>>>>>> not match signer information of other classes in the same package
>>>>>> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
>>>>> I don't know how all this signing stuff works...
>>>>>> ...
>>>>>>
>>>>>> I'm quite confused about this, and i'd like to know if there is
>>>>>> something i forgot (or did wrong), or if there is a way to disable
>>>>>> the checkCert mechanism.
>>>>>> For your information, here is my calling code :
>>>>>>
>>>>>> IBatchValidator validator =
>>>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>>>
>>>>>> IStatus validationResult = validator.validate(eObjects);
>>>>>> if (!validationResult.isOK()) {
>>>>>> throw new nvalidEObjectException(validationResult.getMessage());
>>>>>> }
>>>>> Based on the message, I get the impression that you might have use
>>>>> an Eclipse package name within your own plugin. What's the name of
>>>>> the class you're trying to load at this point?
>>>>>>
>>>>>>
>>>>>> Thanks for your help !
>>>>>> Frédéric Esnault
|
|
|
| Re: EObjects validation and security problem [message #426789 is a reply to message #426788] |
Tue, 20 January 2009 15:50 |
Ed Merks
Messages: 33142
Registered: July 2009 |
Senior Member |
|
|
Frédéric,
IStatus should be were it's always been. Eclipse doesn't break it's APIs...
Frédéric Esnault wrote:
> Well I changed my dependency to the latest version i could find
> reference of (3.4.0.v20080512) but maven cannot find it in any
> repository. So i deployed the jar i have in my ganymede install
> plugins directory, and maven finds it in our local repository.
>
> But it does not compile anymore, as the IStatus interface is not found.
> I looked at the code of org.eclipse.core.runtime jar, which references
> IStatus, but nowhere it defines it. Maven didn't download (nor
> complain about) a linked reference.
>
> Any idea about this ? Seems the IStatus still belongs to the same
> package (according to ganymede javadoc on the eclipse website, but is
> not present in the corresponding jar....) Help please.
>
> Frédéric
>
> Ed Merks a écrit :
>> Frédéric
>>
>> Comments below.
>>
>> Frédéric Esnault wrote:
>>> I didn't create/extend any extension point of the validation framework.
>>> Basically all i have is a personalized Resource and ResourceSet, but
>>> that's all. And all our packages names begins with com.legisway.
>>> There is no package of ours beginning with org.eclipse.
>>>
>>> Your comment about someone messing around our jars is not possible,
>>> but pointed me in the direction of the eclipse jars.
>>>
>>> We are using Maven to handle our dependencies (and releases, jar
>>> repositories,...) and i just added two dependencies yesterday when
>>> preparing the validation process. Here they are :
>>>
>>> <dependency>
>>> <groupId>org.eclipse.emf</groupId>
>>> <artifactId>ecore-change</artifactId>
>>> <version>${emf.version}</version><!-- this var set to 2.4.1 -->
>>> <scope>compile</scope>
>>> </dependency>
>>> <!-- The new dependencies below -->
>>> <dependency>
>>> <groupId>org.eclipse.emf</groupId>
>>> <artifactId>validation</artifactId>
>>> <version>1.2.0.v200807161729</version>
>>> <scope>compile</scope>
>>> </dependency>
>>> <dependency>
>>> <groupId>org.eclipse.core</groupId>
>>> <artifactId>runtime</artifactId>
>>> <version>3.2.0-v20060603</version>
>> This sounds like perhaps an older version before we started signing.
>> I.e., probably you have an unsigned jar...
>>> <scope>compile</scope>
>>> </dependency>
>>>
>>> I'm thinking maybe the runtime jar version is not correct or is not
>>> compatible with the validation jar version, or both version do not
>>> fit the 2.4.1 EMF version?
>> Yes, I think that's it.
>>>
>>> Frédéric Esnault
>>> Ed Merks a écrit :
>>>> Frédéric,
>>>>
>>>> Comments below.
>>>>
>>>>
>>>> Frédéric Esnault wrote:
>>>>> Hi Ed and thanks for the answer.
>>>>>
>>>>> First of all, i don't know either how this signing stuff works and
>>>>> i was not trying to use it anyway.
>>>> The Eclipse jars are signed though.
>>>>> After a short debugging, i got the following information :
>>>>>
>>>>> * error occurs when this line is executed:
>>>>> IBatchValidator validator =
>>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>>
>>>> Reading the extension points I imagine.
>>>>>
>>>>> * error occurs when the checkCerts method compares the
>>>>> certificates (don't ask me why it uses certs) of the different
>>>>> packages. Here the package which has no valid certificate is
>>>>> org.eclipse.core.runtime.
>>>> That definitely should be properly signed. Maybe someone has
>>>> tampered with your installed jars...
>>>>>
>>>>> * The class it is attempting to load at this point is
>>>>> org.eclipse.core.runtime.IStatus, the return value of the
>>>>> IValidator.validate() method. But the class appearing in the
>>>>> exception message is CoreException.
>>>>>
>>>>> So basically, you're right, i'm using an eclipse package here, but
>>>>> i didn't ask for it. It is referenced by the IValidator as the
>>>>> return value type.
>>>> I'm a bit doubtful that the problem doesn't lie in some instance
>>>> class name you've specified in your contributions to the
>>>> validator's extension points...
>>>>>
>>>>> Am I using a wrong validator, or in a wrong way? Is there a way to
>>>>> remove this dependency? And anyway why is it creating a security
>>>>> problem ?
>>>> My guess would still be that when creating your own example, you've
>>>> decided to use org.eclipse.* as the name of the packages you've
>>>> created...
>>>>>
>>>>> Thanks again !
>>>>> Frédéric Esnault
>>>>>
>>>>> Ed Merks a écrit :
>>>>>> Frédéric,
>>>>>>
>>>>>> Comments below.
>>>>>>
>>>>>>
>>>>>> Frédéric Esnault wrote:
>>>>>>> Hi all !
>>>>>>>
>>>>>>> I'm facing a problem with the validation framework.
>>>>>>> I have a model described in a .ecore file, and i create eobject
>>>>>>> using this model. Now i want to check that my eobjects are valid
>>>>>>> (mandatory features have a value, for example).
>>>>>>>
>>>>>>> I try using the validation framework as i saw in the eclipse
>>>>>>> help tutorials (IBatchValidator.validate(EList<EObject>)), but
>>>>>>> when i try to run my test, i get an exception :
>>>>>>> java.lang.SecurityException: class
>>>>>>> "org.eclipse.core.runtime.CoreException"'s signer information
>>>>>>> does not match signer information of other classes in the same
>>>>>>> package
>>>>>>> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
>>>>>> I don't know how all this signing stuff works...
>>>>>>> ...
>>>>>>>
>>>>>>> I'm quite confused about this, and i'd like to know if there is
>>>>>>> something i forgot (or did wrong), or if there is a way to
>>>>>>> disable the checkCert mechanism.
>>>>>>> For your information, here is my calling code :
>>>>>>>
>>>>>>> IBatchValidator validator =
>>>>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>>>>
>>>>>>> IStatus validationResult = validator.validate(eObjects);
>>>>>>> if (!validationResult.isOK()) {
>>>>>>> throw new
>>>>>>> nvalidEObjectException(validationResult.getMessage());
>>>>>>> }
>>>>>> Based on the message, I get the impression that you might have
>>>>>> use an Eclipse package name within your own plugin. What's the
>>>>>> name of the class you're trying to load at this point?
>>>>>>>
>>>>>>>
>>>>>>> Thanks for your help !
>>>>>>> Frédéric Esnault
Ed Merks
Professional Support: https://www.macromodeling.com/
|
|
|
| Re: EObjects validation and security problem [message #426793 is a reply to message #426789] |
Tue, 20 January 2009 16:07 |
| Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
It's not.
I checked two jars, the one in my Java Ganymede install and the other in
my J2EE ganymede install. None of the
org.eclipse.core.runtime_3.4.0.v20080512.jar contains the IStatus interface.
Ed Merks a écrit :
> Frédéric,
>
> IStatus should be were it's always been. Eclipse doesn't break it's
> APIs...
>
>
> Frédéric Esnault wrote:
>> Well I changed my dependency to the latest version i could find
>> reference of (3.4.0.v20080512) but maven cannot find it in any
>> repository. So i deployed the jar i have in my ganymede install
>> plugins directory, and maven finds it in our local repository.
>>
>> But it does not compile anymore, as the IStatus interface is not found.
>> I looked at the code of org.eclipse.core.runtime jar, which references
>> IStatus, but nowhere it defines it. Maven didn't download (nor
>> complain about) a linked reference.
>>
>> Any idea about this ? Seems the IStatus still belongs to the same
>> package (according to ganymede javadoc on the eclipse website, but is
>> not present in the corresponding jar....) Help please.
>>
>> Frédéric
>>
>> Ed Merks a écrit :
>>> Frédéric
>>>
>>> Comments below.
>>>
>>> Frédéric Esnault wrote:
>>>> I didn't create/extend any extension point of the validation framework.
>>>> Basically all i have is a personalized Resource and ResourceSet, but
>>>> that's all. And all our packages names begins with com.legisway.
>>>> There is no package of ours beginning with org.eclipse.
>>>>
>>>> Your comment about someone messing around our jars is not possible,
>>>> but pointed me in the direction of the eclipse jars.
>>>>
>>>> We are using Maven to handle our dependencies (and releases, jar
>>>> repositories,...) and i just added two dependencies yesterday when
>>>> preparing the validation process. Here they are :
>>>>
>>>> <dependency>
>>>> <groupId>org.eclipse.emf</groupId>
>>>> <artifactId>ecore-change</artifactId>
>>>> <version>${emf.version}</version><!-- this var set to 2.4.1 -->
>>>> <scope>compile</scope>
>>>> </dependency>
>>>> <!-- The new dependencies below -->
>>>> <dependency>
>>>> <groupId>org.eclipse.emf</groupId>
>>>> <artifactId>validation</artifactId>
>>>> <version>1.2.0.v200807161729</version>
>>>> <scope>compile</scope>
>>>> </dependency>
>>>> <dependency>
>>>> <groupId>org.eclipse.core</groupId>
>>>> <artifactId>runtime</artifactId>
>>>> <version>3.2.0-v20060603</version>
>>> This sounds like perhaps an older version before we started signing.
>>> I.e., probably you have an unsigned jar...
>>>> <scope>compile</scope>
>>>> </dependency>
>>>>
>>>> I'm thinking maybe the runtime jar version is not correct or is not
>>>> compatible with the validation jar version, or both version do not
>>>> fit the 2.4.1 EMF version?
>>> Yes, I think that's it.
>>>>
>>>> Frédéric Esnault
>>>> Ed Merks a écrit :
>>>>> Frédéric,
>>>>>
>>>>> Comments below.
>>>>>
>>>>>
>>>>> Frédéric Esnault wrote:
>>>>>> Hi Ed and thanks for the answer.
>>>>>>
>>>>>> First of all, i don't know either how this signing stuff works and
>>>>>> i was not trying to use it anyway.
>>>>> The Eclipse jars are signed though.
>>>>>> After a short debugging, i got the following information :
>>>>>>
>>>>>> * error occurs when this line is executed:
>>>>>> IBatchValidator validator =
>>>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>>>
>>>>> Reading the extension points I imagine.
>>>>>>
>>>>>> * error occurs when the checkCerts method compares the
>>>>>> certificates (don't ask me why it uses certs) of the different
>>>>>> packages. Here the package which has no valid certificate is
>>>>>> org.eclipse.core.runtime.
>>>>> That definitely should be properly signed. Maybe someone has
>>>>> tampered with your installed jars...
>>>>>>
>>>>>> * The class it is attempting to load at this point is
>>>>>> org.eclipse.core.runtime.IStatus, the return value of the
>>>>>> IValidator.validate() method. But the class appearing in the
>>>>>> exception message is CoreException.
>>>>>>
>>>>>> So basically, you're right, i'm using an eclipse package here, but
>>>>>> i didn't ask for it. It is referenced by the IValidator as the
>>>>>> return value type.
>>>>> I'm a bit doubtful that the problem doesn't lie in some instance
>>>>> class name you've specified in your contributions to the
>>>>> validator's extension points...
>>>>>>
>>>>>> Am I using a wrong validator, or in a wrong way? Is there a way to
>>>>>> remove this dependency? And anyway why is it creating a security
>>>>>> problem ?
>>>>> My guess would still be that when creating your own example, you've
>>>>> decided to use org.eclipse.* as the name of the packages you've
>>>>> created...
>>>>>>
>>>>>> Thanks again !
>>>>>> Frédéric Esnault
>>>>>>
>>>>>> Ed Merks a écrit :
>>>>>>> Frédéric,
>>>>>>>
>>>>>>> Comments below.
>>>>>>>
>>>>>>>
>>>>>>> Frédéric Esnault wrote:
>>>>>>>> Hi all !
>>>>>>>>
>>>>>>>> I'm facing a problem with the validation framework.
>>>>>>>> I have a model described in a .ecore file, and i create eobject
>>>>>>>> using this model. Now i want to check that my eobjects are valid
>>>>>>>> (mandatory features have a value, for example).
>>>>>>>>
>>>>>>>> I try using the validation framework as i saw in the eclipse
>>>>>>>> help tutorials (IBatchValidator.validate(EList<EObject>)), but
>>>>>>>> when i try to run my test, i get an exception :
>>>>>>>> java.lang.SecurityException: class
>>>>>>>> "org.eclipse.core.runtime.CoreException"'s signer information
>>>>>>>> does not match signer information of other classes in the same
>>>>>>>> package
>>>>>>>> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
>>>>>>> I don't know how all this signing stuff works...
>>>>>>>> ...
>>>>>>>>
>>>>>>>> I'm quite confused about this, and i'd like to know if there is
>>>>>>>> something i forgot (or did wrong), or if there is a way to
>>>>>>>> disable the checkCert mechanism.
>>>>>>>> For your information, here is my calling code :
>>>>>>>>
>>>>>>>> IBatchValidator validator =
>>>>>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>>>>>
>>>>>>>> IStatus validationResult = validator.validate(eObjects);
>>>>>>>> if (!validationResult.isOK()) {
>>>>>>>> throw new
>>>>>>>> nvalidEObjectException(validationResult.getMessage());
>>>>>>>> }
>>>>>>> Based on the message, I get the impression that you might have
>>>>>>> use an Eclipse package name within your own plugin. What's the
>>>>>>> name of the class you're trying to load at this point?
>>>>>>>>
>>>>>>>>
>>>>>>>> Thanks for your help !
>>>>>>>> Frédéric Esnault
|
|
|
| Re: EObjects validation and security problem [message #426794 is a reply to message #426793] |
Tue, 20 January 2009 16:12 |
Ed Merks
Messages: 33142
Registered: July 2009 |
Senior Member |
|
|
Frédéric,
Certainly jars are occasionally refactored, but generally when you're
building plugins you ought not to be affected by that. It's in
org.eclipse.equinox.common these days.
Frédéric Esnault wrote:
> It's not.
> I checked two jars, the one in my Java Ganymede install and the other
> in my J2EE ganymede install. None of the
> org.eclipse.core.runtime_3.4.0.v20080512.jar contains the IStatus
> interface.
>
> Ed Merks a écrit :
>> Frédéric,
>>
>> IStatus should be were it's always been. Eclipse doesn't break it's
>> APIs...
>>
>>
>> Frédéric Esnault wrote:
>>> Well I changed my dependency to the latest version i could find
>>> reference of (3.4.0.v20080512) but maven cannot find it in any
>>> repository. So i deployed the jar i have in my ganymede install
>>> plugins directory, and maven finds it in our local repository.
>>>
>>> But it does not compile anymore, as the IStatus interface is not found.
>>> I looked at the code of org.eclipse.core.runtime jar, which
>>> references IStatus, but nowhere it defines it. Maven didn't download
>>> (nor complain about) a linked reference.
>>>
>>> Any idea about this ? Seems the IStatus still belongs to the same
>>> package (according to ganymede javadoc on the eclipse website, but
>>> is not present in the corresponding jar....) Help please.
>>>
>>> Frédéric
>>>
>>> Ed Merks a écrit :
>>>> Frédéric
>>>>
>>>> Comments below.
>>>>
>>>> Frédéric Esnault wrote:
>>>>> I didn't create/extend any extension point of the validation
>>>>> framework.
>>>>> Basically all i have is a personalized Resource and ResourceSet,
>>>>> but that's all. And all our packages names begins with
>>>>> com.legisway. There is no package of ours beginning with org.eclipse.
>>>>>
>>>>> Your comment about someone messing around our jars is not
>>>>> possible, but pointed me in the direction of the eclipse jars.
>>>>>
>>>>> We are using Maven to handle our dependencies (and releases, jar
>>>>> repositories,...) and i just added two dependencies yesterday when
>>>>> preparing the validation process. Here they are :
>>>>>
>>>>> <dependency>
>>>>> <groupId>org.eclipse.emf</groupId>
>>>>> <artifactId>ecore-change</artifactId>
>>>>> <version>${emf.version}</version><!-- this var set to 2.4.1 -->
>>>>> <scope>compile</scope>
>>>>> </dependency>
>>>>> <!-- The new dependencies below -->
>>>>> <dependency>
>>>>> <groupId>org.eclipse.emf</groupId>
>>>>> <artifactId>validation</artifactId>
>>>>> <version>1.2.0.v200807161729</version>
>>>>> <scope>compile</scope>
>>>>> </dependency>
>>>>> <dependency>
>>>>> <groupId>org.eclipse.core</groupId>
>>>>> <artifactId>runtime</artifactId>
>>>>> <version>3.2.0-v20060603</version>
>>>> This sounds like perhaps an older version before we started
>>>> signing. I.e., probably you have an unsigned jar...
>>>>> <scope>compile</scope>
>>>>> </dependency>
>>>>>
>>>>> I'm thinking maybe the runtime jar version is not correct or is
>>>>> not compatible with the validation jar version, or both version do
>>>>> not fit the 2.4.1 EMF version?
>>>> Yes, I think that's it.
>>>>>
>>>>> Frédéric Esnault
>>>>> Ed Merks a écrit :
>>>>>> Frédéric,
>>>>>>
>>>>>> Comments below.
>>>>>>
>>>>>>
>>>>>> Frédéric Esnault wrote:
>>>>>>> Hi Ed and thanks for the answer.
>>>>>>>
>>>>>>> First of all, i don't know either how this signing stuff works
>>>>>>> and i was not trying to use it anyway.
>>>>>> The Eclipse jars are signed though.
>>>>>>> After a short debugging, i got the following information :
>>>>>>>
>>>>>>> * error occurs when this line is executed:
>>>>>>> IBatchValidator validator =
>>>>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>>>>
>>>>>> Reading the extension points I imagine.
>>>>>>>
>>>>>>> * error occurs when the checkCerts method compares the
>>>>>>> certificates (don't ask me why it uses certs) of the different
>>>>>>> packages. Here the package which has no valid certificate is
>>>>>>> org.eclipse.core.runtime.
>>>>>> That definitely should be properly signed. Maybe someone has
>>>>>> tampered with your installed jars...
>>>>>>>
>>>>>>> * The class it is attempting to load at this point is
>>>>>>> org.eclipse.core.runtime.IStatus, the return value of the
>>>>>>> IValidator.validate() method. But the class appearing in the
>>>>>>> exception message is CoreException.
>>>>>>>
>>>>>>> So basically, you're right, i'm using an eclipse package here,
>>>>>>> but i didn't ask for it. It is referenced by the IValidator as
>>>>>>> the return value type.
>>>>>> I'm a bit doubtful that the problem doesn't lie in some instance
>>>>>> class name you've specified in your contributions to the
>>>>>> validator's extension points...
>>>>>>>
>>>>>>> Am I using a wrong validator, or in a wrong way? Is there a way
>>>>>>> to remove this dependency? And anyway why is it creating a
>>>>>>> security problem ?
>>>>>> My guess would still be that when creating your own example,
>>>>>> you've decided to use org.eclipse.* as the name of the packages
>>>>>> you've created...
>>>>>>>
>>>>>>> Thanks again !
>>>>>>> Frédéric Esnault
>>>>>>>
>>>>>>> Ed Merks a écrit :
>>>>>>>> Frédéric,
>>>>>>>>
>>>>>>>> Comments below.
>>>>>>>>
>>>>>>>>
>>>>>>>> Frédéric Esnault wrote:
>>>>>>>>> Hi all !
>>>>>>>>>
>>>>>>>>> I'm facing a problem with the validation framework.
>>>>>>>>> I have a model described in a .ecore file, and i create
>>>>>>>>> eobject using this model. Now i want to check that my eobjects
>>>>>>>>> are valid (mandatory features have a value, for example).
>>>>>>>>>
>>>>>>>>> I try using the validation framework as i saw in the eclipse
>>>>>>>>> help tutorials (IBatchValidator.validate(EList<EObject>)), but
>>>>>>>>> when i try to run my test, i get an exception :
>>>>>>>>> java.lang.SecurityException: class
>>>>>>>>> "org.eclipse.core.runtime.CoreException"'s signer information
>>>>>>>>> does not match signer information of other classes in the same
>>>>>>>>> package
>>>>>>>>> at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
>>>>>>>> I don't know how all this signing stuff works...
>>>>>>>>> ...
>>>>>>>>>
>>>>>>>>> I'm quite confused about this, and i'd like to know if there
>>>>>>>>> is something i forgot (or did wrong), or if there is a way to
>>>>>>>>> disable the checkCert mechanism.
>>>>>>>>> For your information, here is my calling code :
>>>>>>>>>
>>>>>>>>> IBatchValidator validator =
>>>>>>>>> ModelValidationService.getInstance().newValidator(Evaluation Mode.BATCH);
>>>>>>>>>
>>>>>>>>> IStatus validationResult = validator.validate(eObjects);
>>>>>>>>> if (!validationResult.isOK()) {
>>>>>>>>> throw new
>>>>>>>>> nvalidEObjectException(validationResult.getMessage());
>>>>>>>>> }
>>>>>>>> Based on the message, I get the impression that you might have
>>>>>>>> use an Eclipse package name within your own plugin. What's the
>>>>>>>> name of the class you're trying to load at this point?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks for your help !
>>>>>>>>> Frédéric Esnault
Ed Merks
Professional Support: https://www.macromodeling.com/
|
|
|
| Re: EObjects validation and security problem [message #426803 is a reply to message #426794] |
Wed, 21 January 2009 08:01 |
| Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
Thanks Ed,
I added the dependency to the org.eclipse.equinox.common and i found my
IStatus interface. But problem now i have a NoClassDefFoundError at
runtime on the org.eclipse.core.runtime.Platform class. This class is in
the org.eclipse.core.runtime_3.4.0.v20080512.jar archive.
The thing i'm quite surprised of is that now the
org.eclipse.core.runtime package is split between the two packages :
* org.eclipse.core.runtime_3.4.0.v20080512.jar
* org.eclipse.equinox.common_3.4.0.v20080421-2006.jar
Is that the source of my problem? And why has this package been split
between those two jars ? In my opinion, the eclipse.core.runtime package
should have stayed in the eclipse.core.runtime package.
Frédéric Esnault
Ed Merks a écrit :
> Frédéric,
>
> Certainly jars are occasionally refactored, but generally when you're
> building plugins you ought not to be affected by that. It's in
> org.eclipse.equinox.common these days.
>
>
|
|
| |
| Re: EObjects validation and security problem [message #426812 is a reply to message #426810] |
Wed, 21 January 2009 12:00 |
| Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
Ok, is there a sample of a working validation code, out of eclipse
(simplest code possible validating an eobject against its ecore
definition) ? The eclipse help site does not provide such a code, but
only snippets.
Frédéric Esnault
Ed Merks a écrit :
> Frédéric,
>
> Comments below.
>
> Frédéric Esnault wrote:
>> Thanks Ed,
>>
>> I added the dependency to the org.eclipse.equinox.common and i found
>> my IStatus interface.
> You please a plugin dependency? You shouldn't need that if you have an
> org.eclipse.core.runtime dependency already.
>> But problem now i have a NoClassDefFoundError at runtime on the
>> org.eclipse.core.runtime.Platform class. This class is in the
>> org.eclipse.core.runtime_3.4.0.v20080512.jar archive.
>>
>> The thing i'm quite surprised of is that now the
>> org.eclipse.core.runtime package is split between the two packages :
>> * org.eclipse.core.runtime_3.4.0.v20080512.jar
>> * org.eclipse.equinox.common_3.4.0.v20080421-2006.jar
>>
>> Is that the source of my problem?
> If you have versions that have conflicts in the signatures, I suppose so.
>> And why has this package been split between those two jars ?
> It's not really an EMF question and I'm not really sure. I know folks
> have been refactoring over the years in order to produce a lighter
> OSGi-aligned runtime.
>> In my opinion, the eclipse.core.runtime package should have stayed in
>> the eclipse.core.runtime package.
> If I recall correctly, most of what's directly in the
> eclipse.core.runtime plugin is now deprecated in favor of newer mechanisms.
>>
>> Frédéric Esnault
>>
>> Ed Merks a écrit :
>>> Frédéric,
>>>
>>> Certainly jars are occasionally refactored, but generally when you're
>>> building plugins you ought not to be affected by that. It's in
>>> org.eclipse.equinox.common these days.
>>>
>>>
|
|
| |
| Re: EObjects validation and security problem [message #426817 is a reply to message #426813] |
Wed, 21 January 2009 14:02 |
| Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
Yes i had a look at these exemples, but they are all linked to eclipse
(plugin, ui, and so on). I'd like an example with just an ecore, an
eobject created and filled with info and a validation against the ecore
definition. Completely out of eclipse. Does such an example exist?
Ed Merks a écrit :
> Frédéric,
>
> Find an "Examples" download that matches your version if you don't
> already have these examples in the first place
> < http://www.eclipse.org/modeling/emf/downloads/?project=valid ation>
>
> http://www.eclipse.org/modeling/emf/downloads/?project=valid ation
>
>
> Frédéric Esnault wrote:
>> Ok, is there a sample of a working validation code, out of eclipse
>> (simplest code possible validating an eobject against its ecore
>> definition) ? The eclipse help site does not provide such a code, but
>> only snippets.
>>
>> Frédéric Esnault
>>
>> Ed Merks a écrit :
>>> Frédéric,
>>>
>>> Comments below.
>>>
>>> Frédéric Esnault wrote:
>>>> Thanks Ed,
>>>>
>>>> I added the dependency to the org.eclipse.equinox.common and i found
>>>> my IStatus interface.
>>> You please a plugin dependency? You shouldn't need that if you have
>>> an org.eclipse.core.runtime dependency already.
>>>> But problem now i have a NoClassDefFoundError at runtime on the
>>>> org.eclipse.core.runtime.Platform class. This class is in the
>>>> org.eclipse.core.runtime_3.4.0.v20080512.jar archive.
>>>>
>>>> The thing i'm quite surprised of is that now the
>>>> org.eclipse.core.runtime package is split between the two packages :
>>>> * org.eclipse.core.runtime_3.4.0.v20080512.jar
>>>> * org.eclipse.equinox.common_3.4.0.v20080421-2006.jar
>>>>
>>>> Is that the source of my problem?
>>> If you have versions that have conflicts in the signatures, I suppose
>>> so.
>>>> And why has this package been split between those two jars ?
>>> It's not really an EMF question and I'm not really sure. I know folks
>>> have been refactoring over the years in order to produce a lighter
>>> OSGi-aligned runtime.
>>>> In my opinion, the eclipse.core.runtime package should have stayed
>>>> in the eclipse.core.runtime package.
>>> If I recall correctly, most of what's directly in the
>>> eclipse.core.runtime plugin is now deprecated in favor of newer
>>> mechanisms.
>>>>
>>>> Frédéric Esnault
>>>>
>>>> Ed Merks a écrit :
>>>>> Frédéric,
>>>>>
>>>>> Certainly jars are occasionally refactored, but generally when
>>>>> you're building plugins you ought not to be affected by that. It's
>>>>> in org.eclipse.equinox.common these days.
>>>>>
>>>>>
|
|
| |
| Re: EObjects validation and security problem [message #426823 is a reply to message #426817] |
Wed, 21 January 2009 15:25 |
| Eclipse User |
|
|
|
Originally posted by: cdamus.zeligsoft.com
Hi, Frédéric,
The (extrinsic) EMF Validation Framework does not yet support deployment
without the Eclipse environment. I am having trouble finding the time
to work on that ...
The intrinsic validation framework to which Ed's last post directs you
will work without Eclipse, and even generates an example for you (I think).
Cheers,
Christian
Frédéric Esnault wrote:
> Yes i had a look at these exemples, but they are all linked to eclipse
> (plugin, ui, and so on). I'd like an example with just an ecore, an
> eobject created and filled with info and a validation against the ecore
> definition. Completely out of eclipse. Does such an example exist?
>
> Ed Merks a écrit :
>> Frédéric,
>>
>> Find an "Examples" download that matches your version if you don't
>> already have these examples in the first place
>> < http://www.eclipse.org/modeling/emf/downloads/?project=valid ation>
>>
>> http://www.eclipse.org/modeling/emf/downloads/?project=valid ation
>>
>>
>> Frédéric Esnault wrote:
>>> Ok, is there a sample of a working validation code, out of eclipse
>>> (simplest code possible validating an eobject against its ecore
>>> definition) ? The eclipse help site does not provide such a code, but
>>> only snippets.
>>>
>>> Frédéric Esnault
>>>
>>> Ed Merks a écrit :
>>>> Frédéric,
>>>>
>>>> Comments below.
>>>>
>>>> Frédéric Esnault wrote:
>>>>> Thanks Ed,
>>>>>
>>>>> I added the dependency to the org.eclipse.equinox.common and i
>>>>> found my IStatus interface.
>>>> You please a plugin dependency? You shouldn't need that if you have
>>>> an org.eclipse.core.runtime dependency already.
>>>>> But problem now i have a NoClassDefFoundError at runtime on the
>>>>> org.eclipse.core.runtime.Platform class. This class is in the
>>>>> org.eclipse.core.runtime_3.4.0.v20080512.jar archive.
>>>>>
>>>>> The thing i'm quite surprised of is that now the
>>>>> org.eclipse.core.runtime package is split between the two packages :
>>>>> * org.eclipse.core.runtime_3.4.0.v20080512.jar
>>>>> * org.eclipse.equinox.common_3.4.0.v20080421-2006.jar
>>>>>
>>>>> Is that the source of my problem?
>>>> If you have versions that have conflicts in the signatures, I
>>>> suppose so.
>>>>> And why has this package been split between those two jars ?
>>>> It's not really an EMF question and I'm not really sure. I know
>>>> folks have been refactoring over the years in order to produce a
>>>> lighter OSGi-aligned runtime.
>>>>> In my opinion, the eclipse.core.runtime package should have stayed
>>>>> in the eclipse.core.runtime package.
>>>> If I recall correctly, most of what's directly in the
>>>> eclipse.core.runtime plugin is now deprecated in favor of newer
>>>> mechanisms.
>>>>>
>>>>> Frédéric Esnault
>>>>>
>>>>> Ed Merks a écrit :
>>>>>> Frédéric,
>>>>>>
>>>>>> Certainly jars are occasionally refactored, but generally when
>>>>>> you're building plugins you ought not to be affected by that.
>>>>>> It's in org.eclipse.equinox.common these days.
>>>>>>
>>>>>>
|
|
|
| Re: EObjects validation and security problem [message #426824 is a reply to message #426823] |
Wed, 21 January 2009 16:00 |
| Eclipse User |
|
|
|
Originally posted by: esnault.frederic.gmail.com
Thanks Ed and Christian,
I looked in the way of the EcoreValidator and found how to use it. I did
a small extra search to discover how to get the errors from the
validation (just got a valid = false, which is a bit short), so i gave a
BasicDiagnostic object to the validate method, which actually gave me
the error i was expected. Thanks !
And thanks Christian for the info about the validation framework being
tightly linked to Eclipse right now. But the EcoreValidator is enough
for my needs now.
If someone is interested about how i got my validation working, here is
my code :
boolean valid = false;
BasicDiagnostic diags = new BasicDiagnostic();
for (EObject object : eObjects) {
valid = EcoreValidator.INSTANCE.validate(object, diags, null);
// Do something with the validation result.
// Do something with the diagnostics
}
And i could safely remove the dependencies i had.
Thanks for your time and patience, Ed !
Frédéric Esnault
Christian W. Damus a écrit :
> Hi, Frédéric,
>
> The (extrinsic) EMF Validation Framework does not yet support deployment
> without the Eclipse environment. I am having trouble finding the time
> to work on that ...
>
> The intrinsic validation framework to which Ed's last post directs you
> will work without Eclipse, and even generates an example for you (I think).
>
> Cheers,
>
> Christian
>
> Frédéric Esnault wrote:
>> Yes i had a look at these exemples, but they are all linked to
>> eclipse (plugin, ui, and so on). I'd like an example with just an
>> ecore, an eobject created and filled with info and a validation
>> against the ecore definition. Completely out of eclipse. Does such an
>> example exist?
>>
>> Ed Merks a écrit :
>>> Frédéric,
>>>
>>> Find an "Examples" download that matches your version if you don't
>>> already have these examples in the first place
>>> < http://www.eclipse.org/modeling/emf/downloads/?project=valid ation>
>>>
>>> http://www.eclipse.org/modeling/emf/downloads/?project=valid ation
>>>
>>>
>>> Frédéric Esnault wrote:
>>>> Ok, is there a sample of a working validation code, out of eclipse
>>>> (simplest code possible validating an eobject against its ecore
>>>> definition) ? The eclipse help site does not provide such a code,
>>>> but only snippets.
>>>>
>>>> Frédéric Esnault
>>>>
>>>> Ed Merks a écrit :
>>>>> Frédéric,
>>>>>
>>>>> Comments below.
>>>>>
>>>>> Frédéric Esnault wrote:
>>>>>> Thanks Ed,
>>>>>>
>>>>>> I added the dependency to the org.eclipse.equinox.common and i
>>>>>> found my IStatus interface.
>>>>> You please a plugin dependency? You shouldn't need that if you
>>>>> have an org.eclipse.core.runtime dependency already.
>>>>>> But problem now i have a NoClassDefFoundError at runtime on the
>>>>>> org.eclipse.core.runtime.Platform class. This class is in the
>>>>>> org.eclipse.core.runtime_3.4.0.v20080512.jar archive.
>>>>>>
>>>>>> The thing i'm quite surprised of is that now the
>>>>>> org.eclipse.core.runtime package is split between the two packages :
>>>>>> * org.eclipse.core.runtime_3.4.0.v20080512.jar
>>>>>> * org.eclipse.equinox.common_3.4.0.v20080421-2006.jar
>>>>>>
>>>>>> Is that the source of my problem?
>>>>> If you have versions that have conflicts in the signatures, I
>>>>> suppose so.
>>>>>> And why has this package been split between those two jars ?
>>>>> It's not really an EMF question and I'm not really sure. I know
>>>>> folks have been refactoring over the years in order to produce a
>>>>> lighter OSGi-aligned runtime.
>>>>>> In my opinion, the eclipse.core.runtime package should have stayed
>>>>>> in the eclipse.core.runtime package.
>>>>> If I recall correctly, most of what's directly in the
>>>>> eclipse.core.runtime plugin is now deprecated in favor of newer
>>>>> mechanisms.
>>>>>>
>>>>>> Frédéric Esnault
>>>>>>
>>>>>> Ed Merks a écrit :
>>>>>>> Frédéric,
>>>>>>>
>>>>>>> Certainly jars are occasionally refactored, but generally when
>>>>>>> you're building plugins you ought not to be affected by that.
>>>>>>> It's in org.eclipse.equinox.common these days.
>>>>>>>
>>>>>>>
|
|
|
Goto Forum:
Current Time: Sat Apr 27 00:31:30 GMT 2024
Powered by FUDForum. Page generated in 0.04945 seconds |
] 
Search
Help
Register
Login
Home
